Abstract
After two recent security attacks against implantable medical devices (IMDs) have been reported, the privacy and security risks of IMDs have been widely recognized in the medical device market and research community, since the malfunctioning of IMDs might endanger the patient's life. During the last few years, a lot of researches have been carried out to address the security-related issues of IMDs, including privacy, safety, and accessibility issues. A physician accesses IMD through an external device called a programmer, for diagnosis and treatment. Hence, cryptographic key management between IMD and programmer is important to enforce a strict access control. In this paper, a new security architecture for the security of IMDs is proposed, based on a 3-Tier security model, where the programmer interacts with a Hospital Authentication Server, to get permissions to access IMDs. The proposed security architecture greatly simplifies the key management between IMDs and programmers. Also proposed is a security mechanism to guarantee the authenticity of the patient data collected from IMD and the nonrepudiation of the physician's treatment based on it. The proposed architecture and mechanism are analyzed and compared with several previous works, in terms of security and performance.
Highlights
Implantable medical devices (IMDs), such as implantable cardiac defibrillators, insulin pumps, and neurostimuli, monitor chronic disorder within the body and perform lifecritical functions to treat cardiac arrhythmia, diabetes, and Parkinson’s disease
The privacy and security risks of IMDs have been widely recognized in the medical device market and research community [3], after two experimental security attacks have been reported, against a commercial implantable cardiac defibrillator and an insulin pump [4, 5]
The privacy and security issues of IMDs have been widely recognized in the medical device market and research community, and a lot of researches have been carried out to address the privacy and security issues of IMDs
Summary
Implantable medical devices (IMDs), such as implantable cardiac defibrillators, insulin pumps, and neurostimuli, monitor chronic disorder within the body and perform lifecritical functions to treat cardiac arrhythmia, diabetes, and Parkinson’s disease. The IMD security should either be based on lighter-weight symmetric encryption and authentication schemes [4, 7, 8] or employ a resource-rich personal device (e.g., smart phone) to mediate communication between an IMD and an external programmer [9,10,11]. Another approach for the IMD security is associated with the accessibility issues of IMDs, when an BioMed Research International emergency situation occurs. Various features of the security mechanism proposed for the IMD security are analyzed in Section 6 and compared with other research works in terms of security and performance
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
