{"id":"https://openalex.org/W4297659078","doi":"https://doi.org/10.1145/3549015.3554209","title":"Caring About IoT-Security \u2013 An Interview Study in the Healthcare Sector","display_name":"Caring About IoT-Security \u2013 An Interview Study in the Healthcare Sector","publication_year":2022,"publication_date":"2022-09-08","ids":{"openalex":"https://openalex.org/W4297659078","doi":"https://doi.org/10.1145/3549015.3554209"},"language":"en","primary_location":{"id":"doi:10.1145/3549015.3554209","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3549015.3554209","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3549015.3554209","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 European Symposium on Usable Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3549015.3554209","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5070432440","display_name":"Marco Gutfleisch","orcid":"https://orcid.org/0000-0003-1400-5825"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Marco Gutfleisch","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5039444878","display_name":"Markus Sch\u00f6ps","orcid":"https://orcid.org/0000-0002-6804-3547"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Markus Sch\u00f6Ps","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078219842","display_name":"Jonas Hielscher","orcid":"https://orcid.org/0000-0002-5159-3868"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Jonas Hielscher","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072890105","display_name":"Mary Cheney","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Mary Cheney","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5011237341","display_name":"Sibel Sayin","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Sibel Sayin","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065373314","display_name":"Nathalie Schuhmacher","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Nathalie Schuhmacher","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5080713946","display_name":"Ali Mohamad","orcid":null},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Ali Mohamad","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5108226584","display_name":"M. Angela Sasse","orcid":"https://orcid.org/0000-0003-1823-5505"},"institutions":[{"id":"https://openalex.org/I904495901","display_name":"Ruhr University Bochum","ror":"https://ror.org/04tsk2644","country_code":"DE","type":"education","lineage":["https://openalex.org/I904495901"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"M. Angela Sasse","raw_affiliation_strings":["Ruhr University Bochum, Germany"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Ruhr University Bochum, Germany","institution_ids":["https://openalex.org/I904495901"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":8,"corresponding_author_ids":["https://openalex.org/A5070432440"],"corresponding_institution_ids":["https://openalex.org/I904495901"],"apc_list":null,"apc_paid":null,"fwci":0.4275,"has_fulltext":true,"cited_by_count":4,"citation_normalized_percentile":{"value":0.63974909,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"202","last_page":"215"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10273","display_name":"IoT and Edge/Fog Computing","score":0.9987000226974487,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10444","display_name":"Context-Aware Activity Recognition Systems","score":0.9817000031471252,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11045","display_name":"Privacy, Security, and Data Protection","score":0.9686999917030334,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.630110502243042},{"id":"https://openalex.org/keywords/certification","display_name":"Certification","score":0.6237835884094238},{"id":"https://openalex.org/keywords/internet-of-things","display_name":"Internet of Things","score":0.5196491479873657},{"id":"https://openalex.org/keywords/health-care","display_name":"Health care","score":0.5023794174194336},{"id":"https://openalex.org/keywords/legislation","display_name":"Legislation","score":0.47829753160476685},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.47303885221481323},{"id":"https://openalex.org/keywords/upload","display_name":"Upload","score":0.46470513939857483},{"id":"https://openalex.org/keywords/healthcare-industry","display_name":"Healthcare industry","score":0.43582016229629517},{"id":"https://openalex.org/keywords/internet-privacy","display_name":"Internet privacy","score":0.4331137537956238},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.4284230172634125},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.420383483171463},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.4112946689128876},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3902556896209717},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.3574472665786743}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.630110502243042},{"id":"https://openalex.org/C46304622","wikidata":"https://www.wikidata.org/wiki/Q374814","display_name":"Certification","level":2,"score":0.6237835884094238},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.5196491479873657},{"id":"https://openalex.org/C160735492","wikidata":"https://www.wikidata.org/wiki/Q31207","display_name":"Health care","level":2,"score":0.5023794174194336},{"id":"https://openalex.org/C2777351106","wikidata":"https://www.wikidata.org/wiki/Q49371","display_name":"Legislation","level":2,"score":0.47829753160476685},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.47303885221481323},{"id":"https://openalex.org/C71901391","wikidata":"https://www.wikidata.org/wiki/Q7126699","display_name":"Upload","level":2,"score":0.46470513939857483},{"id":"https://openalex.org/C2989086416","wikidata":"https://www.wikidata.org/wiki/Q15067276","display_name":"Healthcare industry","level":3,"score":0.43582016229629517},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.4331137537956238},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.4284230172634125},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.420383483171463},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.4112946689128876},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3902556896209717},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.3574472665786743},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C162324750","wikidata":"https://www.wikidata.org/wiki/Q8134","display_name":"Economics","level":0,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C50522688","wikidata":"https://www.wikidata.org/wiki/Q189833","display_name":"Economic growth","level":1,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3549015.3554209","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3549015.3554209","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3549015.3554209","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 European Symposium on Usable Security","raw_type":"proceedings-article"},{"id":"pmh:oai:eprints.ucl.ac.uk.OAI2:10193987","is_oa":false,"landing_page_url":"https://discovery.ucl.ac.uk/id/eprint/10193987/","pdf_url":null,"source":{"id":"https://openalex.org/S4306400024","display_name":"UCL Discovery (University College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I45129253","host_organization_name":"University College London","host_organization_lineage":["https://openalex.org/I45129253"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"     In:  EuroUSEC '22: Proceedings of the 2022 European Symposium on Usable Security.  (pp. pp. 202-215).  ACM (2022)     ","raw_type":"Proceedings paper"}],"best_oa_location":{"id":"doi:10.1145/3549015.3554209","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3549015.3554209","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3549015.3554209","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 2022 European Symposium on Usable Security","raw_type":"proceedings-article"},"sustainable_development_goals":[{"score":0.5099999904632568,"id":"https://metadata.un.org/sdg/12","display_name":"Responsible consumption and production"}],"awards":[{"id":"https://openalex.org/G18682879","display_name":null,"funder_award_id":"390781972","funder_id":"https://openalex.org/F4320320879","funder_display_name":"Deutsche Forschungsgemeinschaft"}],"funders":[{"id":"https://openalex.org/F4320320879","display_name":"Deutsche Forschungsgemeinschaft","ror":"https://ror.org/018mejw64"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4297659078.pdf","grobid_xml":"https://content.openalex.org/works/W4297659078.grobid-xml"},"referenced_works_count":37,"referenced_works":["https://openalex.org/W1853998646","https://openalex.org/W1943579973","https://openalex.org/W1966188439","https://openalex.org/W1983424002","https://openalex.org/W2042720915","https://openalex.org/W2046251234","https://openalex.org/W2059398344","https://openalex.org/W2063705570","https://openalex.org/W2086687976","https://openalex.org/W2155865187","https://openalex.org/W2157875516","https://openalex.org/W2167025863","https://openalex.org/W2470183763","https://openalex.org/W2619568410","https://openalex.org/W2763448549","https://openalex.org/W2782645469","https://openalex.org/W2800094831","https://openalex.org/W2811255237","https://openalex.org/W2858974629","https://openalex.org/W2897222536","https://openalex.org/W2902123208","https://openalex.org/W2908659529","https://openalex.org/W2910222590","https://openalex.org/W2917797872","https://openalex.org/W2936286953","https://openalex.org/W2937101350","https://openalex.org/W2940524603","https://openalex.org/W2968041583","https://openalex.org/W2968774960","https://openalex.org/W2998189882","https://openalex.org/W3005663193","https://openalex.org/W3017863658","https://openalex.org/W3086244883","https://openalex.org/W3195313677","https://openalex.org/W4288057734","https://openalex.org/W4293222324","https://openalex.org/W6824583106"],"related_works":["https://openalex.org/W2065250680","https://openalex.org/W2348567840","https://openalex.org/W2390665136","https://openalex.org/W2092708554","https://openalex.org/W2353177111","https://openalex.org/W4206199931","https://openalex.org/W2336014427","https://openalex.org/W2379266188","https://openalex.org/W2210929881","https://openalex.org/W2494428682"],"abstract_inverted_index":{"The":[0],"number":[1],"of":[2,91,120,132,143,182,191,200,222,232,237,268],"medical":[3,121,162,269],"IoT":[4,39,66,92,122,163,270],"devices":[5,40,93,123,164,175,271],"is":[6,272],"increasing":[7],"rapidly:":[8],"CT":[9],"scanners,":[10],"ECG":[11],"devices,":[12,17,27,67],"insulin":[13],"pumps":[14],"and":[15,44,51,68,138,188,194,220,252,265,275,282],"other":[16,26],"which":[18],"previously":[19],"operated":[20],"independently,":[21],"are":[22,165],"being":[23],"interconnected":[24],"with":[25,111,280],"now":[28],"sharing":[29],"patient":[30],"data":[31],"and/or":[32,136],"uploading":[33],"them":[34],"to":[35,172,177,184,204,214,218,290],"the":[36,52,88,118,141,170,180,189,253,256,263],"cloud.":[37],"Medical":[38],"can":[41],"create":[42,291],"privacy":[43,266],"security":[45,58,79,83,119,167,223,247,264],"risks":[46,267],"for":[47,117,294],"patients,":[48],"healthcare":[49,96],"professionals,":[50],"institutions":[53],"that":[54,85,151,161,230,262,276],"deploy":[55],"them.":[56,296],"Previous":[57],"research":[59],"has":[60,240],"focused":[61],"on":[62,128,155,245],"software":[63],"vulnerabilities":[64],"in":[65,87,95,109,124,197,208,248,250],"how":[69],"they":[70],"could":[71],"be":[72,215,288],"exploited.":[73],"This":[74],"study":[75],"takes":[76],"a":[77,166,277],"broader":[78],"perspective,":[80],"looking":[81],"at":[82],"issues":[84,239],"arise":[86],"life":[89],"cycle":[90],"deployed":[94],"environments.":[97],"We":[98,260],"performed":[99],"in-depth":[100],"online":[101],"interviews":[102],"lasting":[103],"over":[104,255],"1":[105],"hour":[106],"(12":[107],"hours":[108],"total)":[110],"n":[112],"=":[113],"8":[114],"experts":[115],"responsible":[116],"hospitals.":[125],"They":[126],"had":[127],"average":[129],"20":[130],"years":[131],"industry":[133],"experience":[134,142],"(IT":[135],"security),":[137],"spoke":[139],"from":[140],"either":[144],"in-hospital":[145],"specialist,":[146],"or":[147],"as":[148],"external":[149],"consultants":[150],"advise":[152],"multiple":[153],"hospitals":[154,209,249],"IT":[156,206,246],"security.":[157],"Our":[158],"findings":[159],"suggest":[160],"time":[168],"bomb:":[169],"inability":[171],"easily":[173],"patch":[174],"due":[176,217],"certification":[178],"regulations,":[179],"requirements":[181],"manufacturers":[183,236,281],"enable":[185],"remote":[186],"maintenance,":[187],"lack":[190,221],"qualified":[192],"personnel":[193],"resources":[195],"result":[196],"low":[198],"levels":[199],"security,":[201],"even":[202],"compared":[203],"general":[205],"systems":[207],"(which":[210],"have":[211],"been":[212],"found":[213],"vulnerable":[216],"age":[219],"expertise).":[224],"More":[225],"encouragingly,":[226],"most":[227],"participants":[228],"reported":[229],"awareness":[231],"hospital":[233],"managers":[234],"&":[235],"these":[238],"improved,":[241],"following":[242],"new":[243],"legislation":[244],"Germany":[251],"EU":[254],"last":[257],"two":[258],"years.":[259],"conclude":[261],"currently":[273],"underestimated,":[274],"collaborative":[278],"effort":[279],"primary":[283],"users":[284],"(medical":[285],"staff)":[286],"will":[287],"required":[289],"effective":[292],"processes":[293],"securing":[295]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2024,"cited_by_count":3}],"updated_date":"2026-05-20T08:49:12.498775","created_date":"2025-10-10T00:00:00"}