Rice University researchers propose touch-to-access security for implanted devices
Pacemakers, insulin pumps, defibrillators and other implantable medical devices often have wireless capabilities that allow emergency workers to monitor patients. But these devices have a potential downside: They can be hacked.
Researchers at Rice University have come up with a secure way to dramatically cut the risk that an implanted medical device (IMD) could be altered remotely without authorization.
Their technology would use the patient’s own heartbeat as a kind of password that could only be accessed through touch.
Rice electrical and computer engineer Farinaz Koushanfar and graduate student Masoud Rostami will present Heart-to-Heart, an authentication system for IMDs, at the Association for Computing Machinery’s Conference on Computer and Communications Security in Berlin in November. They developed the technology with Ari Juels, former chief scientist at RSA Laboratories, a security company in Cambridge, Mass.
IMDs generally lack the kind of password security found on a home Wi-Fi router because emergency medical technicians often need quick access to the information the devices store to save a life, Rostami said. But that leaves the IMDs open to attack.
“If you have a device inside your body, a person could walk by, push a button and violate your privacy, even give you a shock,” he said. “He could make (an insulin pump) inject insulin or update the software of your pacemaker. But our proposed solution forces anybody who wants to read the device to touch you.”
The system would require software in the IMD to talk to the “touch” device, called the programmer. When a medical technician touches the patient, the programmer would pick up an electrocardiogram (EKG) signature from the beating heart. The internal and external devices would compare minute details of the EKG and execute a “handshake.” If signals gathered by both at the same instant match, they become the password that grants the external device access.
“The signal from your heartbeat is different every second, so the password is different each time,” Rostami said. “You can’t use it even a minute later.”
He compared the EKG to a chart of a financial stock. “We’re looking at the minutia,” Rostami said. “If you zoom in on a stock, it ticks up and it ticks down every microsecond. Those fine details are the byproduct of a very complex system and they can’t be predicted.”
A human heartbeat is the same, he said. It seems steady, but on closer view every beat has unique characteristics that can be read and matched. “We treat your heart as if it were a random number generator,” he said.
The system could potentially be used with the millions of IMDs already in use, Koushanfar said. “To our knowledge, this is the first fully secure solution that has small overhead and can work with legacy systems,” she said. “Like any device that has wireless access, we can simply update the software.”
The Latest Bing News on:
- Medio Smart Health Launches, Helping People Take Charge of their Own Health with Free COVID-19 Symptom and Vital Sign Trackingon August 5, 2020 at 6:55 am
Brainworks, provider of AI-enhanced, non-contact vital sign measurement and automated digital healthcare tools, today reveals Medio Smart Health, a lo ...
- Brainworks launches Medio Smart Health heartbeat-monitoring app with COVID-19 questionnaireon August 5, 2020 at 4:32 am
Brainworks has launched Medio Smart Health web application that tracks your heart rate using a camera and can screen you for COVID-19 symptoms.
- Social Credit Industry Assessment 2020-2025: Market Drivers, Use Cases, and Consequential Implicationson August 4, 2020 at 3:09 am
The "Social Credit Market by Physical and Cyber Infrastructure (Sensors, Cameras, Biometrics, Computer Vision), Software ...
- Analyzing Movement and Biometrics in Sportson July 30, 2020 at 12:28 am
Experts weigh in on the state of biometrics and give their best predictions on where the sports tech industry is headed.
- Nedap Partners with Thales to Offer Facial Biometric Authentication for Contact-free Access Control Solutionson July 28, 2020 at 3:05 pm
Nedap, a leader in security management, strengthens its physical access management offer with Thales facial recognition expertise. • The partnership aims to accelerate and simplify the deployment of ...
- Study: Laughter shows promise as possible biometricon July 27, 2020 at 11:59 am
Researchers from the University of Lagos in Nigeria believe that laughter could be a viable biometric, offering a secure signature of login for smartphone access and other electronic devices. To ...
- Apple AirPods Pro 2nd-Generation May Feature Biometric Sensors, Report Sayson July 25, 2020 at 8:04 am
The latest report comes from Digitimes, which says that companies building AirPods will include assemblers in Vietnam. It also goes on to say that the third-generation of regular AirPods will arrive ...
- New Rumor Points to Biometric AirPods in 2021on July 24, 2020 at 12:54 pm
After much speculation, a new rumor suggests that Apple is finally ready to bring biometric capabilities to its AirPod line of ...
- Biometrics, security and contagion control – Securiport explores the future of the air transport industryon July 24, 2020 at 2:00 am
Securiport's Nate Carpenter, Chief Software Architect, discusses biometrics, the Epidemic Control System and the post-pandemic air transport industry.
- New biometric wearables may be coming from Apple and Alphabet, researchers work on health monitoringon July 23, 2020 at 2:34 pm
A new line of earphones will be produced by Apple with biometric heart rate monitoring next year, according to a rumor covered by Patently Apple. The new AirPod Pro will be the second generation, ...
The Latest Google Headlines on:
The Latest Bing News on:
Contract for the Web
- Here's how Bodhi Tree created a web series on a lockdown during the lockdownon August 5, 2020 at 8:48 am
which is scattered but the family talks on video call and what if one of them contracts the coronavirus,” said Motwani. Then started the process of bringing together a four-episode thriller web series ...
- USNC Collaborates with Industry Leaders on New Technologies for Advanced Micro Modular Reactoron August 5, 2020 at 6:17 am
This agreement includes investigating applications for the MMR ... improving quality of life while attaining higher standards in safety and reliability. Web page: www.kaeri.re.kr ...
- Airtel-Amazon team up to take on Jio-Microsoft in the battle for India’s cloud marketon August 5, 2020 at 4:25 am
Airtel and Amazon Web Services (AWS) has signed a multi-year strategic collaboration agreement to offer cloud solutions to Airtel’s clients. The new Airtel-AWS deal will face off against the existing ...
- 01 Communique Signs Partnership Agreement with Cybersecurity Firm Privacy Horizon Inc. to Sell IronCAP Productson August 4, 2020 at 5:00 pm
Andrew Cheung, 01 Communique CEO, stated, "We are pleased to have a partnership agreement with Privacy Horizon ... For more information, visit the Company's web site at www.ironcap.ca and www ...
- Best TV streaming service for cord cutters: Hulu, Sling TV, YouTube TV and moreon August 4, 2020 at 1:41 pm
Now is the perfect time to ditch your cable company but keep live news and other channels. Here are our favorite options for the best live TV streaming services.
- Joe Mixon Rumors: Bengals Star Wants New Contract to Be Among Top 8 for RBson August 4, 2020 at 5:02 am
Cincinnati Bengals running back Joe Mixon is reportedly seeking a contract extension that puts ... Get the best sports content from the web and social in the new B/R app. Get the app and get ...
- Global Payments, Amazon Web Services in multi-year collaboration pacton August 3, 2020 at 5:15 am
Web Services sign a new multi-year collaboration agreement for a cloud-based issuer processing platform to financial institutions. As part of this agreement, Global Payments and AWS will collaborate ...
- Public meetings for the week of Aug. 2on August 2, 2020 at 6:00 am
Public hearings on the proposed Multifamily Tax Exemption Program for Residences at Arnada, the Port of Vancouver Terminal One development agreement, and the Presbytery of the Cascades Annexation.
- Report: SEC Nearing Agreement for 10-Game Conference-Only CFB Schedule in 2020on July 29, 2020 at 4:25 pm
The SEC is set to become the latest Power Five conference to move to a 10-game, conference-only football schedule for the 2020 ...
- 8 top web hosting services for small businesseson July 29, 2020 at 6:10 am
Few modern businesses can survive without a website but hosting one yourself is impractical. With a web hosting service, you can have a credible web presence in minutes.