End-to-end arguments in system design
ACM Transactions on Computer Systems (TOCS)
TinyECC: A Configurable Library for Elliptic Curve Cryptography in Wireless Sensor Networks
IPSN '08 Proceedings of the 7th international conference on Information processing in sensor networks
IBE-lite: a lightweight identity-based cryptography for body sensor networks
IEEE Transactions on Information Technology in Biomedicine - Special section on body sensor networks
Physiological value-based efficient usable security solutions for body sensor networks
ACM Transactions on Sensor Networks (TOSN)
PSKA: usable and secure key agreement scheme for body area networks
IEEE Transactions on Information Technology in Biomedicine
GeM-REM: Generative Model-Driven Resource Efficient ECG Monitoring in Body Sensor Networks
BSN '11 Proceedings of the 2011 International Conference on Body Sensor Networks
Resource-efficient and reliable long term wireless monitoring of the photoplethysmographic signal
Proceedings of the 2nd Conference on Wireless Health
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
An amulet for trustworthy wearable mHealth
Proceedings of the Twelfth Workshop on Mobile Computing Systems & Applications
A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health
IEEE Communications Magazine
Body Area Networks: Safety, Security, and Sustainability
Body Area Networks: Safety, Security, and Sustainability
Hi-index | 0.00 |
Ensuring security of private health data over the communication channel from the sensors to the back-end medical cloud is crucial in a mHealth system. This end-to-end (E2E) security is enabled by distributing cryptographic keys between a sensor and the cloud so that the data can be encrypted and its integrity protected. Further, the key can also be used for mutually authenticating the communication. The distribution of keys is one of the biggest overheads in enabling secure communication and needs to be done is a transparent way that minimizes the cognitive load on the users (patients). Traditional approaches for providing E2E security for mHealth systems are based on asymmetric cryptosystems that require extensive security infrastructure. In this paper, we propose a novel protocol, Physiology-based End-to-End Security (PEES), which provides a secure communication channel between the sensors and the back-end medical cloud in a transparent way. PEES uses: (1) physiological signal features to hide a secret key, and (2) synthetically generated physiological signals from generative models parameterized with patient's physiological information, to unhide the key. Moreover, in PEES authentication comes for free since only sensors on the user's body has access to physiological features and can therefore gain access to the protected information in the cloud. The analysis of the approach using electrocardiogram (ECG) and phototplethysmogram (PPG) signals and their associated models demonstrate the feasibility of PEES. The protocol is light-weight for sensors and has no pre-deployment or storage requirements and can provide strong and random keys (≈ 90 bits long). We have also started clinical studies to establish its efficacy in practice.