Design and implementation of a secure wireless mote-based medical sensor network

A medical sensor network can wirelessly monitor vital signs of humans, making it useful for long-term health care without sacrificing patient comfort and mobility. For such a network to be viable, its design must protect data privacy and authenticity given that medical data are highly sensitive. We identify the unique security challenges facing such a sensor network and propose a set of resource-efficient mechanisms to address these challenges. Our solution includes (1) a novel two-tier scheme for verifying the authenticity of patient data; (2) an ECC-based secure key exchange protocol to set up shared keys between sensor nodes and base stations; and (3) symmetric encryption/decryption for protecting data confidentiality and integrity. We have implemented the proposed mechanisms on a wireless mote platform and our results confirm their feasibility.

[1]  D. Tzivoni,et al.  Early detection of silent ischaemic heart disease by 24-hour electrocardiographic monitoring of active subjects. , 1974, British heart journal.

[2]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[3]  Bo Sheng,et al.  WM-ECC: an Elliptic Curve Cryptography Suite on Sensor Motes , 2007 .

[4]  Jong Hyun Lim,et al.  Wireless Medical Sensor Networks in Emergency Response: Implementation and Pilot Results , 2008, 2008 IEEE Conference on Technologies for Homeland Security.

[5]  Jeffrey M. Hausdorff,et al.  Physionet: Components of a New Research Resource for Complex Physiologic Signals". Circu-lation Vol , 2000 .

[6]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[7]  Michael D. Smith,et al.  A public-key infrastructure for key distribution in TinyOS based on elliptic curve cryptography , 2004, 2004 First Annual IEEE Communications Society Conference on Sensor and Ad Hoc Communications and Networks, 2004. IEEE SECON 2004..

[8]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[9]  Scott F. Midkiff,et al.  Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses , 2008, IEEE Pervasive Computing.

[10]  Peng Ning,et al.  2008 International Conference on Information Processing in Sensor Networks TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks ∗ , 2022 .

[11]  Matt Welsh,et al.  Sensor networks for medical care , 2005, SenSys '05.

[12]  Margaret Martonosi,et al.  Data compression algorithms for energy-constrained devices in delay tolerant networks , 2006, SenSys '06.

[13]  Ying Bai,et al.  An ultra-wearable, wireless, low power ECG monitoring system , 2006, 2006 IEEE Biomedical Circuits and Systems Conference.

[14]  Lui Sha,et al.  I-Living: An Open System Architecture for Assisted Living , 2006, 2006 IEEE International Conference on Systems, Man and Cybernetics.

[15]  Sandeep K. S. Gupta,et al.  Security solutions for pervasive healthcare , 2007 .

[16]  S. C. Shantz From Euclid's GCD to Montgomery Multiplication to the Great Divide , 2001 .

[17]  Margaret E. Morris,et al.  Embedded Assessment: Overcoming Barriers to Early Detection with Pervasive Computing , 2005, Pervasive.

[18]  Elaine B. Barker,et al.  SP 800-56A. Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography (Revised) , 2007 .

[19]  David Chaum,et al.  Group Signatures , 1991, EUROCRYPT.

[20]  Qiang Huang,et al.  Fast authenticated key establishment protocols for self-organizing sensor networks , 2003, WSNA '03.

[21]  Burton S. Kaliski,et al.  PKCS #5: Password-Based Cryptography Specification Version 2.0 , 2000, RFC.

[22]  Chang-Gun Lee,et al.  PAS: A Wireless-Enabled, Sensor-Integrated Personal Assistance System for Independent and Assisted Living , 2007, 2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability (HCMDSS-MDPnP 2007).

[23]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[24]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.