Rice University researchers propose touch-to-access security for implanted devices
Pacemakers, insulin pumps, defibrillators and other implantable medical devices often have wireless capabilities that allow emergency workers to monitor patients. But these devices have a potential downside: They can be hacked.
Researchers at Rice University have come up with a secure way to dramatically cut the risk that an implanted medical device (IMD) could be altered remotely without authorization.
Their technology would use the patient’s own heartbeat as a kind of password that could only be accessed through touch.
Rice electrical and computer engineer Farinaz Koushanfar and graduate student Masoud Rostami will presentHeart-to-Heart, an authentication system for IMDs, at the Association for Computing Machinery’s Conference on Computer and Communications Security in Berlin in November. They developed the technology with Ari Juels, former chief scientist at RSA Laboratories, a security company in Cambridge, Mass.
IMDs generally lack the kind of password security found on a home Wi-Fi router because emergency medical technicians often need quick access to the information the devices store to save a life, Rostami said. But that leaves the IMDs open to attack.
“If you have a device inside your body, a person could walk by, push a button and violate your privacy, even give you a shock,” he said. “He could make (an insulin pump) inject insulin or update the software of your pacemaker. But our proposed solution forces anybody who wants to read the device to touch you.”
The system would require software in the IMD to talk to the “touch” device, called the programmer. When a medical technician touches the patient, the programmer would pick up an electrocardiogram (EKG) signature from the beating heart. The internal and external devices would compare minute details of the EKG and execute a “handshake.” If signals gathered by both at the same instant match, they become the password that grants the external device access.
“The signal from your heartbeat is different every second, so the password is different each time,” Rostami said. “You can’t use it even a minute later.”
He compared the EKG to a chart of a financial stock. “We’re looking at the minutia,” Rostami said. “If you zoom in on a stock, it ticks up and it ticks down every microsecond. Those fine details are the byproduct of a very complex system and they can’t be predicted.”
A human heartbeat is the same, he said. It seems steady, but on closer view every beat has unique characteristics that can be read and matched. “We treat your heart as if it were a random number generator,” he said.
The system could potentially be used with the millions of IMDs already in use, Koushanfar said. “To our knowledge, this is the first fully secure solution that has small overhead and can work with legacy systems,” she said. “Like any device that has wireless access, we can simply update the software.”
The Latest on: Heartbeat biometric
- Apple appears to be developing biometric AirPodson October 17, 2019 at 1:57 pm
Biometric sensors are any sensors that takes some kind of biometric reading — basically, biological data like heart rate, a fingerprint scan, or a high-res image of your iris. This data can be used in ...
- Fitbit Teams Up With Drug Giants to Tackle a Serious Heart Condition: Brainstorm Healthon October 17, 2019 at 11:48 am
This condition, a heart arrhythmia, could cause all sorts of medical problems ... of AFib for patients at an increased risk of stroke using Fitbit’s wearable technology, which can measure a variety of ...
- Huami Launches GTR, A Bold New Fashion-Orientated Amazfit Smartwatchon October 17, 2019 at 9:46 am
24-hour heart rate monitoring, 5 ATM water-resistance so you can take it for a swim, dual-mode GPS, mobile app notifications and more. Huami is a biometric and activity data-driven company with ...
- Foreign leaders generate more emotional response from Dublin voters than Irish politicians on Brexiton October 17, 2019 at 7:34 am
The real-time wireless biometric responses measured in the study were galvanic skin responses to assess arousal via minute changes in sweat, and heart rate to measure mental effort, as audience ...
- Google Launches Pixel 4 with New Biometric Face Unlock, Ditches Fingerprint Scanneron October 16, 2019 at 8:20 am
Google calls this technology Motion Sense, and it’s also at the heart of the Pixel’s new 3D face unlock ... s security in the hands of 3D face scanning as the only form of biometric security. Samsung ...
- Apple Ring with biometrics patented as Global e·dentity files IP challengeon October 15, 2019 at 11:04 am
The biometric capabilities could be supplied by “heart-rate or pulse monitors, skin-electrical-resistance monitors, pressure sensors, perspiration analyzers, fingerprint readers,” or other sensors.
- Apple Files a Trademark for 'SwiftStrike' Related to ARKit and an Update to EarPods to Cover Biometrics and General Wellnesson October 12, 2019 at 12:54 pm
and transmitting biometric data, heart rate, body movement, and calories burned; hearing aids; hearing protectors; medical apparatus and instruments; ear plugs [ear protection devices]." Apple's ...
- Global Face and Voice Biometrics Industryon October 9, 2019 at 12:48 am
www.financialbuzz.com Located on Wall Street in the heart of New York City’s financial district, FinancialBuzz.com is a credible source for the world’s latest trending financial and economic news. A ...
- Sandia Labs and partner to develop access control wearables with B-Secur EKG biometricson October 8, 2019 at 10:08 am
Aquila plans to use heartbeat electrical signal software from B-Secur in assessing different forms of wearables, such as wristbands or chest straps, as an alternative to fingerprint or iris biometrics ...
- Security in a heartbeaton October 7, 2019 at 2:13 pm
Sandia National Laboratories is collaborating with a New Mexico small business to test and develop a biometric security system based on the human heartbeat. Sandia signed a Cooperative Research and ...
via Google News and Bing News