Security API for Java ME: secureXdata
Abstract
The usage of mobile phones, PDAs and other mobile communication devices in the context of health is an emerging part of eHealth. In 2010 the American National Institutes of Health defined mHealth as "The delivery of healthcare services via mobile communication devices". While the idea of using mobile devices as part of healthcare is not new, a recent increase in the mobile phone penetration rate in low-income countries makes mHealth a cost-effective way of providing better healthcare in areas of the world where this is much needed. This thesis focuses on security aspects of mobile data collection systems (MDCS), which are specialized mHealth systems that use mobile devices to collect data about the condition and trends of a country's health status, generally by filling out forms on a mobile device. Even though there are a number of MDCS in use today, most of these fail to systematically address the security and privacy concerns while handling private or personal information such as medical records. Building on existing work done by the mHealth Security Group at Department of Informatics, University in Bergen, the candidate in this thesis has extended an existing prototype implementation of a secure protocol into a comprehensive security API. The goal being to allow easy securing of new and existing Java ME based clients used by MDCS.