Presentation is loading. Please wait.

Presentation is loading. Please wait.

Proximity-based Access Control for Implantable Medical Devices

Published byBrianna Dalton Modified over 6 years ago

Similar presentations

Presentation on theme: "Proximity-based Access Control for Implantable Medical Devices"— Presentation transcript:

1 Proximity-based Access Control for Implantable Medical Devices
Author: Kasper B. Rasmussen Claude Castelluccia Thomas Heydt-Benjamin Srdjan Capkun

2 Introduction Recently, as the rapid development of IMD, new generation of IMD provide more convenience for the medical professionals to get access to data they need from the IMD. However, there is a trade-off in the process with some privacy and security challenges. We have to prevent the IMD from the unauthorized data access and certain malicious device’s attack. CS589: Access Control and System Security 11/12/2018

3 Introduction Originally, previous research about IMD access control was based on public-key cryptography or preloaded secret keys. Obviously, this kind of solutions will ignore some emergent scenarios where the IMD need to be accessible to emergency ambulance staffs. Occasionally, when a patient is in unconsciousness, the ambulance staffs have no way to access the patient’s IMD, which probably postpones the best time to save the patient. CS589: Access Control and System Security 11/12/2018

4 Introduction This paper implement a combination of classical public-key cryptography and proximity-based access control. There is two models for the system: Normal and Emergency. Both of modes are based on public-key and proximity. I will specific introduce this two mode in the later slides. CS589: Access Control and System Security 11/12/2018

5 System Reader IMD The basic system model:
The reader (potentially malicious) can remotely modify the IMD internal configuration and collect data from the IMD. IMD could be any device implanted into a human body, such as pacemaker. Reader IMD Wireless Access CS589: Access Control and System Security 11/12/2018

6 Attacker Model In the first scenario, the attacker wants to get access to medical data stored in the IMD or change device settings. It is easily understood. Identity theft, blackmail… In the second scenario, the attacker wants to impersonate a device and make a reader talk to him. It is little complicated. Prevent emergent rescue, insurance fraud… CS589: Access Control and System Security 11/12/2018

7 Diffie–Hellman key exchange
This system partly utilizes the DH key exchange as the credential communication between reader and device. Diffie–Hellman key exchange (D–H) is a cryptography protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. CS589: Access Control and System Security 11/12/2018

8 DH Specification CS589: Access Control and System Security 11/12/2018

9 Basic Protocol Description
Ultrasonic distance bounding. By measurement of sound signal bonding time, we can calculate the distance between the reader and device. During measurement process of proximity, we can establish a secret key shared by the two sides for further communication. CS589: Access Control and System Security 11/12/2018

10 CS589: Access Control and System Security
11/12/2018

11 Security Analysis If the attacker(malicious reader or device) actual location is beyond the accepted range, he has to guess every bit of Nv or Np in advance, which can shorten the time(t2 –t1 or t4 –t3) in order to deceit the device or reader. So we have to confirm that the Nonce is highly stochastic. In this case, the attacker’s accurate guessing is almost impossible. CS589: Access Control and System Security 11/12/2018

12 Protocol Defect My Personal Opinion
In the proximity prove process, the hacker can receive the Nv and (Nv ⊕ gp). And then, because the public base g is known by the attacker, he can decrypt the private key p. In the proximity verification process, the hacker can receive the Np and (Np ⊕ gv). And then, because the public base g is known by the attacker, he can decrypt the private key v. Therefore, the secret public key gpv is hacked by the attacker. CS589: Access Control and System Security 11/12/2018

13 Protocol Extension Combination of the credential and proximity-based solution: Scenario 1: the credential is stolen or duplicated. Scenario 2: the patient doesn’t carry his credential. Scenario 3: the patient is not able to provide credential in emergency. Two mode of operation: Normal mode (credential and proximity-based). Emergency mode (only proximity-based). CS589: Access Control and System Security 11/12/2018

14 Normal Mode In this case, the patient will carry a credential (USB token, smart card, password, etc.) that share a secret key kshared with the IMD. Secondly, reader and device will initiate a process of rapid bit exchange to confirm the proximity. For example, the request with a distance beyond 5 meters will be denied. Finally, after confirming the secret pubic key and proximity, the reader and device are paired. CS589: Access Control and System Security 11/12/2018

15 Emergency Mode In this case, the credential is missing or the patient can not provide the crucial certification in emergency. Both reader and device verify by the proximity protocol that they are within each other’s security range (at most 4 centimeters) and generate a temporary secret key to communicate. Therefore, this mode deny any request outside the specific ranges, while permit any request unconditionally inside the range. CS589: Access Control and System Security 11/12/2018

16 Proximity-based Commands
There are two kinds of command: Remotely monitor the patient, retrieve data and logs; Modify the IMD parameters and reconfigure the device. So we regard this two command groups as two different security levels. First kind of command is low security level; Second one is high security level. CS589: Access Control and System Security 11/12/2018

17 Proximity-based Commands
CS589: Access Control and System Security 11/12/2018

18 Proximity-based Commands
CS589: Access Control and System Security 11/12/2018

19 Feasibility Experiment
CS589: Access Control and System Security 11/12/2018

20 Conclusion The proximity-based access control is an enforcement and supplement to the classic credential-based access control in IMD. It enhances the security by adding more restriction on IMD access control. CS589: Access Control and System Security 11/12/2018

21 Questions and Comments
? ! CS589: Access Control and System Security 11/12/2018

Download ppt "Proximity-based Access Control for Implantable Medical Devices"

Similar presentations

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)

Packet Leashes: Defense Against Wormhole Attacks Authors: Yih-Chun Hu (CMU), Adrian Perrig (CMU), David Johnson (Rice)
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Secure Localization using Dynamic Verifiers Nashad A. Safa Joint Work With S. Sarkar, R. Safavi-Naini and M.Ghaderi.

Secure Localization using Dynamic Verifiers Nashad A. Safa Joint Work With S. Sarkar, R. Safavi-Naini and M.Ghaderi.
Copyright © 1995-2003 Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.

Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses Zac Chupka Jeff Signore.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.

D ATABASE S ECURITY Proposed by Abdulrahman Aldekhelallah University of Scranton – CS521 Spring2015.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Chapter 10: Authentication Guide to Computer Network Security.

Chapter 10: Authentication Guide to Computer Network Security.
Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.

Secure Localization Algorithms for Wireless Sensor Networks proposed by A. Boukerche, H. Oliveira, E. Nakamura, and A. Loureiro (2008) Maria Berenice Carrasco.
Introduction Implantable Medical Devices (IMDs) are vulnerable to exploitation (last paper) Unauthorized data retrieval Malicious commands Millions of.

Introduction Implantable Medical Devices (IMDs) are vulnerable to exploitation (last paper) Unauthorized data retrieval Malicious commands Millions of.
Integrity-regions: Authentication Through Presence in Wireless Networks Srdjan Čapkun 1 and Mario Čagalj 2 1 Department of Computer Science, ETH Zurich.

Integrity-regions: Authentication Through Presence in Wireless Networks Srdjan Čapkun 1 and Mario Čagalj 2 1 Department of Computer Science, ETH Zurich.
Security and Privacy for Implantable Medical Devices Presented by : Dilip Simha.C.R.

Security and Privacy for Implantable Medical Devices Presented by : Dilip Simha.C.R.
Lecture 11: Strong Passwords

Lecture 11: Strong Passwords
Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.
SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.

SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.
Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Similar presentations

Ads by Google