Computers in Human Behavior xxx (2014) xxx–xxx

Contents lists available at ScienceDirect

Computers in Human Behavior

journal homepage: www.elsevier.com/locate/comphumbeh

Human-oriented design of secure Machine-to-Machine communication

system for e-Healthcare society
Kashif Saleem a,⇑, Abdelouahid Derhab a, Jalal Al-Muhtadi b, Basit Shahzad b
a
King Saud University (KSU), Riyadh, Saudi Arabia
b
College of Computer and Information Sciences (CCIS), King Saud University (KSU), Riyadh, Saudi Arabia

a r t i c l e i n f o a b s t r a c t

Article history: In this paper, we propose a Machine to Machine (M2M) Low Cost and Secure (LCS) communication sys-
Available online xxxx tem for e-Healthcare society. The system is designed to take into consideration the psychological issues
related to all actors in the e-Healthcare society such as: stress due to high workload, anxiety, and lone-
Keywords: liness. The system is capable of performing most of the tasks in an autonomous and intelligent manner,
e-Healthcare which minimizes the workload of medical staffs, and consequently minimizes the associated psycholog-
Machine to Machine communication ical stress and improves the quality of patient care as well as the system performance. We show how the
Malicious
different actors in the e-Healthcare society can interact with each other in a secure manner. To
Psychological
Security
ensure data privacy, the mechanism involves intelligent authentication based on random distributive
Society key management, electronic certificate distribution, and modified realm Kerberos. The system handles
dynamic assignments of doctors to specific patients. It also addresses the need for patients to share their
health information with strangers while dealing with the privacy preservation issue. Finally, the simula-
tion type implementation is performed on Visual Basic .net 2013 that shows the success of the proposed
Low Cost and Secure (LCS) algorithm.
Ó 2014 Elsevier Ltd. All rights reserved.

1. Introduction
Providing a high quality patient care has always been a concern
for healthcare community. There are many factors, which contrib-
ute to the high cost and low-quality of support offered to patients.
Nursing facilities that assist patients through caregiver intervention
and monitoring of the patient’s health are costly. In addition, it rep-
resents a burden on caregiver who is unable to ensure continuous
monitoring of the patient, which incurs low quality of care offered
to the patients.
The appearance of e-Healthcare systems has contributed in
improving the quality of patient care and reducing the healthcare
costs. By e-Healthcare system, we mean a set of electronic tools:
software and hardware designed to manage data in the healthcare
system. The main components of the e-Healthcare system include
telemedicine, electronic health records, communication protocol
among the components of the system.
Advances in the fields of sensor technologies, wireless network-
ing technologies such as 3G, Wi-Fi, WiMax, Mesh networking, and
personal area technologies such as radio frequency identification
⇑ Corresponding author.
E-mail addresses: ksaleem@ksu.edu.sa (K. Saleem), abderhab@ksu.edu.sa
(A. Derhab), jalal@ccis.edu.sa (J. Al-Muhtadi), basit.shahzad@gmail.com (B. Shahzad).
(RFID) and Bluetooth have enabled the creation of a smart e-Health-
care system, in which the medical staff can efficiently manage the
health of the patients. Connecting tiny, low-power, and wearable
smart medical sensor devices (e.g., pulse oximeters (Inc., 2014),
electrocardiographs (Fulford-Jones, Gu-Yeon, & Welsh, 2004), and
accelerometers (Mathie, Coster, Lovell, & Celler, 2004)) to a human
body has advanced the healthcare systems and allowed the appear-
ance of potential applications such as: home monitoring for chronic
and elderly patients (Dishman, 2004), real-time continuous patient
monitoring in hospitals (Van Laerhoven et al., 2004), automated
vital sign analysis to reduce the incidents due to human error
(Ohmura et al., 2006), and emergency situations (Lorincz et al.,
2004). In these applications, the data collected by biosensors are
transmitted to a server located at the hospital. The doctor can
access the patient’s records locally as well as remotely from these
servers and thus can real-time monitor patient’s health-conditions.
In case of emergency, the doctor is notified by the system, as shown
in Fig. 1.
Machine to Machine (M2M) communication is a new and
emerging paradigm under telecommunication (Chen, Wan, & Li,
2012). In M2M, the devices communicate and share information
with each other autonomously without or with limited human
intervention (Yan et al., 2011). M2M communication is used in a
wide range of applications such as: smart home, smart e-Health,

http://dx.doi.org/10.1016/j.chb.2014.10.010
0747-5632/Ó 2014 Elsevier Ltd. All rights reserved.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
2 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx
Fig. 1. Architecture of e-Healthcare system (Egbogah & Fapojuwo, 2011).
smart grid, and smart harvesting (Booysen, Gilmore, Zeadally, &
Van Rooyen, 2012; Yan et al., 2011). In the literature, M2M com-
munication has been proposed in many e-Healthcare systems
(Jung, Ahn, Hwang, & Kim, 2012; Jung, Myllyla, & Chung, 2013;
Min, Jiafu, Gonzalez, Xiaofei, & Leung, 2014; Park, Jung, Shin,
Kim, & Yoon, 2014).
The above e-Healthcare systems can significantly benefit both
the medical staff and the patients. Firstly, it can ensure continuous
and real-time monitoring of patient’s conditions and solve the prob-
lem of inability to constantly monitor a patient’s health. Secondly,
the patients can minimize the cost of hospitalization while being
monitored at their homes as effectively as in hospitals. Thirdly,
remote and real-time monitoring helps identifying the emergency
conditions for patients in an easy and fast manner. Fourthly, it is pos-
sible to resolve the problem of unavailability of beds in hospitals by
remotely monitoring some patients at their home instead.
All the above benefits offered by the e-Healthcare system focus
on the efficiency aspect, which is reducing the work overload on the
medical staff and getting early responses in case of emergency.
However, the psychological issues, which come along with the ill-
ness, are not considered when designing e-Healthcare system.
Physical illness is stressful experience and often puts emotional
pressure, and burden on all the members of the healthcare society
including the medical staff, patients and their families. It is known
that physical symptoms often have an underlying psychological
component. All illnesses have a psychological impact because ill-
ness is a threat to self. Depression loneliness and anxiety are com-
mon in illness, especially in chronic or life-threatening illnesses.
The patients also need social support and share their feelings and
concerns about the illness usually to strangers without the need
to reveal their identities. On the other hand, medical staff are expe-
riencing high level of stress caused by the heavy workload.
In this paper, we propose a M2M Low Cost and Secure (LCS)
communication system, which considers the psychological issues
of medical staff and patients when designing the healthcare sys-
tem. A part of this work as a preliminary report has been presented
Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
previously in (Saleem, Derhab, & Al-Muhtadi, 2014). The main con-
tributions of this paper are the following: Firstly, we define the dif-
ferent interactions in M2M e-Healthcare system, which can
interact with each other in a secure manner. The security is
ensured by involving intelligent authentication based on random
distributive key management scheme, electronic certificate distri-
bution, and modified realm Kerberos, while handling dynamic
assignment of doctors to specific patient. Secondly, the M2M sys-
tem is designed to maximize the automated tasks, which reduces
the workload of medical staffs, and further reduces the associated
stress. Thirdly, the system also provides access to online support
groups and addresses the need for patients to share their health
information with strangers while dealing with the privacy preser-
vation issue. The Low Cost and Secure (LCS) Framework is imple-
mented in Visual Basic .net 2013 to analyze the effectiveness of
the complete system.
The rest of the paper is organized as follows: Section 2 gives an
overview of Machine to Machine (M2M) communication and pre-
sents related work on secure M2M communication systems. In Sec-
tion 3, we describe the Human-centered design of our proposed
M2M communication system for e-Healthcare society. Section 4
describes the security design of the proposed system. In Section 5,
the prototype implementation is described. Finally, Section 6 con-
cludes the paper and outlines perspectives for further works.
2. Machine to Machine (M2M) communication
Machine to Machine (M2M) communication is a new and
emerging paradigm under telecommunication (Chen et al., 2012).
M2M communication is used in a wide range of applications such
as: smart home, smart e-Health, smart grid, and smart harvesting
(Booysen et al., 2012; Yan et al., 2011). The general architecture
of M2M communication is shown in Fig. 2, and is composed of
the following components: M2M device, M2M domain, and Inter-
net domain. M2M device can be computers, sensors, actuators,
embedded and mobile devices that communicate and share infor-
mation with each other autonomously without or with limited
 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx
Fig. 2. Machine to Machine (M2M) direct and Internet-integrated communication (Granjal et al., 2013).
human intervention and via wired or wireless network (Yan et al.,
2011). M2M domain provides connectivity between the M2M
device and the gateway. The Internet domain ensures communica-
tion between the gateway and the M2M application at the host. The
main advantage of M2M communication is that the devices interact
with each other to collect and deliver the required real-time informa-
tion. Every device in M2M domain almost communicates wirelessly
and acts as the server to help overall network in performing the given
task as shown in Fig. 2. The wireless un-attendant communication
nature opens enormous challenges for M2M.
An e-Healthcare scenario as an example of M2M communica-
tion is shown in Fig. 3. In the case of remote patient monitoring,
sensor devices that are worn by a patient form a body area network
(BAN) to record health indicators, e.g., blood pressure, body tem-
perature, heart rate (Saleem, Fisal, & Al-Muhtadi, 2014). The sen-
sors forward the collected data to an M2M gateway that acts as
an information aggregator. Then, the aggregator forwards the data
to the M2M server via communication networks. The M2M server
analyzes the collected data and sends warnings and appropriate
medical records to the medical staffs. In emergency cases, an
M2M device can directly provide the medical status of a patient
and route to the hospital, allowing physicians to prepare for treat-
ment in advance of the arrival of the patient. The real-time com-
munication cannot tolerate any kind of delay or loss. The
infrastructure should be reliable to provide guarantee services
whether the centralized management is available or not. Specially,
when the time is very critical rapid information is required (Zhong
& Siok, 2012), like in emergency conditions and disaster situation
where top priority and error-free services such as: rescue, transfer,
treatment, and stability are required (Lai, Hui, Yueyu, & Jin, 2012).
Although, many M2M components related to networking deci-
sion and choice of identity have been standardized, little work
has done with respect to security. Also the research literature,
which tackles M2M security, is very recent and less compared to
other networks.
Fig. 3. Machine to Machine (M2M) architecture.
Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
3
Nguyen and Huh (Mui Van, Al-Saffar, & Eui-Nam, 2010) have
proposed an authentication scheme to ensure the privacy prop-
erty in a health-care application, which considers the mobility
of doctors and patients in the hospital. The proposed scheme
takes into consideration only the hospital space and does not dis-
cuss the possibility of extension to remote patients. Also, the
authentication scheme is based on a probabilistic key manage-
ment scheme, which can reduce the number of secured connec-
tions that can be established among the nodes composing the
network.
Sun, Men, Zhao, and Zhou (2012) have proposed an M2M appli-
cation that connects a mobile user with its home network. In order
to ensure secure communication, password-based authentication
and key establishment protocols are used between the nodes of
the network. However, the proposed security scheme establishes
secure connections with known communicating parties and cannot
extend to more complex scenarios with dynamic associations
between the users and the M2M devices.
Ren, Yu, Ma, and Ren (2013) present a RelIable and SEcure
Scheme (RISE) for M2M communication. To protect data confiden-
tiality and integrity, the authors have developed a hash based func-
tion. The authors claim that the function under the proposed
scheme defends M2M communication only against Target Distin-
guishing Attack. Furthermore, the given security architecture
involves four algorithms, ChooseMedian, ChooseMost, ChooseNea-
rest, and Trust-based Enhancement to provide data and device reli-
ability. With data reliability the reports or data that are
authenticated but discovered fake while checking at actuator
based on four policies. Attainability of report is enhanced by imple-
menting m repeat-sending and n multiple-reporting. The authors
handle the behavior indistinguishability by hiding lasting time
and the intervals while transmitting. The theoretical based formal
analysis has been performed to show that the scheme is complete
and sound. However, the author has not studied the performance
evaluation and feasibility.
4 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx
Fig. 4. The proposed M2M communication system.
The authors in (Inshil, Kijoon, Jiyoung, & Min Young, 2012), pro-
posed a security approach for M2M communication in open IPTV
system. The given approach provides secure user authentication
with Kerberos based key distribution. The authors modify Condi-
tion Access System (CAS) to reduce the complexity and enhance
the efficiency of authentication process. The process depends on
stages that starts by contents information transfer and ticket
request, then to access service provider ticket is granted by ticket
server (TS), and in the end the Service user authentication and
obtaining of service are granted. To perform analysis the authors
set up a network with ten users around TS and Authentication Ser-
ver (AS). The outcomes are compared with traditional user authen-
tication mechanisms for IPTV in terms of processing time. The
proposed approach has shown better performance, but the
strength against malicious activities has not been tested.
3. Human-oriented design of e-Healthcare system
As stated above, the medical staff are experiencing stress caused
by heavy workload. This psychological issue can be minimized by
maximizing the tasks performed by the M2M communication sys-
tem. On the other hand, the issues of depression loneliness, and
anxiety are handled by providing emotional support through access
to online support groups. Health-related Online Supported Groups
have become an important source for information and support for
patients (Chung, 2013), and these online groups are more advanta-
geous of face-to-face ones. Liang, Barua, Lu, Lin, and Shen (2012)
proposed HealthShare, a health social network, which allows
Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
patients to share their health information and preserve their pri-
vacy. In our M2M communication system, we propose two ways
for patients to get online social support: one way is from a social
network formed among the patients that are registered at the
M2M communication system of the hospital. The second way is
to provide information and links about other online groups, which
can provide social and psychological support to the patients.
The principal members of the e-Healthcare society, which par-
ticipate in the proposed M2M communication system are shown
in Fig. 4 and are as follows:
 One or a group of patients: For each patient, there is a primary
doctor and alternative doctors who can remotely handle his/her
case and intervene in case of emergency.
 Patient’s family.
 Doctors.
 Nurses.
 Medical students.
 System administrator whose role is to assign doctors and med-
ical students to patients. The assignment can be changed over
time.
 Ambulance driver.
 Pharmacist.
The members communicate among them using smartphones.
Each smartphone includes a web-application that allows performing
the e-Healthcare system functionalities. The system also includes
two main components:
 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx
 M2M decision and management server: This server collects the
data received from biosensors worn by the patients. It also,
allows the authorized medical staff to access the patient’s data.
 Privacy-based social network under the control of the system
administrator. In this network, the real identity of patients is
not disclosed.
We define four scenarios of interactions among the members of
the e-Healthcare society: (1) Continuous data collection and data
access, (2) emergency detection, (3) prescription management,
and (4) accessing privacy-based social network.
3.1. Continuous data collection and data access
The biosensors continuously feed the M2M decision and man-
agement server with the patient’s status and information. Each
doctor, who is authorized to access these information (the current
and the previous ones), can check the progress of the patient, send
advices to the patients as well as authenticated prescriptions. The
medical students can also access the patient’s data to do research
and survey studies.
3.2. Emergency detection
The emergency alarm is raised by the M2M decision and man-
agement server after analyzing the data received from the patient.
For example if some data exceed a normal threshold, it is an indi-
cation of abnormal activities. Some statistical-based and data min-
ing approaches can be used to take the appropriate decision such
as: Markov chains (Mihailidis, Boger, Canido, & Hoey, 2007),
Dynamic Bayesian Network (DBN) (Subramanya, Raj, Bilmes, &
Fox, 2006; van Kasteren & Krose, 2007; Wilson & Atkeson, 2005),
Hidden Markov Model (HMM) (Subramanya et al., 2006), and Con-
ditional Random Fields (CRF) (Liyue, Xi, Sukthankar, & Sukthankar,
2010; Philipose et al., 2004).
After detecting an abnormal activity that requires urgent inter-
vention, the M2M server informs the primary doctor, the alterna-
tive doctors, as well as the patient’s family member that is
registered at the M2M communication system about the critical
Fig. 5. Initial concept of LCS.
Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
5
case of the patient. The system waits for any doctor who received
the message to check the current patient’s data and confirm
whether the situation requires urgent medical intervention or
not. After a short time period, if the M2M server does not receive
any confirmation due to doctors’ unavailability, it automatically
decides to send message to the web-application of an ambulance
driver at the hospital. If there is no response or all the drivers are
busy, the server, using GoogleMap, looks for the closest hospital
for the patient and contacts the M2M server of this hospital to send
an ambulance to the patient. After that, the M2M server informs
some doctors and nurses, who are available at the hospital, to pre-
pare for treatment in advance of the arrival of the patient.
3.3. Prescription management
The doctor, who accesses the data of their patient, can judge
that there is a need to issue a prescription for this patient. The doc-
tor signs the prescription using their electronic certificate. The
M2M server sends the prescription to the patient’s smartphone.
When the patient goes to the pharmacy, the pharmacist, by check-
ing the electronic signature, can verify the authenticity of the
prescription.
3.4. Accessing privacy-based social network
The administrator can register the patients on the social net-
work of the M2M communication of the e-Healthcare system.
The patients are registered under pseudonyms and their identities
are not disclosed. The patients are also provided with a list of
online groups that can give social and psychological supports.
4. Security design of the M2M communication e-Healthcare
system
4.1. Security requirements of M2M communication
For most of the applications using M2M devices, security is one
of the critical requirements (Chen & Chang, 2012). Little work is
6 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx

Fig. 6. General Kerberos procedure.

Fig. 7. Kerberos Realm.

focusing on the security aspects of the M2M communication, and
how to integrate security in M2M environments (Granjal,
Monteiro, & Silva, 2013). Due to the characteristics of the M2M
communication such as heterogeneity, security issues must be
addressed differently, and hence new security challenges are raised
(Inhyok, Shah, Schmidt, Leicher, & Meyerstein, 2009). M2M systems
need the integration of many technologies such as: smart meters,
sensing devices, mobile devices, RFID, Wi-Fi network, Low-Power
Personal Area Networks, cellular network. This heterogeneity of
communication technologies imposes on M2M applications to
adopt new security design solutions to ensure privacy and data con-
fidentiality (Lai et al., 2012). As the M2M applications include low-
size and self-powered energy constrained devices, the security
solution needs to take into consideration the size of the
cryptographic keys, the complexity of the cryptographic algorithm
and the key management algorithms employed for the authentica-
tion, in order to optimize energy consumption (Granjal et al., 2013).
The current standards can handle or provide reliable communi-
cation in the specific mediums for what they built up for. These
standardized protocols (Saleem, 2006; Saleem & Fisal, 2012;
Saleem et al., 2009; Zubair, Fisal, Baguda, & Saleem, 2013) and
security mechanisms (Saleem, Fisal, Hafizah, & Rashid, 2011;
Saleem, Khalil, Fisal, Ahmed, & Orgun, 2013) can be used in M2M
communication scenario, but after revision according to the appli-
cation requirements, analysis and evaluation from all aspects (Lai
et al., 2012). Therefore, novel mechanisms are required to ensure
the security of critical and confidential information over Machine
to Machine (M2M) communication.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx 7

 How to design an authentication scheme between two

Start No unknown communicating nodes in the M2M network.
 How to make the authentication scheme in the health-care sce-
nario, which supports dynamic associations between the doc-
tors and the patients.
Check
Check server no local certificate
4.3. Design concept of Low Cost and Secure (LCS) framework

yes The aspects that will be focused more are the initial design
concept of the proposed security mechanism, security architec-
Authenticate ture, its performance evaluation and validation. The initial con-
Get updated cept of Low Cost and Secure (LCS) Framework for M2M
certificate No
communication in health care scenario (Zhong & Siok, 2012) is
Yes shown in Fig. 5. Every connection between machines is based
on public and private key mechanism (Stallings, 2005; Sun
et al., 2012) as shown in Fig. 5, to validate and to transfer data
securely.
Exchange key
Exchange Keys The key management system and information are mainly
Successful taken care by the centralized servers, and modified Kerberos
Yes
(Inshil et al., 2012; Stallings, 2005) as shown in Fig. 6, will be
employed according to application. If the main server is not
available and/or machines are very near to each other then cer-
Transfer tificate based authentication will be performed directly between
Encrypted Stop the two machines to completely secure M2M communication
Information
(Zhong & Siok, 2012).
The direct communication will reduce the delay and is online.
Fig. 8. State machine diagram of packet encryption and decryption.
For instance, if the authorized doctor is with the patient, his
mobile application will directly communicate with the patient
4.2. Research gap handheld device to acquire the current readings. As soon as
the server becomes available, the doctors mobile will be updated
Security of M2M communication is an emerging and recent with the other details of the current patient. Devices can be
research topic and there is a plenty of rooms for contributions. In equipped on the body of the patient or/and can be deployed
this section, we are going to tackle some original security issues around in the overall structure to monitor the patient’s environ-
such as: ment. The distributive mechanism will be managed with the
help of the modified concept based on Kerberos Realm
 How to design a low-cost architecture for the authentication (Stallings, 2005) according to application requirements as shown
scheme in the M2M networks. in Fig. 7.

Fig. 9. Backend functioning.

Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
8 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx
Fig. 10. M2M communication system prototype.
4.4. LCS design approach
The design of the proposed LCS Security mechanism is shown in
Fig. 8. The process begins when two devices or machines need to
exchange the information. First the algorithm checks the server
availability, if it is available it will check for the updated certifi-
cates and security information from server. Otherwise, the current
node will authenticate based on the local certificate. After the
authentication process completed, the exchange key process will
be invoked. If the keys are exchanged successfully, the encrypted
information will start transferring, else again the authentication
will be re-performed.
5. Prototype implementation
We have implemented Fig. 5 scenario under Visual Basic .net
2013 and the screenshot is shown in Fig. 10. The simulation type
based implementation is performed to analyze the output of applied
algorithms. Under analysis, we study whether the LCS based on
Kerberos is working and giving output according to required expec-
tations or not. In the programme, we enable a database with some
entities as Patient ID, ECG and blood pressure and other databases
as shown in Fig. 9 with Kerberos Key Distribution Center (KDC).
On frontend the frame based mobile display is authenticated by
the database. The certificate is given to the frontend mobile display
and stored in the variable. Onward, the mobile display frame is
authenticated by the communicator based on offline certificate in
variable and can acquire the data directly from the patient embed-
ded devices. The main database updates all the certificates when the
KDC database is updated. The remote patient’s data (randomly
Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
generated numbers) are periodically (after every 5 min) coming in
based on (Saleem, Fisal, Hafizah, Kamilah, & Rashid, 2009; Saleem
et al., 2014) and recorded in the main database as shown in Fig. 9.
The records that are coming to the database are encrypted and
decrypted based on the key assigned to the user, otherwise the
record is discarded. The doctors at remote locations can acquire
the data of remote patient directly, if the mobile application is
pre-authenticated and offline certificate is stored in it. Otherwise,
the connection to main server is essential to complete the authori-
zation and authentication processes. At the end we perform the risk
assessment based on the phases given in (Mathkour, Shahzad,
& Al-Wakeel, 2011; Shahzad & Al-Mudimigh, 2010; Basit Shahzad,
Iqbal, ul Haq, & Raza, 2006; Basit Shahzad & Safvi, 2010) to assure
the quality of the software.
6. Conclusion and future work
In this paper, we have proposed a Machine to Machine (M2M)
communication system that takes into consideration the psycholog-
ical issues related to the actors of the e-Healthcare society such as:
stress due to high workload, anxiety, loneliness. The system aims at
performing most of the tasks automatically in an autonomous and
intelligent manner and without human intervention, which mini-
mizes the workload of medical staffs as well as the associated stress.
This leads to an improvement of the patient care quality and the sys-
tem performance in terms of execution durations of the tasks. We
have shown the members composing the e-Healthcare society as
well as the interactions among the members in a secure manner.
To ensure data privacy, the mechanism involves intelligent authen-
tication based on random distributive key management scheme and
 K. Saleem et al. / Computers in Human Behavior xxx (2014) xxx–xxx
modified realm Kerberos while handling dynamic assignment of
doctors to specific patient. The system also addresses the need for
patients to share their health information with strangers while deal-
ing with the privacy preservation issue. This is achieved by register-
ing the patients to the privacy-based social support group managed
by the system administrator and providing them with a list of online
groups that can provide such supports. The given scenario is imple-
mented in Visual Basic .net 2013 that shows the effectiveness of the
proposed Low Cost and Secure (LCS) Framework. Due to the fact that
M2M communication makes the interconnection between devices
more complex, new security threats have been emerged. As a future
work, we are going to study the effect of these threats on the deci-
sion process in the healthcare society and analyze the security resil-
ience of LCS. In addition, we plan to study how LCS can be integrated
in other application fields such as: industrial automation, smart
home, and smart grid.
Acknowledgment
This work is supported by the Research Center of College of
Computer and Information Sciences, King Saud University, Grant
Number RC140224. The authors are grateful for this support.
References
Booysen, M. J., Gilmore, J. S., Zeadally, S., & Van Rooyen, G. J. (2012). Machine-to-
Machine (M2M) communications in vehicular networks. KSII Transactions on
Internet and Information Systems, 6(2), 529–546.
Chen, D., & Chang, G. (2012). A survey on security issues of M2M communications in
cyber-physical systems. KSII Transactions on Internet and Information Systems,
6(1), 24–45.
Chen, M., Wan, J., & Li, F. (2012). Machine-to-machine communications:
Architectures, standards and applications. KSII Transactions on Internet and
Information Systems, 6(2), 480–497.
Chung, J. E. (2013). Social interaction in online support groups: Preference for online
social interaction over offline social interaction. Computers in Human Behavior,
29(4), 1408–1414.
Dishman, E. (2004). Inventing wellness systems for aging in place. Computer, 37(5),
34–41.
Egbogah, E. E., & Fapojuwo, A. O. (2011). A survey of system architecture
requirements for health care-based wireless sensor networks. Sensors (Basel),
11(5), 4875–4898.
Fulford-Jones, T. R. F., Gu-Yeon, W., & Welsh, M. (2004). A portable, low-power,
wireless two-lead EKG system. In 26th Annual international conference of the IEEE
engineering in medicine and biology society, 2004. IEMBS ’04 (Vol. 1, pp. 2141–
2144).
Granjal, J., Monteiro, E., & Silva, J. (2013). Security issues and approaches on wireless
M2M systems. In S. Khan & A.-S. Khan Pathan (Eds.), Wireless networks and
security (pp. 133–164). Berlin Heidelberg: Springer.
Inc., N. M. (2014). Avant 4000 wireless wearable pulse oximeter. A1 207–408. In (Vol.
2014). Del City, Menomonee Falls, WI 53051, USA <medicalproductsdirect.com>.
Inhyok, C., Shah, Y., Schmidt, A. U., Leicher, A., & Meyerstein, M. V. (2009). Trust in
M2M communication. IEEE Vehicular Technology Magazine, 4(3), 69–75.
Inshil, D., Kijoon, C., Jiyoung, L., & Min Young, C. (2012). An improved security
approach based on Kerberos for M2M open IPTV system. In 15th International
conference on network-based information systems (NBiS), 2012 (pp. 754–759).
Jung, S., Ahn, J. Y., Hwang, D.-J., & Kim, S. (2012). An optimization scheme for M2M-
based patient monitoring in ubiquitous healthcare domain. International Journal
of Distributed Sensor Networks, 2012, 9.
Jung, S. J., Myllyla, R., & Chung, W. Y. (2013). Wireless machine-to-machine
healthcare solution using android mobile devices in global networks. IEEE
Sensors Journal, 13(5), 1419–1424.
Lai, C., Hui, L., Yueyu, Z., & Jin, C. (2012). Security issues on machine to machine
communications. KSII Transactions on Internet and Information Systems, 6(2),
498–514.
Liang, X., Barua, M., Lu, R., Lin, X., & Shen, X. (2012). HealthShare: Achieving secure
and privacy-preserving health information sharing through health social
networks. Computer Communications, 35(15), 1910–1920.
Liyue, Z., Xi, W., Sukthankar, G., & Sukthankar, R. (2010). Motif discovery and feature
selection for CRF-based activity recognition. In 20th International conference on
Pattern Recognition (ICPR), 2010 (pp. 3826–3829).
Lorincz, K., Malan, D. J., Fulford-Jones, T. R. F., Nawoj, A., Clavel, A., Shnayder, V., et al.
(2004). Sensor networks for emergency response: Challenges and opportunities.
IEEE Pervasive Computing, 3(4), 16–23.
Mathie, M. J., Coster, A. C., Lovell, N. H., & Celler, B. G. (2004). Accelerometry:
Providing an integrated, practical method for long-term, ambulatory
monitoring of human movement. Physiological Measurement, 25(2), R1–20.
Please cite this article in press as: Saleem, K., et al. Human-oriented design of secure Machine-to-Machine communication system for e-Healthcare society.
Computers in Human Behavior (2014), http://dx.doi.org/10.1016/j.chb.2014.10.010
9
Mathkour, H. I., Shahzad, B., & Al-Wakeel, S. (2011). Software risk management and
avoidance strategy. In International conference on machine learning and
computing, IPCSIT (Vol. 3).
Mihailidis, A., Boger, J., Canido, M., & Hoey, J. (2007). The use of an intelligent
prompting system for people with dementia. Interactions, 14(4), 34–37.
Min, C., Jiafu, W., Gonzalez, S., Xiaofei, L., & Leung, V. C. M. (2014). A survey of recent
developments in home M2M networks. IEEE Communications Surveys and
Tutorials, 16(1), 98–114.
Mui Van, N., Al-Saffar, A., & Eui-Nam, H. (2010). A dynamic ID-based authentication
scheme. In Sixth international conference on networked computing and advanced
information management (NCM), 2010 (pp. 248–253).
Ohmura, R., Naya, F., Noma, H., Kuwahara, N., Toriyama, T., & Kogure, K. (2006).
Practical design of a sensor network for understanding nursing activities. In
Proceedings 2006 31st IEEE conference on local computer networks (pp. 615–622).
Park, R., Jung, H., Shin, D.-K., Kim, G.-J., & Yoon, K.-H. (2014). M2M-based smart
health service for human UI/UX using motion recognition. Cluster Computing,
1–12.
Philipose, M., Fishkin, K. P., Perkowitz, M., Patterson, D. J., Fox, D., Kautz, H., et al.
(2004). Inferring activities from interactions with objects. IEEE Pervasive
Computing, 3(4), 50–57.
Ren, W., Yu, L., Ma, L., & Ren, Y. (2013). RISE: A reliable and secure scheme for
wireless machine to machine communications. Tsinghua Science and Technology,
18(1), 100–117.
Saleem, K., Derhab, A., & Al-Muhtadi, J. (2014). Low delay and secure M2M
communication mechanism for eHealthcare. IEEE HealthCom, 2014, 498–503.
Saleem, K. (2006). QoS provisioning for real time services in MPLS diffserv aware IPv6
network using IXP-2xxx (Intel Network Processor). Universiti Teknologi Malaysia,
Faculty of Electrical Engineering.
Saleem, K., & Fisal, N. (2012). Enhanced ant colony algorithm for self-optimized data
assured routing in wireless sensor networks. In 18th IEEE international
conference on networks (ICON), 2012 (pp. 422–427).
Saleem, K., Fisal, N., Hafizah, S., Kamilah, S., & Rashid, R. (2009). Biological inspired
self-optimized routing algorithm for wireless sensor networks. In IEEE 9th
Malaysia international conference on communications (MICC), 2009 (pp. 305–
309). IEEE.
Saleem, K., Fisal, N., Hafizah, S., Kamilah, S., Rashid, R., & Baguda, Y. (2009). Cross
layer based biological inspired self-organized routing protocol for wireless
sensor network. In TENCON 2009. Singapore: IEEE.
Saleem, K., Khalil, M. S., Fisal, N., Ahmed, A. A., & Orgun, M. A. (2013). Efficient
random key based encryption system for data packet confidentiality in WSNs.
In IEEE international conference on trust, security and privacy in computing and
communications (TrustCom2013) (pp. 1662–1668). Melbourne, Australia: IEEE.
Saleem, K., Fisal, N., & Al-Muhtadi, J. (2014). Empirical studies of bio-inspired self-
organized secure autonomous routing protocol. IEEE Sensors Journal, 14(7),
2232–2239.
Saleem, K., Fisal, N., Hafizah, S., & Rashid, R. (2011). An intelligent information
security mechanism for the network layer of WSN: BIOSARP. In Á. Herrero & E.
Corchado (Eds.). Computational intelligence in security for information systems
(Vol. 6694, pp. 118–126). Berlin/Heidelberg: Springer.
Shahzad, B., & Al-Mudimigh, A. S. (2010). Risk identification, mitigation and
avoidance model for handling software risk. In Second international conference
on computational intelligence, communication systems and networks (CICSyN),
2010 (pp. 191–196).
Shahzad, B., Iqbal, J., ul Haq, Z., & Raza, S. (2006). Distributed risk analysis using
relative impact technique. In 3rd Asian conference on intelligent systems and
networks (pp. 433–439).
Shahzad, B., & Safvi, S. (2010). Risk mitigation and management scheme based on
risk priority. Global Journal of Computer Science and Technology, 10(4).
Stallings, W. (2005). Cryptography and network security (4th ed.). Prentice Hall.
Subramanya, A., Raj, A., Bilmes, J. A., & Fox, D. (2006). Recognizing activities and
spatial context using wearable sensors. In UAI. AUAI Press.
Sun, X., Men, S., Zhao, C., & Zhou, Z. (2012). A security authentication scheme in
machine-to-machine home network service. Security and Communication
Networks. http://dx.doi.org/10.1002/sec.551.
van Kasteren, T., & Krose, B. (2007). Bayesian activity recognition in residence for
elders. In 3rd IET international conference on intelligent environments, 2007. IE 07
(pp. 209–212).
Van Laerhoven, K., Lo, B. P., Ng, J. W., Thiemjarus, S., King, R., Kwan, S., et al. (2004).
Medical healthcare monitoring with wearable and implantable sensors. In Proc.
of the 3rd international workshop on ubiquitous computing for healthcare
applications: Citeseer.
Wilson, D. H., & Atkeson, C. (2005). Simultaneous tracking and activity recognition
(STAR) using many anonymous, binary sensors. In H.-W. Gellersen, R. Want, &
A. Schmidt (Eds.). Pervasive computing (Vol. 3468, pp. 62–79). Berlin
Heidelberg: Springer.
Yan, Z., Rong, Y., Shengli, X., Wenqing, Y., Yang, X., & Guizani, M. (2011). Home M2M
networks: Architectures, standards, and QoS improvement. IEEE Communications
Magazine, 49(4), 44–52.
Zhong, F., & Siok, T. (2012). M2M communications for e-Health: Standards, enabling
technologies, and research challenges. In 2012 6th International symposium on
medical information and communication technology (ISMICT) (pp. 1–4).
Zubair, S., Fisal, N., Baguda, Y. S., & Saleem, K. (2013). Assessing routing strategies
for cognitive radio sensor networks. Sensors, 13(10), 13005–13038.