Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

Park, Chang-Seop

doi:10.1155/2014/543051

Cited by 15 publications

(14 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The information technology community has given some degree of recognition to medical implant information security vulnerabilities, as detailed in Secure implant design, but the topic has only been discussed seriously in the biomedical literature recently [27][28][29] and there are no detailed discussions of the risks specific to neurological implants beyond a single forward-thinking but brief review published several years ago 3 .…”

Section: And Us Vice President Dickmentioning

confidence: 99%

“…Several design constraints exist that necessitate trade-offs between neurosecurity and other desirable features of IPGs. These trade-offs and challenges, along with specific methods of attack and desirable security features for future devices, have been discussed in greater detail elsewhere [27][28][29][77][78][79] , therefore this section will consider the factors most relevant to clinical practice -battery life and practicality.…”

Section: Secure Implant Designmentioning

confidence: 99%

“…Several potential security solutions exist although, as detailed below, many are subject to limitations. Specific solutions include improved auditing 84 , rolling code cryptography 77 , server-based cryptographic key management 28 , formal verification of device software 85 , proximity-based authentication 86,87 , and "communication cloaker" or "shield" wearable devices that mediate secure communication between programmer and implant 88,89 . For more detail, see Camara et al (2015) 27 .…”

Section: Secure Implant Designmentioning

confidence: 99%

See 2 more Smart Citations

Brainjacking: Implant Security Issues in Invasive Neuromodulation

et al. 2016

View full text Add to dashboard Cite

The security of medical devices is critical to good patient care, especially when the devices are implanted. In light of recent developments in information security, there is reason to be concerned that medical implants are vulnerable to attack. The ability of attackers to exert malicious control over brain implants ("brainjacking") has unique challenges that we address in this review, with particular focus on deep brain stimulation implants. To illustrate the potential severity of this risk, we identify several mechanisms through which attackers could manipulate patients if unauthorized access to an implant can be achieved. These include blind attacks in which the attacker requires no patient-specific knowledge and targeted attacks that require patient-specific information. Blind attacks include cessation of stimulation, draining implant batteries, inducing tissue damage, and information theft. Targeted attacks include impairment of motor function, alteration of impulse control, modification of emotions or affect, induction of pain, and modulation of the reward system. We also discuss the limitations inherent in designing implants and the trade-offs that must be made to balance device security with battery life and practicality. We conclude that researchers, clinicians, manufacturers, and regulatory bodies should cooperate to minimize the risk posed by brainjacking.

show abstract

Section: And Us Vice President Dickmentioning

confidence: 99%

Section: Secure Implant Designmentioning

confidence: 99%

Section: Secure Implant Designmentioning

confidence: 99%

See 1 more Smart Citation

Brainjacking: Implant Security Issues in Invasive Neuromodulation

et al. 2016

View full text Add to dashboard Cite

show abstract

“…To deal with these concerns, several approaches protecting IMDs were proposed in the literature. In [1,5], a 3-tier architecture, which integrates in addition to the IMDs and the programmers, an Authentication Server, was proposed. This server allows authenticating programmers and distributing credentials (useful for establishing secure communication with the IMD).…”

Section: Introductionmentioning

confidence: 99%

A Secure and Investigation aware Smart Healthcare Cyber Physical System

Boudriga¹,

Ellouze²,

Rekhis³

2016

Fourth International Conference on Advances in Computing, Communication and Information Technology CCIT- 2016

View full text Add to dashboard Cite

Abstract-The aim of this research is to develop a Smart Healthcare Cyber Physical System (CPS) which allows to: a) enhance the responsiveness of implantable medical systems to health abnormalities; b) protect the patients from security threats and attacks from outsiders; c) provide a remote supervision of the patients' health, and of the vital equipment that he/she wears; and d) forensically generate evidentiary data to promote the forensic investigation of healthcare attacks. In this paper, we define the CPS architecture together with the functions it implements. A mutual authentication protocol between the CPS and the remote physician is proposed. A technique for the investigation of healthcare attacks on that CPS using incident response cognitive maps is also described.

show abstract

“…Various types of cyber-attacks have recently been attempted on biomedical information systems [1, 2]. This is mainly because the personal records included in biomedical systems represent valuable financial information.…”

Section: Introductionmentioning

confidence: 99%

Method for Detecting Core Malware Sites Related to Biomedical Information Systems

Kim

Choi

Jin

2015

Computational and Mathematical Methods in Medicine

View full text Add to dashboard Cite

Most advanced persistent threat attacks target web users through malicious code within landing (exploit) or distribution sites. There is an urgent need to block the affected websites. Attacks on biomedical information systems are no exception to this issue. In this paper, we present a method for locating malicious websites that attempt to attack biomedical information systems. Our approach uses malicious code crawling to rearrange websites in the order of their risk index by analyzing the centrality between malware sites and proactively eliminates the root of these sites by finding the core-hub node, thereby reducing unnecessary security policies. In particular, we dynamically estimate the risk index of the affected websites by analyzing various centrality measures and converting them into a single quantified vector. On average, the proactive elimination of core malicious websites results in an average improvement in zero-day attack detection of more than 20%.

show abstract

Security Mechanism Based on Hospital Authentication Server for Secure Application of Implantable Medical Devices

Cited by 15 publications

References 14 publications

Brainjacking: Implant Security Issues in Invasive Neuromodulation

Brainjacking: Implant Security Issues in Invasive Neuromodulation

A Secure and Investigation aware Smart Healthcare Cyber Physical System

Method for Detecting Core Malware Sites Related to Biomedical Information Systems

Contact Info

Product

Resources

About