e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices

Chi, Haotian; Wu, Lina; Du, Xiaojiang; Zeng, Qiang; Ratazzi, E. Paul

doi:10.1109/cns.2018.8433213

Cited by 8 publications

(10 citation statements)

References 36 publications

(40 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Chi et al’s protocol [ 14 ] e-SAFE aims to provide secure, efficient, and forensics-enabled access to IMDs. The system uses a smartphone as a proxy to undertake most of the security-related tasks and establishes a trusted channel between the IMD and the smartphone by sharing a secret key derived from a master key that is physically inaccessible to attackers.…”

Section: Related Workmentioning

confidence: 99%

APSec1.0: Innovative Security Protocol Design with Formal Security Analysis for the Artificial Pancreas System

Kim

Son

et al. 2023

Sensors

View full text Add to dashboard Cite

The Medical Internet-of-Things (MIoT) has developed revolutionary ways of delivering medical care to patients. An example system, showing increasing demand, is the artificial pancreas system that offers convenience and reliable support care to patients with Type 1 Diabetes. Despite the apparent benefits, the system cannot escape potential cyber threats that may worsen a patient’s condition. The security risks need immediate attention to ensure the privacy of the patient and preserve safe functionality. Motivated by this, we proposed a security protocol for the APS environment wherein support to essential security requirements is guaranteed, the security context negotiation is resource-friendly, and the protocol is resilient to emergencies. Accordingly, the security requirements and correctness of the design protocol were formally verified using BAN logic and AVISPA, and proved its feasibility through the emulation of APS in a controlled environment using commercial off-the-shelf devices. Moreover, the results of our performance analysis indicate that the proposed protocol is more efficient than the other existing works and standards.

show abstract

Section: Related Workmentioning

confidence: 99%

APSec1.0: Innovative Security Protocol Design with Formal Security Analysis for the Artificial Pancreas System

Kim

Son

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…This protocol [25] uses a compressing-based encryption mechanism and public key infrastructure, and other cryptographic protocols, such as RSA, AES, and HMAC. The protocol comprises three participants-IMD, smartphone, and programmer.…”

Section: Chi Et Al's Protocolmentioning

confidence: 99%

“…Next, we used two well-known security verification approaches, BAN logic [21] and AVISPA [22], to formally analyze the authentication protocols. Unfortunately, many security protocols designed for IMDs are not formally verified, or they use only one verification method [23][24][25][26][27][28][29][30].…”

Section: Introductionmentioning

confidence: 99%

Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication Protocols

Duguma

You

Gebremariam

et al. 2021

Sensors

View full text Add to dashboard Cite

The need for continuous monitoring of physiological information of critical organs of the human body, combined with the ever-growing field of electronics and sensor technologies and the vast opportunities brought by 5G connectivity, have made implantable medical devices (IMDs) the most necessitated devices in the health arena. IMDs are very sensitive since they are implanted in the human body, and the patients depend on them for the proper functioning of their vital organs. Simultaneously, they are intrinsically vulnerable to several attacks mainly due to their resource limitations and the wireless channel utilized for data transmission. Hence, failing to secure them would put the patient’s life in jeopardy and damage the reputations of the manufacturers. To date, various researchers have proposed different countermeasures to keep the confidentiality, integrity, and availability of IMD systems with privacy and safety specifications. Despite the appreciated efforts made by the research community, there are issues with these proposed solutions. Principally, there are at least three critical problems. (1) Inadequate essential capabilities (such as emergency authentication, key update mechanism, anonymity, and adaptability); (2) heavy computational and communication overheads; and (3) lack of rigorous formal security verification. Motivated by this, we have thoroughly analyzed the current IMD authentication protocols by utilizing two formal approaches: the Burrows–Abadi–Needham logic (BAN logic) and the Automated Validation of Internet Security Protocols and Applications (AVISPA). In addition, we compared these schemes against their security strengths, computational overheads, latency, and other vital features, such as emergency authentications, key update mechanisms, and adaptabilities.

show abstract

“…Chi et al [10] propose a protocol that relies on the patient's smartphone for the reader access. However, requiring the patient to be in possession of this additional device (i.e., the smartphone) all the time, including during emergencies, puts a significant burden on the patient.…”

Section: Related Workmentioning

confidence: 99%

IMDfence: Architecting a Secure Protocol for Implantable Medical Devices

2020

View full text Add to dashboard Cite

Over the past decade, focus on the security and privacy aspects of implantable medical devices (IMDs) has intensified, driven by the multitude of cybersecurity vulnerabilities found in various existing devices. However, due to their strict computational, energy and physical constraints, conventional security protocols are not directly applicable to IMDs. Custom-tailored schemes have been proposed instead which, however, fail to cover the full spectrum of security features that modern IMDs and their ecosystems so critically require. In this paper we propose IMDfence, a security protocol for IMD ecosystems that provides a comprehensive yet practical security portfolio, which includes availability, non-repudiation, access control, entity authentication, remote monitoring and system scalability. The protocol also allows emergency access that results in the graceful degradation of offered services without compromising security and patient safety. The performance of the security protocol as well as its feasibility and impact on modern IMDs are extensively analyzed and evaluated. We find that IMDfence achieves the above security requirements at a mere less than 7% increase in total IMD energy consumption, and less than 14 ms and 9 kB increase in system delay and memory footprint, respectively.

show abstract

e-SAFE: Secure, Efficient and Forensics-Enabled Access to Implantable Medical Devices

Cited by 8 publications

References 36 publications

APSec1.0: Innovative Security Protocol Design with Formal Security Analysis for the Artificial Pancreas System

APSec1.0: Innovative Security Protocol Design with Formal Security Analysis for the Artificial Pancreas System

Can Formal Security Verification Really Be Optional? Scrutinizing the Security of IMD Authentication Protocols

IMDfence: Architecting a Secure Protocol for Implantable Medical Devices

Contact Info

Product

Resources

About