Wearable security: Key derivation for Body Area sensor Networks based on host movement

Oberoi, Dhruv; Sou, Wing Yan; Lui, Yin Yi; Fisher, Roy; Dinca, Lavinia Mihaela; Hancke, Gerhard P.

doi:10.1109/isie.2016.7745050

Cited by 14 publications

(5 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition, biometrics, such as electrocardiograms, physiological values (PVs), heart rate [138], glucose level and blood pressure, can all be used for key generation for encrypted communication in the body sensor network (BSN) [134]. In addition, patients' movement can be another property by which keys are derived [123].…”

Section: Medical Devices Controlsmentioning

confidence: 99%

Cyber-Physical Systems Security—A Survey

Humayed

Lin

et al. 2017

IEEE Internet Things J.

833

358

View full text Add to dashboard Cite

Abstract-With the exponential growth of cyber-physical systems (CPS), new security challenges have emerged. Various vulnerabilities, threats, attacks, and controls have been introduced for the new generation of CPS. However, there lack a systematic study of CPS security issues. In particular, the heterogeneity of CPS components and the diversity of CPS systems have made it very difficult to study the problem with one generalized model.In this paper, we capture and systematize existing research on CPS security under a unified framework. The framework consists of three orthogonal coordinates: (1) from the security perspective, we follow the well-known taxonomy of threats, vulnerabilities, attacks and controls; (2)from the CPS components perspective, we focus on cyber, physical, and cyber-physical components; and (3) from the CPS systems perspective, we explore general CPS features as well as representative systems (e.g., smart grids, medical CPS and smart cars). The model can be both abstract to show general interactions of a CPS application and specific to capture any details when needed. By doing so, we aim to build a model that is abstract enough to be applicable to various heterogeneous CPS applications; and to gain a modular view of the tightly coupled CPS components. Such abstract decoupling makes it possible to gain a systematic understanding of CPS security, and to highlight the potential sources of attacks and ways of protection.

show abstract

Section: Medical Devices Controlsmentioning

confidence: 99%

Cyber-Physical Systems Security—A Survey

Humayed

Lin

et al. 2017

IEEE Internet Things J.

833

358

View full text Add to dashboard Cite

show abstract

“…The authors focus on a key agreement and not on continuous authenticity and de-authentication. Another similar work is [11]. The authors focus on an implicit key agreement in BANs, but not on the devices' interactions after this agreement.…”

Section: Related Workmentioning

confidence: 99%

BCG & ECG-based secure communication for medical devices in Body Area Networks

Beck

Zuo

Sigg

2021

2021 IEEE International Conference on Pervasive Computing and Communications Workshops and Other Affiliated Events (PerCom Work

View full text Add to dashboard Cite

An increasing amount of medical devices, such as pacemakers or insulin pumps, can communicate in wireless Body Area Networks (BANs). While this facilitates the interaction between users and medical devices, something that was previously more complicated or -in the case of implanted devices -often impossible, it also raises security and privacy questions. We exploit the wide availability of ballistocardiographs (BCG) and electrocardiographs (ECG) in consumer wearables and propose MEDISCOM, an ad-hoc, implicit, and secure communication protocol for medical devices in local BANs. Deriving common secret keys from a body's BCG or ECG signal, MEDISCOM ensures confidentiality and integrity of sensitive medical data. It also continuously authenticates devices, requiring no explicit user interaction and maintaining a low computational overhead. We consider relevant attack vectors and show how MEDISCOM is resilient towards them. Also, we validate the security of our protocol's secret keys on BCG and ECG data from 29 subjects.

show abstract

“…These protocols might rely on external factors with respect to the human user such as the radio environment [10][11][12], the acoustic surroundings [13,14], or other random physical patterns [15][16][17][18]. However, numerous context-based pairing research works in the field of wireless body area network (WBAN) rely on specific human-centric biometrics that are extracted by the sensors attached to the user which is more suitable for the implantable medical devices (IMD) [19][20][21][22]. These collected random features are used as the secure element in the protocol execution.…”

Section: Introductionmentioning

confidence: 99%

Security Analysis of Out‐of‐Band Device Pairing Protocols: A Survey

Khalfaoui

Leneutre

Villard

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Numerous secure device pairing (SDP) protocols have been proposed to establish a secure communication between unidentified IoT devices that have no preshared security parameters due to the scalability requirements imposed by the ubiquitous nature of the IoT devices. In order to provide the most user-friendly IoT services, the usability assessment has become the main requirement. Thus, the complete security analysis has been replaced by a sketch of a proof to partially validate the robustness of the proposal. The few existing formal or computational security verifications on the SDP schemes have been conducted based on the assessment of a wide variety of uniquely defined security properties. Therefore, the security comparison between these protocols is not feasible and there is a lack of a unified security analysis framework to assess these pairing techniques. In this paper, we survey a selection of secure device pairing proposals that have been formally or computationally verified. We present a systematic description of the protocol assumptions, the adopted verification model, and an assessment of the verification results. In addition, we normalize the used taxonomy in order to enhance the understanding of these security validations. Furthermore, we refine the adversary capabilities on the out-of-band channel by redefining the replay capability and by introducing a new notion of delay that is dependent on the protocol structure that is more adequate for the ad hoc pairing context. Also, we propose a classification of a number of out-of-band channels based on their security properties and under our refined adversary model. Our work motivates the future SDP protocol designer to conduct a formal or a computational security assessment to allow the comparability between these pairing techniques. Furthermore, it provides a realistic abstraction of the adversary capabilities on the out-of-band channel which improves the modeling of their security characteristics in the protocol verification tools.

show abstract

Wearable security: Key derivation for Body Area sensor Networks based on host movement

Cited by 14 publications

References 19 publications

Cyber-Physical Systems Security—A Survey

Cyber-Physical Systems Security—A Survey

BCG & ECG-based secure communication for medical devices in Body Area Networks

Security Analysis of Out‐of‐Band Device Pairing Protocols: A Survey

Contact Info

Product

Resources

About