Securing access to next generation IP-enabled pacemakers and ICDs using Ladon

The upcoming development of the Internet of Things IoT envisions IP-enabled pacemakers and ICDs, giving place to a completely new scenario in the field of remote monitoring of patients implanted with these devices. Apart from the costs saved thanks to the reduction of in-clinic visits, this new approach will help improving the quality of life of chronic patients that depend on such devices. However, this scenario cannot be conceived without an effective mechanism to protect the privacy of the health information collected by implanted sensors, understanding privacy as the capacity to determine when, how and to what extent information is communicated to others. In this paper, we show how the Ladon authentication, authorization and key establishment protocol can be successfully applied to achieve this purpose. The Ladon protocol is based on Kerberos, but appropriately modified and extended to support independence of clock synchronization and authorization functionalities. In order to demonstrate the feasibility of introducing Ladon in the targeted scenarios, a prototype implementation based on general purpose sensors has been developed. The obtained results show that the performance penalty introduced by the protocol in terms of energy and time consumption is negligible.

[1]  Wenjing Lou,et al.  LEDS: Providing Location-Aware End-to-End Data Security in Wireless Sensor Networks , 2008, IEEE Trans. Mob. Comput..

[2]  M. Luk,et al.  MiniSec: A Secure Sensor Network Communication Architecture , 2007, 2007 6th International Symposium on Information Processing in Sensor Networks.

[3]  Dan Stoianovici,et al.  Technology Insight: telementoring and telesurgery in urology , 2006, Nature Clinical Practice Urology.

[4]  Mihir Bellare,et al.  The Security of the Cipher Block Chaining Message Authentication Code , 2000, J. Comput. Syst. Sci..

[5]  Michel Chauvin,et al.  Potential Cost Savings by Telemedicine‐Assisted Long‐Term Care of Implantable Cardioverter Defibrillator Recipients , 2005, Pacing and clinical electrophysiology : PACE.

[6]  Sushil Jajodia,et al.  LEAP+: Efficient security mechanisms for large-scale distributed sensor networks , 2006, TOSN.

[7]  Lan Wang,et al.  Securing wireless implantable devices for healthcare: Ideas and challenges , 2009, IEEE Communications Magazine.

[8]  Mahdi Tavakoli,et al.  Effects of Latency on Telesurgery: An Experimental Study , 2005, MICCAI.

[9]  J. Cleland,et al.  Telemonitoring or structured telephone support programmes for patients with chronic heart failure: systematic review and meta-analysis , 2007, BMJ : British Medical Journal.

[10]  Marivi Higuero,et al.  Ladon1: end-to-end authorisation support for resource-deprived environments , 2012, IET Inf. Secur..

[11]  Mihir Bellare,et al.  A concrete security treatment of symmetric encryption , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[12]  B. Clifford Neuman,et al.  Proxy-based authorization and accounting for distributed systems , 1993, [1993] Proceedings. The 13th International Conference on Distributed Computing Systems.

[13]  Kang G. Shin,et al.  LiSP: A lightweight security protocol for wireless sensor networks , 2004, TECS.

[14]  P.D. Bradley,et al.  An ultra low power, high performance Medical Implant Communication System (MICS) transceiver for implantable devices , 2006, 2006 IEEE Biomedical Circuits and Systems Conference.

[15]  J. Ornato,et al.  ACC/AHA/HRS 2008 Guidelines for device-based therapy of cardiac rhythm abnormalities. , 2008, Heart rhythm.

[16]  Sungyoung Lee,et al.  LSec: Lightweight Security Protocol for Distributed Wireless Sensor Network , 2006, PWC.

[17]  Amir Hossein Jahangir,et al.  Time and energy cost analysis of Kerberos security protocol in Wireless Sensor Networks , 2011, 2011 7th International Conference on Information Assurance and Security (IAS).

[18]  François-Xavier Standaert,et al.  On the Energy Cost of Communication and Cryptography in Wireless Sensor Networks , 2008, 2008 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications.

[19]  Claudia Stöllberger,et al.  Guidelines for device-based therapy of cardiac rhythm abnormalities. , 2009, Heart rhythm.

[20]  Adrian Perrig,et al.  PIKE: peer intermediaries for key establishment in sensor networks , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[21]  Mohamed F. Younis,et al.  A low-energy key management protocol for wireless sensor networks , 2003, Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003.

[22]  Johann Großschädl,et al.  The energy cost of cryptographic key establishment in wireless sensor networks , 2007, ASIACCS '07.

[23]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[24]  Denis Pinkas,et al.  SESAME: The solution to security for open distributed systems , 1994, Comput. Commun..

[25]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[26]  Sushil Jajodia,et al.  A logic-based framework for attribute based access control , 2004, FMSE '04.

[27]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[28]  John T. Kohl,et al.  The Kerberos Network Authentication Service (V5 , 2004 .

[29]  Frank Mueller,et al.  Encryption overhead in embedded systems and sensor network nodes: modeling and analysis , 2003, CASES '03.

[30]  Tongtong Li,et al.  An energy efficient link-layer security protocol for wireless sensor networks , 2007, 2007 IEEE International Conference on Electro/Information Technology.

[31]  H. Kottkamp,et al.  A prospective multicenter comparison trial of Home Monitoring against regular follow-up in madit ii patients: Additional visits and cost impact , 2006, 2006 Computers in Cardiology.

[32]  Hugo Ector,et al.  Current use of pacemakers, implantable cardioverter defibrillators, and resynchronization devices: data from the registry of the European Heart Rhythm Association , 2007 .

[33]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.