Optimally profiling and tracing programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Protecting Java code via code obfuscation
Crossroads - Speical issue on robotics
Security and Usability
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Smart cards in hostile environments
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Pocket Hypervisors: Opportunities and Challenges
HOTMOBILE '07 Proceedings of the Eighth IEEE Workshop on Mobile Computing Systems and Applications
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
Activity-aware ECG-based patient authentication for remote health monitoring
Proceedings of the 2009 international conference on Multimodal interfaces
A practical property-based bootstrap architecture
Proceedings of the 2009 ACM workshop on Scalable trusted computing
Toward trustworthy mobile sensing
Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
I am a sensor, and I approve this message
Proceedings of the Eleventh Workshop on Mobile Computing Systems & Applications
Towards trustworthy participatory sensing
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Towards customizable, application specific mobile trusted modules
Proceedings of the fifth ACM workshop on Scalable trusted computing
Small, stupid, and scalable: secure computing with faerieplay
Proceedings of the fifth ACM workshop on Scalable trusted computing
Proceedings of the fifth ACM workshop on Scalable trusted computing
Non-interactive verifiable computing: outsourcing computation to untrusted workers
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Mobile personal health care system for patients with diabetes
ICOST'10 Proceedings of the Aging friendly technology for health and independence, and 8th international conference on Smart homes and health telematics
Smarter Phones for Healthier Lifestyles: An Adaptive Fitness Game
IEEE Pervasive Computing
Cells: a virtual mobile smartphone architecture
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Adapt-lite: privacy-aware, secure, and efficient mhealth sensing
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Can homomorphic encryption be practical?
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
EnGarde: protecting the mobile phone from malicious NFC interactions
Proceeding of the 11th annual international conference on Mobile systems, applications, and services
Towards trustworthy medical devices and body area networks
Proceedings of the 50th Annual Design Automation Conference
Secure enrollment and practical migration for mobile trusted execution environments
Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
| Hi-index | 0.00 |
Mobile computing and sensing technologies present exciting opportunities for healthcare. Prescription wireless sensors worn by patients can automatically deliver medical data to care providers, dramatically improving their ability to diagnose, monitor, and manage a range of medical conditions. Using the mobile phones that patients already carry to provide connectivity between sensors and providers is essential to keeping costs low and deployments simple. Unfortunately, software-based attacks against phones are also on the rise, and successful attacks on privacy-sensitive and safety-critical applications can have significant consequences for patients. In this paper, we describe Plug-n-Trust (PnT), a novel approach to protecting both the confidentiality and integrity of safety-critical medical sensing and data processing on vulnerable mobile phones. With PnT, a plug-in smart card provides a trusted computing environment, keeping data safe even on a compromised mobile phone. By design, PnT is simple to use and deploy, while providing a flexible programming interface amenable to a wide range of applications. We describe our implementation, designed for Java-based smart cards and Android phones, in which we use a split-computation model with a novel path hashing technique to verify proper behavior without exposing confidential data. Our experimental evaluation demonstrates that PnT achieves its security goals while incurring acceptable overhead.