A4 Refereed article in a conference publication
A Proxy-Based Security Solution for Web-Based Online eHealth Services
Authors: Sampsa Rauti, Heidi Parisod, Minna Aromaa, Sanna Salanterä, Sami Hyrynsalmi, Janne Lahtiranta, Jouni Smed, Ville Leppänen
Editors: Kaija Saranto, Maaret Castrén, Tiina Kuusela, Sami Hyrynsalmi, Stina Ojala
Conference name: International Conference on Well-being in the Information Society
Publication year: 2014
Book title : Safe and Secure Cities. 5th International Conference on Well-Being in the Information Society, WIS 2014, Turku, Finland, August 18-20, 2014. Proceedings
Series title: Communications in Computer and Information Science
Number in series: 450
First page : 168
Last page: 176
ISBN: 978-3-319-10210-8
eISBN: 978-3-319-10211-5
ISSN: 1865-0929
DOI: https://doi.org/10.1007/978-3-319-10211-5_17(external)
This paper presents an idea of using a proxy-based security solution to protect web-based eHealth applications from client-side attacks. In today’s Internet, eHealth services face many challenges related to information security as the users display and input sensitive information using web applications. This information may be spied on or modified by a malicious adversary. By obfuscating the executable code of a web application and by continuously dynamically changing obfuscation, our solution makes it more difficult for a piece of malware to attack its target. We believe it would effectively mitigate automated client-side attacks.
This paper presents an idea of using a proxy-based security solution to protect web-based eHealth applications from client-side attacks. In today’s Internet, eHealth services face many challenges related to information security as the users display and input sensitive information using web applications. This information may be spied on or modified by a malicious adversary. By obfuscating the executable code of a web application and by continuously dynamically changing obfuscation, our solution makes it more difficult for a piece of malware to attack its target. We believe it would effectively mitigate automated client-side attacks.
