Rice University researchers propose touch-to-access security for implanted devices
Pacemakers, insulin pumps, defibrillators and other implantable medical devices often have wireless capabilities that allow emergency workers to monitor patients. But these devices have a potential downside: They can be hacked.
Researchers at Rice University have come up with a secure way to dramatically cut the risk that an implanted medical device (IMD) could be altered remotely without authorization.
Their technology would use the patient’s own heartbeat as a kind of password that could only be accessed through touch.
Rice electrical and computer engineer Farinaz Koushanfar and graduate student Masoud Rostami will presentHeart-to-Heart, an authentication system for IMDs, at the Association for Computing Machinery’s Conference on Computer and Communications Security in Berlin in November. They developed the technology with Ari Juels, former chief scientist at RSA Laboratories, a security company in Cambridge, Mass.
IMDs generally lack the kind of password security found on a home Wi-Fi router because emergency medical technicians often need quick access to the information the devices store to save a life, Rostami said. But that leaves the IMDs open to attack.
“If you have a device inside your body, a person could walk by, push a button and violate your privacy, even give you a shock,” he said. “He could make (an insulin pump) inject insulin or update the software of your pacemaker. But our proposed solution forces anybody who wants to read the device to touch you.”
The system would require software in the IMD to talk to the “touch” device, called the programmer. When a medical technician touches the patient, the programmer would pick up an electrocardiogram (EKG) signature from the beating heart. The internal and external devices would compare minute details of the EKG and execute a “handshake.” If signals gathered by both at the same instant match, they become the password that grants the external device access.
“The signal from your heartbeat is different every second, so the password is different each time,” Rostami said. “You can’t use it even a minute later.”
He compared the EKG to a chart of a financial stock. “We’re looking at the minutia,” Rostami said. “If you zoom in on a stock, it ticks up and it ticks down every microsecond. Those fine details are the byproduct of a very complex system and they can’t be predicted.”
A human heartbeat is the same, he said. It seems steady, but on closer view every beat has unique characteristics that can be read and matched. “We treat your heart as if it were a random number generator,” he said.
The system could potentially be used with the millions of IMDs already in use, Koushanfar said. “To our knowledge, this is the first fully secure solution that has small overhead and can work with legacy systems,” she said. “Like any device that has wireless access, we can simply update the software.”
The Latest on: Heartbeat biometric
- Special Operations Command Made a Mind-Reading Kit For Elite Troopson December 12, 2019 at 8:09 am
TAMPA, Florida — As tomorrow’s elite soldiers work to persuade local populations to support them, they may be able to sense how their messages are being received by detecting invisible biometric ...
- A Bitter Election Dispute Sends Afghanistan Back to the Brinkon December 11, 2019 at 9:04 pm
At the heart of the dispute is 300,000 questionable votes that Mr. Abdullah’s supporters ... The election commission attributes that to human error in setting the time on devices that collect voters’ ...
- Qualcomm says it has the best fingerprint Scanner availableon December 7, 2019 at 3:57 am
The American executive says that the sensor can still monitor your heart rate, which makes it impossible to use ... The Samsung Galaxy S10 uses Qualcomm’s first 3D biometric sensor and we can already ...
- Chronolife Applauded by Frost & Sullivan for Flagship Predictive Health Analytics and Monitoring Smartwearon December 5, 2019 at 4:01 pm
Chronolife's innovative T-shirt-based platform captures biometrics to track chronic conditions such as heart disease LONDON, Dec. 5, 2019 /PRNewswire/ -- Based on an in-depth analysis of the global ...
- Fingerprint login should be a secure defense for our data, but most of us don’t use it properlyon December 5, 2019 at 3:19 am
Biometrics are marketed as being a very secure solution ... Popular high blood pressure drug may increase risk of bowel disease High blood pressure harms one in ten adults across the globe, and it ...
- Qualcomm’s big new fingerprint sensor is a huge improvement: Hands-onon December 4, 2019 at 2:34 pm
Qualcomm is so uncontrollably gleeful about biometrics and Snapdragon products in general ... By tracking blood flow and the user’s pulse through the ultrasonics, much in the way that some ultrasonic ...
- Synectics integrates digital identity verification tech from Yoti to fight fraud, improve customer onboardingon December 4, 2019 at 8:33 am
Synectics Solutions has entered a strategic partnership with Yoti to integrate its biometric digital identity verification ... authenticating and identifying genuine customers lies at the heart of ...
- Global Fingerprint Sensor Market Report 2019-2024 – Emergence of Biometric Smartcards in BFSI Applications Presents Robust Opportunitieson December 3, 2019 at 5:58 am
www.financialbuzz.com Located on Wall Street in the heart of New York City’s financial district, FinancialBuzz.com is a credible source for the world’s latest trending financial and economic news. A ...
- For better or for worse, your heart health and your spouse's may overlapon December 2, 2019 at 6:52 am
"We try to make good choices." A new study provides a look at the levels of such similarity between married partners when it comes to their heart health, in hopes of finding ways to lead more people ...
- Heartbeat Based Securityon December 1, 2019 at 12:00 am
The biometric security technology is based on the unique signature of the human heartbeat. The researchers involved are working to develop a wearable device that can be used as an alternative to ...
via Google News and Bing News