A Survey and an IoT Cybersecurity Recommendation for Public and Private Hospitals in Ecuador

Maximo Giovani Tanzado Espinoza, Joseline Roxana Neira Melendrez, Luis Antonio Neira Clemente
2020 Advances in Science, Technology and Engineering Systems  
It was analyzed the reference information on Cybersecurity architectures, models, standards, evaluations, mechanisms, and procedures applied to IoT domains, and public and private health area. The problem is the lack of proposals for IoT Cybersecurity in public and private hospitals to minimize random failures, ensure the privacy of personal data of patients, avoid the paralysis of the IoT medical network and minimize attacks on information assets. The objective is to perform a survey and an
more » ... Cybersecurity recommendation for public and private hospitals in Ecuador. The exploratory research was used to review references and specific analytical reasoning to end in a known scoop with a trusted solution. A survey of cybersecurity vs. competitiveness of hospitals in Ecuador resulted, a Model conceptual prototype of IoT Cybersecurity for a public or private hospital, an Architecture prototype of IoT Cybersecurity for a public or private hospital, and an Algorithm prototype of cybersecurity for IoT architecture. It was concluded that the cybersecurity standards applied to the design of IoT for a public or private hospital generates trust on information assets, preserves the confidentiality, integrity and availability of the information at the operational, tactical and strategic levels; the architecture prototype is between 59.38% and 99.71% of acceptable workload. This proposal is scalable and applicable to a public or private hospital regardless of the dimensions of areas, devices, floors, workers or other characteristics; the architecture only considers the hospital's own IoT devices and information; the devices of doctors or patients are not considered. (NERC); this standards made it easier to apply an audit. Cyberscurity includes the security of cyberspace and applies Confidentiality, Integrity and Availability to information assets, in addition to guaranteeing the privacy of the participants [4];; it is to protect the information assets to minimize the threats of the information processed, collected and transported by interconnected applications; is an element in information security [6] ; cybersecurity is established on convergence of computing, engineering, information systems, networks, human and political elements [7] .
doi:10.25046/aj050364 fatcat:usao3yirordojo7bnysjorzn3u