Abstract
An increasing amount of medical devices, such as pacemakers or insulin pumps, can communicate in wireless Body Area Networks (BANs). While this facilitates the interaction between users and medical devices, something that was previously more complicated or - in the case of implanted devices - often impossible, it also raises security and privacy questions. We exploit the wide availability of ballistocardiographs (BCG) and electrocardiographs (ECG) in consumer wearables and propose MEDISCOM, an ad-hoc, implicit, and secure communication protocol for medical devices in local BANs. Deriving common secret keys from a body's BCG or ECG signal, MEDISCOM ensures confidentiality and integrity of sensitive medical data. It also continuously authenticates devices, requiring no explicit user interaction and maintaining a low computational overhead. We consider relevant attack vectors and show how MEDISCOM is resilient towards them. Also, we validate the security of our protocol's secret keys on BCG and ECG data from 29 subjects.
Original language | English |
---|---|
Title of host publication | 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events, PerCom Workshops 2021 |
Publisher | IEEE |
Pages | 207-212 |
Number of pages | 6 |
ISBN (Electronic) | 978-1-6654-0424-2 |
DOIs | |
Publication status | Published - 25 May 2021 |
MoE publication type | A4 Conference publication |
Event | IEEE International Conference on Pervasive Computing and Communications Workshops - Kassel, Germany Duration: 22 Mar 2021 → 26 Mar 2021 https://www.percom.org/ |
Publication series
Name | IEEE international conference on pervasive computing and communications workshops |
---|---|
Publisher | IEEE |
Conference
Conference | IEEE International Conference on Pervasive Computing and Communications Workshops |
---|---|
Abbreviated title | PerCom Workshops |
Country/Territory | Germany |
City | Kassel |
Period | 22/03/2021 → 26/03/2021 |
Internet address |
Keywords
- embedded and mobile devices
- health data
- pervasive computing
- protocol
- usable security