Biometric-based authentication scheme for Implantable Medical Devices during emergency situations

Abstract Biometric recognition and analysis are among the most trusted features to be used by Implantable Medical Devices (IMDs). We aim to secure these devices by using these features in emergency scenarios. As patients can witness unpredictable lethal accidents, any implantable medical device should allow access to urgent medical interventions from legitimate parties. Any delay in providing immediate medical support can endanger the patient’s life. Hence, we propose in this work an authentication scheme that allows access to the implanted devices in emergency situations for only legitimate users. We have designed in the first place a scheme for authentication using Electrocardiogram instantaneous readings. Then, we joined the latter to a fixed biometric reading, which is fingerprint reading, to enable access to emergency medical teams. We have designed a scheme in a way to prevent attackers from accessing/hijacking the device even during emergency situations. This scheme has been assisted with elliptic curve cryptography to protect the wireless exchange of requested keys. The scheme relies on the instantaneous reading of the patient’s heartbeat and his/her fingerprint reading to create a secure key. This key will validate the authentication request of the new medical team. We have analyzed this scheme deeply to verify that they offer the necessary security for the patient’s life. We have tested if the wireless exchange of the key will expose the device’s privacy. We have also tested the accuracy of the authentication process to ensure a safe and a valid performance of the authentication process. The scheme has been designed with consideration to any hardware/software limitation that characterize any implantable medical device.

[1]  K. Lauter,et al.  The advantages of elliptic curve cryptography for wireless security , 2004, IEEE Wireless Communications.

[2]  Duc Minh Nguyen,et al.  A local feature vector for an adaptive hybrid fingerprint matcher , 2017, 2017 International Conference on Information and Communications (ICIC).

[3]  Madhuchhanda Mitra,et al.  ECG Acquisition and Automated Remote Processing , 2013 .

[4]  Tariq M. Khan,et al.  Efficient hardware implementation strategy for local normalization of fingerprint images , 2016, Journal of Real-Time Image Processing.

[5]  Xiaojiang Du,et al.  DLRT: Deep Learning Approach for Reliable Diabetic Treatment , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[6]  Mohsen Guizani,et al.  Transactions papers a routing-driven Elliptic Curve Cryptography based key management scheme for Heterogeneous Sensor Networks , 2009, IEEE Transactions on Wireless Communications.

[7]  Satishkumar Chavan,et al.  Fingerprint authentication using Gabor filter based matching algorithm , 2015, 2015 International Conference on Technologies for Sustainable Development (ICTSD).

[8]  Emad Alsusa,et al.  On the application of the fast Hadamard transform in Polar codes , 2016, 2016 IEEE 17th International Workshop on Signal Processing Advances in Wireless Communications (SPAWC).

[9]  Tharaka A. Lamahewa,et al.  Propagation Models for Body-Area Networks: A Survey and New Outlook , 2013, IEEE Antennas and Propagation Magazine.

[10]  Erchin Serpedin,et al.  Physical layer security for wireless implantable medical devices , 2015, 2015 IEEE 20th International Workshop on Computer Aided Modelling and Design of Communication Links and Networks (CAMAD).

[11]  Niraj K. Jha,et al.  Vibration-based secure side channel for medical devices , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[12]  S. Christalin Nelson,et al.  Location and Energy Based Hierarchical Dynamic Key Management Protocol for Wireless Sensor Networks , 2017 .

[13]  Magdin Martin,et al.  Biometrics Authentication of Fingerprint with Using Fingerprint Reader and Microcontroller Arduino , 2018 .

[14]  Luca Viganò,et al.  Automated Security Protocol Analysis With the AVISPA Tool , 2006, MFPS.

[15]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[16]  Xiaojiang Du,et al.  Salt Generation for Hashing Schemes based on ECG readings for Emergency Access to Implantable Medical Devices , 2018, 2018 International Symposium on Networks, Computers and Communications (ISNCC).

[17]  Axel Munk,et al.  Security Considerations in Minutiae-Based Fuzzy Vaults , 2015, IEEE Transactions on Information Forensics and Security.

[18]  Pravin Yannawar,et al.  Fingerprint Recognition for Person Identification and Verification Based on Minutiae Matching , 2016, 2016 IEEE 6th International Conference on Advanced Computing (IACC).

[19]  Xiaojiang Du,et al.  Symmetric Encryption Relying on Chaotic Henon System for Secure Hardware-Friendly Wireless Communication of Implantable Medical Systems , 2018, J. Sens. Actuator Networks.

[20]  Jiankun Hu,et al.  A Security-Enhanced Alignment-Free Fuzzy Vault-Based Fingerprint Cryptosystem Using Pair-Polar Minutiae Structures , 2016, IEEE Transactions on Information Forensics and Security.

[21]  T. Aziz,et al.  Security of implantable medical devices with wireless connections: The dangers of cyber-attacks , 2018, Expert review of medical devices.

[22]  Xiaojiang Du,et al.  New Plain-Text Authentication Secure Scheme for Implantable Medical Devices with Remote Control , 2017, GLOBECOM 2017 - 2017 IEEE Global Communications Conference.

[23]  George Despotou,et al.  The Challenges of Balancing Safety and Security in Implantable Medical Devices , 2016, ICIMTH.

[24]  Wei Lin,et al.  An authentication protocol for wearable medical devices , 2017, 2017 13th International Conference and Expo on Emerging Technologies for a Smarter World (CEWIT).

[25]  Guozhen Tan,et al.  A novel key generation method for wireless sensor networks based on system of equations , 2017, J. Netw. Comput. Appl..

[26]  Zhe Jin,et al.  Generating Fixed-Length Representation From Minutiae Using Kernel Methods for Fingerprint Authentication , 2016, IEEE Transactions on Systems, Man, and Cybernetics: Systems.

[27]  Xiaojiang Du,et al.  PIPAC: Patient infusion pattern based access control scheme for wireless insulin pump system , 2013, 2013 Proceedings IEEE INFOCOM.

[28]  Jiankun Hu,et al.  Biometric Security , 2015 .

[29]  Jaihie Kim,et al.  Partial fingerprint matching using minutiae and ridge shape features for small fingerprint scanners , 2017, Expert Syst. Appl..

[30]  David von Oheimb The High-Level Protocol Specification Language HLPSL developed in the EU project AVISPA , 2005 .

[31]  Vivek Kapoor,et al.  Elliptic curve cryptography , 2008, UBIQ.

[32]  Birgit Pfitzmann,et al.  Symmetric encryption in a simulatable Dolev-Yao style cryptographic library , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[33]  Julian Fiérrez,et al.  Biosec baseline corpus: A multimodal biometric database , 2007, Pattern Recognit..

[34]  Ian F. Blake,et al.  Elliptic curves in cryptography , 1999 .

[35]  Patricia A. H. Williams,et al.  Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem , 2015, Medical devices.

[36]  Chengsheng Yuan,et al.  Fingerprint liveness detection based on multi-scale LPQ and PCA , 2016, China Communications.