Enforcing Security in Pervasive Healthcare Monitoring Gestational Diabetes Mellitus Stefano Bromuri, Johannes Krampf, Ren´ e Schumann, Michael Ignaz Schumacher Institute of Business Information Systems, University of Applied Sciences Western Switzerland, Emails: stefano.bromuri@hevs.ch {johannes.krampf, rene.schumann, michael.schumacher}@hevs.ch Abstract—Life expectancy is rising world wide thanks to the current advancement of medicine. Due to the fact that the population is growing old, also the incidence of chronic illnesses in the population is rising. For this reason, new paradigms of healthcare are being developed to achieve a better medical follow-up and also handle the rising costs. One approach that is proving successful is telemedicine, which focuses on decentralising the delivery of healthcare by means of new technologies based on network connectivity. One problem that rises in the definition of telemedicine systems is the one of security of medical data. In this paper we present our telemedicine system for monitoring Gestational Diabetes Mellitus (GDM). We addressed the problem of securing the communication between the patients and the doctors. The result is a fully implemented telemedicine system for GDM that mitigates the risks associated with the most common malicious attacks directed to a distributed system. Keywords-Telemedicine; Gestational Diabetes; Security; Per- sonal Health System. I. I NTRODUCTION The life expectancy is rising world wide thanks to the availability of new and higher standards for healthcare, but to this improvement a decrease in the incidence of chronic or permanent health conditions [1] did not follow. The world expenditure in healthcare is surging due to the wide spread availability of high standard care. This creates new challenges for healthcare professionals. Also new trends in technical development enable new services that allow to improve care even more. In particular, we are addressing the issue of collecting and evaluating medical data by means of telemedicine. This allow healthcare professionals to have more accurate data. By pro-actively notifying medical experts they can react faster to a changes in the condition of a patient. Further more patients can benefit as well, because they can live their file with more freedom, following their daily activities. Healthcare activities can be grouped into three categories: measuring physical values, diagnosing and administering therapies. These activities can be described more technically as monitoring, recognizing, and decision making. In our re- search we are going to set up a common pervasive healthcare infrastructure that aims to support all these activities. Here we report on the architecture for the pervasive healthcare monitoring framework, that addresses the first category of activities. Therefore we are going to set up a personal health system (PHS) that integrates the patients as actors into the monitoring process. We are doing so to obtain more accurate data, which in consequence allows medical services to provide better services to the patients. Patients collect their physiological data either on their own or by using smart devices, e.g. in form of wearable computing devices forming a body area network that col- lects physiological data autonomously. The physiological data needs to be collected and eventually augmented with metadata, like the data origin, although it is not enough to simply store this data. The monitoring process covers a first data processing step, which is a filtering to identify abnormal conditions. If such a condition has been identified a medical expert has to be notified. By this notification, the medical expert gets supported, because a) more data is available and b) his attention is drawn to the cases where the data indicate an abnormal condition, and an action from him might be required. This supervision of incoming data is the core of the monitoring activity. Monitoring can use a reasoning component that evaluates the incoming data and checks it, respecting the context and the history of the patient. It goes without saying that the design of a pervasive healthcare monitoring framework, as well as the entire pervasive healthcare infrastructure, has high requirements towards the security of those system, as they deal with highly confidential personal data. In our current study, we are addressing patients suffering from Gestational Diabetes Mellitus (GDM). GDM occurs during pregnancy due to increased resistance to insulin. GDM is a type of diabetes which temporarily affects 4% of otherwise healthy pregnant women, and typically disappears after delivery. As relatively milder hyperglycemia can cause adverse effects in the baby and in the mother, then cases of glucose intolerance in pregnancy are also considered to represent GDM. Current GDM care consists in a routine check once per week, meaning that in between these checks, the woman can develop poor glycemic control and further adverse effects. GDM is not a typical chronic disease, where patients diverge from the healthcare plan over time. In con- trary women suffering from GDM are typically very engaged 221 Copyright (c) IARIA, 2012. ISBN: 978-1-61208-179-3 eTELEMED 2012 : The Fourth International Conference on eHealth, Telemedicine, and Social Medicine