| dc.description.abstract | The topics covered in this thesis do not seem to be widely explored before. There is a lot of focus on the security of IoMT, but not so much the auditing capabilities. As this may not actively counter errors or an attack, it is vital that information is retrievable to validate the operations of these devices. Best practices when it comes to auditing has not been specified for IoT devices in general and thus not for IoMT devices either.
Auditing comes from the financial sector and a lot of the information on audit stems from this, but over the years, auditing in the IT sector has been growing. With the increasing focus on information security, auditing will eventually grow into being an important piece of the puzzle. We are slowly realizing, there is no stopping or countering all errors or attacks, it is just not feasible. Auditing can help in deciding where to put our information security resources in the future.
In this thesis, the auditability capabilities in IoMT devices are examined. Auditing capabilities enable us to determine, from event logs, the cause of unexpected occurrences and whether tampering or deleting of log events or logs is possible.
To say something about what should be implemented, and what is lacking, we need to have a clear view on the current best practice when it comes to audit in the information security spectra.
This report aims to determine a set of best practices for auditing in IoMT devices and uncover areas where existing devices have short comings. Providing a set of best practices for system security logs, may increase focus on the importance of good auditing possibilities in IoMT devices. Users can be sure that their device have sufficient logging which can provide evidence of unintended occurrences if any were to happen. It may also be used as a basis for development requirements of new devices. | en |
