Authentication and key relay in medical cyber-physical systems

Mohammed Raza Kanjee,

Mohammed Raza Kanjee

University of Massachusetts Dartmouth, North Dartmouth, MA, U.S.A.

Search for more papers by this author

Hong Liu,

Corresponding Author

Hong Liu

University of Massachusetts Dartmouth, North Dartmouth, MA, U.S.A.

Correspondence: Hong Liu, Department of Electrical and Computer Engineering, University of Massachusetts Dartmouth, 285 Old Westport Road, North Dartmouth, MA 02747-2300, U.S.A.

E-mail: [email protected]

Search for more papers by this author

Mohammed Raza Kanjee,

Mohammed Raza Kanjee

University of Massachusetts Dartmouth, North Dartmouth, MA, U.S.A.

Search for more papers by this author

Hong Liu,

Corresponding Author

Hong Liu

University of Massachusetts Dartmouth, North Dartmouth, MA, U.S.A.

Correspondence: Hong Liu, Department of Electrical and Computer Engineering, University of Massachusetts Dartmouth, 285 Old Westport Road, North Dartmouth, MA 02747-2300, U.S.A.

E-mail: [email protected]

Search for more papers by this author

First published: 08 May 2014

https://doi.org/10.1002/sec.1009

Citations: 13

Share a link

Email
Wechat
Bluesky

Abstract

Medical cyber-physical systems (MCPS) monitor/control patients' physiologic dynamics with embedded/distributed computing process and wireless/wired communication network. MCPS greatly impact the society with high-quality medical services and low-cost ubiquitous healthcare. The major component that integrates the physical world with the cyber space is wireless body area network (WBAN) of medical sensors and actuators worn or implanted in a patient. The life-critical nature of MCPS mandates safe and effective system design. MCPS must operate safely under malicious attacks. Authentication ensures that a medical device is what it claims to be and does what it declares to do, the first line of MCPS defense. Traditional authentication mechanisms, relied on cryptography, are not applicable to MCPS because of the constraints on computing/communication/energy resources. Recent innovations to secure mobile wireless sensor networks, with multi-sensor fusion to save power consumption, are not adequate. Besides challenges, MCPS present grand opportunities with the unique physical features of WBAN for non-cryptographic authentication and human-aided security. This paper proposes an authentication framework for MCPS. By studying medical processes and investigating healthcare adversaries, the novel design crosses physical world and cyber space. With uneven resource allocation, resource-scarce WBAN utilizes no encryption for authentication. Evaluation of this authentication protocol shows promising aspects and ease of adaptability. Copyright © 2014 John Wiley & Sons, Ltd.

References

1Lee I, Sokolsky O. Medical Cyber Physical Systems. In 47th ACM/IEEE Design Automation Conference (DAC'10), June 2010.
Google Scholar
2Wolf W. Cyber-physical systems. IEEE Computer 2009; 42(3): 88–89.
10.1109/MC.2009.81
Web of Science® Google Scholar
3Yang G-Z. Body Sensor Networks. Springer: New York, 2006.
10.1007/1-84628-484-8
Google Scholar
4Wan J, Zou C, Ullah S, Lai C-F, Zhou M, Wang X. Cloud-enabled wireless body area networks for pervasive healthcare. IEEE Network 2013; 27(5): 56–61.
10.1109/MNET.2013.6616116
Web of Science® Google Scholar
5Ullah S, Higgins H, Braem B, et al. A comprehensive survey of wireless body area networks. Journal of Medical Systems 2012; 36(3): 1065–1094.
10.1007/s10916-010-9571-3
PubMed Web of Science® Google Scholar
6Rostami M, Burleson W, Juels A, Koushanfar F. Balancing Security and Utility in Medical Devices? In ACM Design Automation Conference (DAC), Austin, TX, May 29–June 07, 2013.
Google Scholar
7Lee I, Sokolsky O, Chen S, et al. Challenges and research directions in medical cyber–physical systems. Proceedings of the IEEE 2012; 100(1): 75–90.
10.1109/JPROC.2011.2165270
Web of Science® Google Scholar
8C´ardenas AA, Amin S, Sastry S. Secure Control: Towards Survivable Cyber-Physical Systems. In The 28th International Conference on Distributed Computing Systems Workshops (ICDCS 2008 Workshops), Beijing, China, 17–20 June 2008.
Google Scholar
9Arney D, Pajic M, Goldman JM, Lee I, Mangharam R, Sokolsky O. Toward Patient Safety in Closed-Loop Medical Device Systems. In the 1st ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS 2010), part of NSF CPS Week 2010, Stockholm, Sweden, 13 & 14 April 2010.
Google Scholar
10Venkatasubramanian KK, Banerjee A, Gupta SKS. Plethysmogram-Based Secure Inter-Sensor Communication in Body Area Networks. In IEEE Military Communications Conference, San Diego, 2008.
Google Scholar
11Wang H, Peng D, Wang W, Sharif H, Chen H-H, Khoynezhad A. Resource-aware secure ECG healthcare monitoring through body sensor networks. IEEE Wireless Communications 2010; 17(1): 12–19.
10.1109/MWC.2010.5416345
CAS Web of Science® Google Scholar
12Yasinsac A, Childs J. Formal analysis of modern security protocols. Information Sciences 2005; 171: 189–211.
10.1016/j.ins.2004.03.021
Web of Science® Google Scholar
13Banerjee A, Kandula S, Mukherjee T, Gupta SKS. BAND-AiDe: a tool for cyber-physical oriented analysis and design of body area networks and devices. ACM Transactions on Embedded Computing and Systems 2012; 11(S2): 49:1–49:29.
10.1145/2331147.2331159
Web of Science® Google Scholar
14Park S, Roederer A, Mani R, et al. Limitations of threshold-based brain oxygen monitoring for seizure detection. Neurocritical Care 2011; 15(3): 469–476.
10.1007/s12028-011-9540-9
PubMed Web of Science® Google Scholar
15Divi K, Kanjee MR, Liu H. Secure FTTT architecture for healthcare wireless sensor networks. IEEE & ITSS Journal of Information Assurance and Security (JIAS) 2011; 6(2): 157–166.
Google Scholar
16Azogu IK, Liu H. Risk quantification of security authentication: a predictability modeling approach. International Journal of Performability Engineering (IJPE) 2013; 9(4): 101–114.
Google Scholar
17Larcom JA, Liu H. Modeling and Characterization of GPS Spoofing. In IEEE International Conference on Technologies for Homeland Security (HST 2013), Waltham, MA, 12–14 November 2013.
Google Scholar
18Cherukuri S, Venkatasubramanian KK, Gupta SKS. BioSec: A Biometric Based Approach for Securing Communication in Wireless Networks of Biosensors Implanted in the Human Body. In Proceedings of the 2003 International Conference on Parallel Processing Workshops (ICPPW 2003), Kaohsiung, Taiwan, October 6–9, 2003.
Google Scholar
19Poon CC, Zhang Y-T, Bao S-D. A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health. IEEE Communications Magazine 2006; 44(4): 73–81.
10.1109/MCOM.2006.1632652
Web of Science® Google Scholar
20Zeng K, Govindan K, Mohapatra P. Non-cryptographic authentication and identification in wireless networks. IEEE Wireless Communications - Security and Privacy in Emerging Wireless Networks 2010; 17(5): 56–62.
10.1109/MWC.2010.5601959
Web of Science® Google Scholar
21Zhang Z, Wang H, Vasilakos AV, Fang H. ECG-cryptography and authentication in body area networks. IEEE Transactions on Information Technology in Biomedicine 2012; 16(6): 1070–1078.
10.1109/TITB.2012.2206115
PubMed Web of Science® Google Scholar
22Yao L, Ali ST, Sivaraman V, Ostry D. Improving Secret Key Generation Performance for On-Body Devices. In Proceedings of the 6th International Conference on Body Area Networks (BodyNets 2011), Beijing, China, 2011.
Google Scholar
23Rong C, Cheng H. Authenticated Health Monitoring Scheme for Wireless Body Sensor Networks. In Proceedings of the 7th International Conference on Body Area Networks (BodyNets 2012), Oslo, Norway, 2012.
Google Scholar
24Lu R, Lin X, Liang X, Shen X. A secure handshake scheme with symptoms-matching for mHealthcare social network. Mobile Networks and Applications - Special issue on Wireless and Personal Communications 2011; 16(6): 683–694.
10.1007/s11036-010-0274-2
Web of Science® Google Scholar
25Shi L, Li M, Yu S, Yuan J. BANA: body area network authentication exploiting channel characteristics. IEEE Journal on Selected Areas in Communications (JSAC), Special Issue on Signal Processing Techniques for Wireless Physical Layer Security 2013; 31(9): 1803–1816.
Web of Science® Google Scholar
26Chang R-S, Gao J, Gruhn V, He J, Roussos G, Tsai W-T. Mobile Cloud Computing Research – Issues, Challenges, and Needs. In IEEE Seventh International Symposium on Service-Oriented System Engineering, San Francisco Bay, CA, 2013.
Google Scholar
27Zhou Y, Fang Y, Zhang Y. Securing wireless sensor networks: a survey. IEEE Communications Surveys & Tutorials 2008; 10(3): 6–28.
10.1109/COMST.2008.4625802
Web of Science® Google Scholar
28Shi E, Perrig A. Designing secure sensor network. IEEE Wireless Communications 2004; 11(6): 38–43.
10.1109/MWC.2004.1368895
Web of Science® Google Scholar
29Karlof C, Sastry N, Wagner D. TinySec: A Link Layer Security Architecture For Wireless Sensor Networks. In 2nd International Conference on Embedded Networked Sensor Systems, Baltimore, 2004.
Google Scholar
30Chen M, Gonzalez S, Vasilakos A, Cao H, Leung VC. Body area networks: a survey. Mobile Network Applications 2011; 16: 171–193.
10.1007/s11036-010-0260-8
Web of Science® Google Scholar
31Mughal A, Kanjee MR, Liu H. Mobile healthcare infrastructure with Qos and security. In Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, Vol. 48. Springer: New York, 2010; 462–473.
10.1007/978-3-642-17758-3_36
Google Scholar
32Kambourakis G, Klaoudatou E, Gritzalis S. Securing Medical Sensor Environments: The CodeBlue Framework Case. In 2nd International Conference on Availability, Reliability and Security, Vienna, 2007.
Google Scholar
33Halperin D, Kohno T, Heydt-Benjamin TS, Fu K, Maisel WH. Security and privacy for implantable medical devices. IEEE Pervasive Computing 2008; 7(1): 30–39.
10.1109/MPRV.2008.16
Web of Science® Google Scholar
34Malasri K, Wang L. SNAP: An Architecture for Secure Medical Sensor Networks. In 2nd IEEE Workshop on Wireless Mesh Networks, Reston, 2006.
Google Scholar
35Kanjee MR, Liu H. A Generic Authentication Protocol for Wireless Body Area Networks. In 8th ACM/IEEE International Conference on Body Area Networks (BodyNets 2013), Boston, MA, 30 September–2 October 2013.
Google Scholar
36Murugesan A, Rayadurgam S, Heimdahl M. Using Models to Address Challenges in Specifying Requirements for Medical Cyber-Physical Systems. In CPS Week: 4th Workshop on Medical Cyber Physical Systems, Philadelphia, April 2013.
Google Scholar
37Hatcliff J, Vasserman E, Weininger S, Goldman J. An Overview of Regulatory and Trust Issues for the Integrated Clinical Environment. In 3rd Joint Workshop High Confidence Medical Devices, Software, Systems and Medical Device plug-and-Play Interoperability (HCMDSS/MDpnp), Chicago, IL, 2011.
Google Scholar
38Venkatasubramanian KK, Gupta SK, Banerjee A. PSKA: usable and secure key agreement scheme for body area networks. IEEE Transactions on Information Technology in Biomedicine 2010; 14(1): 60–68.
10.1109/TITB.2009.2037617
PubMed Web of Science® Google Scholar
39Huang Y-M, Hsieh M-Y, Chao H-C, Hung S-H, Park JH. Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks. IEEE Journal on Selected Areas in Communications 2009; 27(4): 400–411.
10.1109/JSAC.2009.090505
Web of Science® Google Scholar
40Li M, Yu S, Guttman JD, Lou W, Ren K. Secure ad hoc trust initialization and key management in wireless body area networks. ACM Transactions on Sensor Networks 2013; 9(2):18:22.
10.1145/2422966.2422975
Web of Science® Google Scholar

Citing Literature

All articles

Authentication and key relay in medical cyber-physical systems

Abstract

References

Citing Literature

References

Information

About Wiley Online Library

Help & Support

Opportunities

Connect with Wiley

Authentication and key relay in medical cyber-physical systems

Abstract

References

Citing Literature

References

Related

Information