论文信息 - Cloud-Based Secure Logger for Medical Devices

Cloud-Based Secure Logger for Medical Devices

A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of medical device and patient information allows efficient forensic analysis in cases of adverse events or attacks on interoperable medical devices. A secure logger as such must meet requirements of confidentiality and integrity of message logs and provide tamper-detection and tamper-evidence. In this paper, we propose a design for such a cloud-based secure logger using the Intel Software Guard Extensions (SGX) and the Trusted Platform Module (TPM). The proposed logger receives medical device information from a dongle attached to a medical device. The logger relies on SGX, TPM and standard encryption to maintain a secure communication channel even on an untrusted network and operating system. We also show that the logger is resilient against different kinds of attacks such as Replay attacks, Injection attacks and Eavesdropping attacks.

[1] Bruce Schneier,et al. Cryptographic Support for Secure Logs on Untrusted Machines , 1998, USENIX Security Symposium.

[2] Michael Gertz,et al. A General Model for Authenticated Data Structures , 2004, Algorithmica.

[3] Srinivas Devadas,et al. Virtual monotonic counters and count-limited objects using a TPM without a trusted OS , 2006, STC '06.

[4] Andreas Haeberlen,et al. PeerReview: practical accountability for distributed systems , 2007, SOSP.

[5] Dan S. Wallach,et al. Efficient Data Structures For Tamper-Evident Logging , 2009, USENIX Security Symposium.

[6] Hovav Shacham,et al. Comprehensive Experimental Analyses of Automotive Attack Surfaces , 2011, USENIX Security Symposium.

[7] Karl Henrik Johansson,et al. Attack models and scenarios for networked control systems , 2012, HiCoNS '12.

[8] Kenneth G. Paterson,et al. On the Security of the TLS Protocol: A Systematic Analysis , 2013, IACR Cryptol. ePrint Arch..

[9] Ittai Anati,et al. Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[10] David Arney,et al. OpenICE: An open, interoperable platform for medical cyber-physical systems , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).

[11] Paul England,et al. Continuous Tamper-Proof Logging Using TPM 2.0 , 2014, TRUST.

[12] J. D. Osborn,et al. Trusted Platform Module Evolution , 2015 .

[13] Srinivas Devadas,et al. Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..