STRIDE-Based Threat Modeling and Risk Assessment Framework for IoT-enabled Smart Healthcare Systems

Abstract

The increase in the evolution of Internet of Things (IoT) architectures and their use in different domains, such as agriculture, smart cities/homes, industry, transport and logistics, and others, has triggered a proportional increase in vulnerabilities, threats, and security risks that violate security objectives. The criticality of the information circulating in the architecture and assets exposed to public networks such as the internet imperatively implies effective management beforehand of the factors that can put a system at risk. This article focuses mainly on the IoT in the healthcare sector and uses it as a pilot for an in-depth study of vulnerabilities using a threat modeling approach based on the spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) method. This will be carried out by carefully following the steps of explaining the use case, drawing a data flow diagram (DFD) using the tool offered by Microsoft Threat Modeling (MTM) tool, and identifying the assets in question. This is followed by an identification of the threats linked to the DFD and identified assets, then an assessment of the risks caused, and finally proposals for security patches to be applied as far as possible to ensure the efficient and secure use of an architecture that offers many advantages in terms of services and ease of management of modern domains but which at the same time puts at risk all the assets that can cause significant damage and impact if they are exposed to malicious hands.