Security and Privacy for Implantable Medical Devices

Protecting implantable medical devices against attack without compromising patient health requires balancing security and privacy goals with traditional goals such as safety and utility. Implantable medical devices monitor and treat physiological conditions within the body. These devices - including pacemakers, implantable cardiac defibrillators (ICDs), drug delivery systems, and neurostimulators - can help manage a broad range of ailments, such as cardiac arrhythmia, diabetes, and Parkinson's disease. IMDs' pervasiveness continues to swell, with upward of 25 million US citizens currently reliant on them for life-critical functions. Growth is spurred by geriatric care of the aging baby-boomer generation, and new therapies continually emerge for chronic conditions ranging from pediatric type 1 diabetes to anorgasmia and other sexual dysfunctions. Moreover, the latest IMDs support delivery of telemetry for remote monitoring over long-range, high-bandwidth wireless links, and emerging devices will communicate with other interoperating IMDs.

[1]  Joseph S Alpert,et al.  Recommendations from the Heart Rhythm Society Task Force on Device Performance Policies and Guidelines Endorsed by the American College of Cardiology Foundation (ACCF) and the American Heart Association (AHA) and the International Coalition of Pacing and Electrophysiology Organizations (COPE). , 2006, Heart rhythm.

[2]  A. Juels,et al.  The security implications of VeriChip cloning. , 2006, Journal of the American Medical Informatics Association : JAMIA.

[3]  Paul F. Syverson,et al.  High-Power Proxies for Enhancing RFID Privacy and Utility , 2005, Privacy Enhancing Technologies.

[4]  S. Sastry,et al.  Security and Privacy Issues with Health Care Information Technology , 2006, 2006 International Conference of the IEEE Engineering in Medicine and Biology Society.

[5]  Marco Gruteser,et al.  A Methodological Assessment of Location Privacy Risks in Wireless Hotspot Networks , 2003, SPC.

[6]  Z. Wang,et al.  MICS transceivers: regulatory standards and applications [medical implant communications service] , 2005, Proceedings. IEEE SoutheastCon, 2005..

[7]  James A. Landay,et al.  Privacy risk models for designing privacy-sensitive ubiquitous computing systems , 2004, DIS '04.

[8]  Sandeep K. S. Gupta,et al.  Criticality aware access control model for pervasive applications , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[9]  Maria L. Gini,et al.  Implantable medical devices as agents and part of multiagent systems , 2006, AAMAS '06.

[10]  Markus Jakobsson,et al.  Security Weaknesses in Bluetooth , 2001, CT-RSA.

[11]  Lujo Bauer,et al.  Device-Enabled Authorization in the Grey System ¶ , 2006 .

[12]  Bruce Schneier,et al.  Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[13]  Nancy G. Leveson,et al.  An investigation of the Therac-25 accidents , 1993, Computer.

[14]  Ari Juels,et al.  $evwu Dfw , 1998 .

[15]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[16]  Sandeep K. S. Gupta,et al.  Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..

[17]  Andrew S. Tanenbaum,et al.  RFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management , 2005, ACISP.