Multi-Layered Security Assessment in mHealth Environments: Case Study on Server, Mobile and Wearable Components in the PHGL-COVID Platform
The growing use of mobile health (mHealth) technologies adds complexity and risk to the healthcare environment. This paper presents a multi-layered cybersecurity assessment of an in-house mHealth platform (PHGL-COVID), comprising a Docker-based server infrastructure, a Samsung Galaxy A55 smartphone,...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-08-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/15/15/8721 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The growing use of mobile health (mHealth) technologies adds complexity and risk to the healthcare environment. This paper presents a multi-layered cybersecurity assessment of an in-house mHealth platform (PHGL-COVID), comprising a Docker-based server infrastructure, a Samsung Galaxy A55 smartphone, and a Galaxy Watch 7 wearable. The objective was to identify vulnerabilities across the server, mobile, and wearable components by emulating real-world attacks and conducting systematic penetration tests on each layer. Tools and methods specifically tailored to each technology were applied, revealing exploitable configurations, insecure Bluetooth Low Energy (BLE) communications, and exposure of Personal Health Records (PHRs). Key findings included incomplete container isolation, BLE metadata leakage, and persistent abuse of Android privacy permissions. This work delivers both a set of actionable recommendations for developers and system architects to strengthen the security of mHealth platforms, and a reproducible audit methodology that has been validated in a real-world deployment, effectively bridging the gap between theoretical threat models and practical cybersecurity practices in healthcare systems. |
|---|---|
| ISSN: | 2076-3417 |