Rice University researchers propose touch-to-access security for implanted devices
Pacemakers, insulin pumps, defibrillators and other implantable medical devices often have wireless capabilities that allow emergency workers to monitor patients. But these devices have a potential downside: They can be hacked.
Researchers at Rice University have come up with a secure way to dramatically cut the risk that an implanted medical device (IMD) could be altered remotely without authorization.
Their technology would use the patient’s own heartbeat as a kind of password that could only be accessed through touch.
Rice electrical and computer engineer Farinaz Koushanfar and graduate student Masoud Rostami will presentHeart-to-Heart, an authentication system for IMDs, at the Association for Computing Machinery’s Conference on Computer and Communications Security in Berlin in November. They developed the technology with Ari Juels, former chief scientist at RSA Laboratories, a security company in Cambridge, Mass.
IMDs generally lack the kind of password security found on a home Wi-Fi router because emergency medical technicians often need quick access to the information the devices store to save a life, Rostami said. But that leaves the IMDs open to attack.
“If you have a device inside your body, a person could walk by, push a button and violate your privacy, even give you a shock,” he said. “He could make (an insulin pump) inject insulin or update the software of your pacemaker. But our proposed solution forces anybody who wants to read the device to touch you.”
The system would require software in the IMD to talk to the “touch” device, called the programmer. When a medical technician touches the patient, the programmer would pick up an electrocardiogram (EKG) signature from the beating heart. The internal and external devices would compare minute details of the EKG and execute a “handshake.” If signals gathered by both at the same instant match, they become the password that grants the external device access.
“The signal from your heartbeat is different every second, so the password is different each time,” Rostami said. “You can’t use it even a minute later.”
He compared the EKG to a chart of a financial stock. “We’re looking at the minutia,” Rostami said. “If you zoom in on a stock, it ticks up and it ticks down every microsecond. Those fine details are the byproduct of a very complex system and they can’t be predicted.”
A human heartbeat is the same, he said. It seems steady, but on closer view every beat has unique characteristics that can be read and matched. “We treat your heart as if it were a random number generator,” he said.
The system could potentially be used with the millions of IMDs already in use, Koushanfar said. “To our knowledge, this is the first fully secure solution that has small overhead and can work with legacy systems,” she said. “Like any device that has wireless access, we can simply update the software.”
The Latest on: Heartbeat biometric
- Australis Capital Introduces Mobile Cannabis App to Promote Customer Loyalty on April 17, 2019 at 6:00 am
Already used by millions of people around the world in the original Rthm app, COIL’s patented biometric algorithms analyze user sleep, heart rate, and daily activity to see the effects of different ... […]
- Who Owns Your Fingerprint? You Don’t. on April 17, 2019 at 5:45 am
Biometrics allow companies to strengthen their security measures ... would not be allowed to hook players up to machines to test their heart rates or body fat if the bill passed. When the lobbyist ... […]
- Rthm Launches Mobile Cannabis App in the United States Introducing Advanced Loyalty and Revenue Opportunities- COIL™ on April 17, 2019 at 5:30 am
Already used by millions of people around the world in the original Rthm app, COIL's patented biometric algorithms analyze user sleep, heart rate, and daily activity to see the effects of different ... […]
- Planners wrestle with Willow Creek topics on April 17, 2019 at 5:08 am
Planners met first as the Board of Zoning Appeals (BZA) to discuss a request by Dave Hellekson and New Viking Arms to open an internet sales office in an existing building in the heart of Willow Creek ... […]
- Biometric Technology on the Horizon for Resorts on April 16, 2019 at 2:11 am
AccorHotels has used biometric data to find out travelers’ vacation preferences. Travelers completed a quiz that helped them discover what kind of vacation was best for them while a webcam monitored ... […]
- INTERVIEW: Ned Hayes, General Manager, SureID, on Fingerprint Biometrics and the Human Element of Identity on April 15, 2019 at 9:02 am
It can even do things like detect my blood pressure, and deliver the kind of music that’s appropriate to me not having a heart attack that day. Personalization and customization of the world around us ... […]
- The Afterlife of the Aadhaar Dissent: The Jamaican Supreme Court Strikes Down a National Biometric Identification – Gautam Bhatia on April 15, 2019 at 3:55 am
Indeed, these similarities went beyond the collection and storage of biometric information ... which was also at the heart of Chandrachud J.’s dissent: the primacy of individual choice in a ... […]
- IDEMIA Launches Enhanced Security Smart Cards Resistant to Quantum Computers on April 11, 2019 at 3:35 am
COURBEVOIE, France--(Business Wire)--Asymmetric cryptosystems are at the heart of digital security as they are the ... which offer portability and confidentiality of secret elements (keys and ... […]
- Biometric Toilet Seat Detects Congestive Heart Failure on April 1, 2019 at 10:55 am
A toilet-seat based cardiovascular monitoring system can help lower hospital readmission rates for patients with congestive heart failure (CHF). A product of Heart Health Intelligence (HHI; Rochester, ... […]
- Aibo's dark side: Why Illinois bans Sony's robot dog on April 1, 2019 at 5:01 am
Its mechanical joints make slow, noisy work of it on the concrete floor, but I can't help but be mildly heart-warmed. I'd rather have a real ... Sony doesn't sell Aibo in Illinois. The state's ... […]
via Google News and Bing News