Biometric-based two-level secure access control for Implantable Medical Devices during emergencies

Hei, Xiali; Du, Xiaojiang

doi:10.1109/infcom.2011.5935179

Cited by 86 publications

(40 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…iris, fingerprint) access control [11]. The ultrasonic distance bounding-based security protocol ensures that anyone in the IMD's close proximity can access it in emergencies while the biometric-based scheme allows access to the IMD by matching biometric features.…”

Section: Related Workmentioning

confidence: 99%

Encryption for Implantable Medical Devices Using Modified One-Time Pads

et al. 2015

View full text Add to dashboard Cite

We present an electrocardiogram (ECG)-based data encryption (EDE) scheme for implantable medical devices (IMDs). IMDs, including pacemakers and cardiac defibrillators, perform therapeutic or even life-saving functions and store sensitive data; therefore, it is important to prevent adversaries from having access to them. The EDE is designed with the ability to provide information-theoretically unbreakable encryption where two well-known techniques of classic one-time pads (OTPs) and error correcting codes are combined to achieve a cryptographic primitive for IMDs. Unlike other ECG-based key agreement schemes where ECG features are used to facilitate a key distribution, in the EDE scheme, random binary strings generated from ECG signals are directly used as keys for encryption. OTP keys are generated by the IMD and the programmer, respectively, before each encryption attempt; thus, the EDE does not require a cryptographic infrastructure to support a key distribution, storage, revocation, and refreshment. Protected by the EDE, IMDs could not be accessed by adversaries; however, medical personnel can have access to them by measuring real-time ECG data in emergencies. Therefore, the EDE design achieves a balance of high security and high accessibility for the IMD. Our data and security analysis shows that the EDE is a viable scheme for protecting IMDs.INDEX TERMS Implantable medical devices (IMDs), wireless security, electrocardiogram (ECG), one-time pads (OTPs), error correcting codes.

show abstract

Section: Related Workmentioning

confidence: 99%

Encryption for Implantable Medical Devices Using Modified One-Time Pads

et al. 2015

View full text Add to dashboard Cite

show abstract

“…Some literatures (e.g. in [17] and [19]) focus on the emergency case. Also since a large dose has a high probability of causing hypoglycemia, doctors and patients try to avoid this from happening.…”

Section: Emergency Situationsmentioning

confidence: 99%

“…It is very effective in nonemergency situations. In another previous work [17], we proposed a novel Biometric-Based two-level Secure Access Control scheme for IMDs when the patient is in emergency situations (such as a coma). Literature [27] proposed a novel patient infusion patterns based access control scheme (PIPAC) for wireless insulin pumps.…”

Section: Related Workmentioning

confidence: 99%

Patient Infusion Pattern based Access Control Schemes for Wireless Insulin Pump System

Hei

Lin

et al. 2015

IEEE Trans. Parallel Distrib. Syst.

Self Cite

View full text Add to dashboard Cite

Wireless insulin pumps have been widely deployed in hospitals and home healthcare systems. Most of them have limited security mechanisms embedded to protect them from malicious attacks. In this paper, two attacks against insulin pump systems via wireless links are investigated: a single acute overdose with a significant amount of medication and a chronic overdose with a small amount of extra medication over a long time period. They can be launched unobtrusively and may jeopardize patients' lives. It is very urgent to protect patients from these attacks. We propose a novel personalized patient infusion pattern based access control scheme (PIPAC) for wireless insulin pumps. This scheme employs supervised learning approaches to learn normal patient infusion patterns in terms of the dosage amount, rate, and time of infusion, which are automatically recorded in insulin pump logs. The generated regression models are used to dynamically configure a safe infusion range for abnormal infusion identification. This model includes two sub models for bolus (one type of insulin) abnormal dosage detection and basal abnormal rate detection. The proposed algorithms are evaluated with real insulin pump. The evaluation results demonstrate that our scheme is able to detect the two attacks with a very high success rate.

show abstract

“…With the development of information technology, information security plays an important role in medical system [1,2], communications [3], finance [4], and other fields. Sidechannel analysis [5,6] which focuses on exploiting the implementation or some measurable nonmathematical property of a cryptographic system, was introduced by Kocher et al in 1996.…”

Section: Introductionmentioning

confidence: 99%

RFA: R-Squared Fitting Analysis Model for Power Attack

Wang

Zhang

Zhu

et al. 2017

Security and Communication Networks

View full text Add to dashboard Cite

Correlation Power Analysis (CPA) introduced by Brier et al. in 2004 is an important method in the side-channel attack and it enables the attacker to use less cost to derive secret or private keys with efficiency over the last decade. In this paper, we propose -squared fitting model analysis (RFA) which is more appropriate for nonlinear correlation analysis. This model can also be applied to other side-channel methods such as second-order CPA and collision-correlation power attack. Our experiments show that the RFA-based attacks bring significant advantages in both time complexity and success rate.

show abstract

Biometric-based two-level secure access control for Implantable Medical Devices during emergencies

Cited by 86 publications

References 8 publications

Encryption for Implantable Medical Devices Using Modified One-Time Pads

Encryption for Implantable Medical Devices Using Modified One-Time Pads

Patient Infusion Pattern based Access Control Schemes for Wireless Insulin Pump System

RFA: R-Squared Fitting Analysis Model for Power Attack

Contact Info

Product

Resources

About