Ontology-Based Security Recommendation for the Internet of Medical Things

Abstract

Security and privacy are among the key barriers to adopting the Internet of Medical Things (IoMT) solutions. IoMT adopters have to adhere to security and privacy policies to ensure that patient data remains confidential and secure. However, there is confusion among IoMT stakeholders as to what security measures they should expect from the IoMT manufacturers and whether these measures would comply with the adopter's security and compliance requirements. In this paper, we present a recommendation tool that models IoMT concepts and security issues in addition to successively recommending security measures. The presented tool utilizes semantically enriched ontology to model the IoMT components, security issues, and measures. The developed ontology is equipped with context-aware rules to enable reasoning in order to build a recommendation system that empowers users to make well-educated decisions. The recommendation tool classifies IoMT security threats faced by IoMT stakeholders and automatically recommends security controls that have to be enforced for each threat. We have experimented the proposed tool with respect to the completeness and effectiveness of its output (i.e., security issues and recommended security measures). The results show that the tool was effectively able to recommend necessary security measures.