Rice University researchers propose touch-to-access security for implanted devices
Pacemakers, insulin pumps, defibrillators and other implantable medical devices often have wireless capabilities that allow emergency workers to monitor patients. But these devices have a potential downside: They can be hacked.
Researchers at Rice University have come up with a secure way to dramatically cut the risk that an implanted medical device (IMD) could be altered remotely without authorization.
Their technology would use the patient’s own heartbeat as a kind of password that could only be accessed through touch.
Rice electrical and computer engineer Farinaz Koushanfar and graduate student Masoud Rostami will present Heart-to-Heart, an authentication system for IMDs, at the Association for Computing Machinery’s Conference on Computer and Communications Security in Berlin in November. They developed the technology with Ari Juels, former chief scientist at RSA Laboratories, a security company in Cambridge, Mass.
IMDs generally lack the kind of password security found on a home Wi-Fi router because emergency medical technicians often need quick access to the information the devices store to save a life, Rostami said. But that leaves the IMDs open to attack.
“If you have a device inside your body, a person could walk by, push a button and violate your privacy, even give you a shock,” he said. “He could make (an insulin pump) inject insulin or update the software of your pacemaker. But our proposed solution forces anybody who wants to read the device to touch you.”
The system would require software in the IMD to talk to the “touch” device, called the programmer. When a medical technician touches the patient, the programmer would pick up an electrocardiogram (EKG) signature from the beating heart. The internal and external devices would compare minute details of the EKG and execute a “handshake.” If signals gathered by both at the same instant match, they become the password that grants the external device access.
“The signal from your heartbeat is different every second, so the password is different each time,” Rostami said. “You can’t use it even a minute later.”
He compared the EKG to a chart of a financial stock. “We’re looking at the minutia,” Rostami said. “If you zoom in on a stock, it ticks up and it ticks down every microsecond. Those fine details are the byproduct of a very complex system and they can’t be predicted.”
A human heartbeat is the same, he said. It seems steady, but on closer view every beat has unique characteristics that can be read and matched. “We treat your heart as if it were a random number generator,” he said.
The system could potentially be used with the millions of IMDs already in use, Koushanfar said. “To our knowledge, this is the first fully secure solution that has small overhead and can work with legacy systems,” she said. “Like any device that has wireless access, we can simply update the software.”
The Latest Bing News on:
- iProov Achieves Record-breaking Growth as Demand for Genuine Presence Assurance Soarson July 28, 2021 at 9:01 pm
From January to June 2021, iProov saw a 15x increase in the number of people verified using its technology versus the same time period last year. Its flagship Genuine Presence Assurance technology ...
- Innovatrics partners on biometric password manager, 1Password raises $100Mon July 28, 2021 at 2:03 pm
Innovatrics, with cryptography and cybersecurity firm Crayonic, develop a password management system secured with fingerprint biometrics.
- Harnessing machine learning to enhance Emotional Intelligence in healthcareon July 28, 2021 at 11:00 am
Emotional AI has broad applications across mental health, remote monitoring (through voice and other biometrics e.g. blood pressure, heart beat) and telehealth.
- Here’s the latest proof that Apple is fixing the iPhone notchon July 27, 2021 at 3:09 pm
A new discovery details the technology that will ‘kill’ the iPhone notch: Touch ID and Face ID sensors under the display.
- Thales biometric payment card is a secure innovationon July 26, 2021 at 11:51 pm
The contactless biometric card dramatically simplifies proximity payments and also provides an essential level of privacy and confidence. The user’s fingerprint data is loaded o ...
- Identity At The Heart Of The Contactless Worldon July 23, 2021 at 9:00 am
Matt Cole, CEO of IDEMIA, explores how the era of digital-first customer experiences will trigger an evolution in the relationship between identity and payments.
- B-Secur and Texas Instruments Team Up to Bring Heart Biometrics to Wearable Deviceson July 22, 2021 at 2:38 pm
B-Secur is trying to make it easier for manufacturers to add medical-grade heartrate monitoring to wearable devices.
- Wearable biometrics to power health studies and astronaut monitoringon July 22, 2021 at 2:37 pm
News about wearables for tracking health biometrics. Updates on B-Secur, BioIntellisense, Biostrap, Carré Technologies, and Nextiles.
- Researchers Turn to Biometric Wearable to Assess Long-term COVIDon July 22, 2021 at 2:28 pm
Health researchers will be using the Biostrap wearable device to learn more about the long-term effects of COVID-19 ...
- Surrender To The Rhythmon July 22, 2021 at 8:00 am
Your unique heart rhythm may one day be used to make shopping, office visits, even just a stroll down the street a bit more personal, notes Clay Griffith, a Director of Product Marketing at Cognizant ...
The Latest Google Headlines on:
The Latest Bing News on:
Contract for the Web
- Navy Awards $85 Million Contract for Software and Cloud Supporton July 29, 2021 at 10:46 am
SAIC will work on pushing the Joint Expeditionary Command and Control family of systems toward JADC2 integration goals.
- Howard Center ratifies contract with the Baird Education Association Unionon July 29, 2021 at 8:53 am
Howard Center’s Board of Trustees is pleased to announce that they have ratified their labor contract with the Baird Education Association (BEA). The BEA represents teachers at the Baird School who ...
- Vicinity Motor Corp. Selected for California Statewide Contracton July 28, 2021 at 5:31 am
Largest State Transit Association in U. Authorizes Purchase of Vicinity Buses through Distribution Partner, ABC CompaniesVANCOUVER, BC / ACCESSWIRE / July 28, 2021 / Vicinity Motor Corp.
- Why the Paris Climate Agreement Might be Doomed to Failon July 28, 2021 at 2:00 am
Not long before the Paris Agreement was signed in 2015, Scott Barrett wanted to test how likely it was that the pact would work. As an economist who studies international cooperation, Barrett decided ...
- Tech Co. Sues HMRC For Handing Telecom Contract To Amazonon July 27, 2021 at 8:38 pm
HM Revenue & Customs violated European Union and basic procurement law when awarding contracts for telecommunication services to Amazon and a second provider, a United Kingdom tech company told the ...
- HMRC Sued For Handing Telecom Contract To Amazonon July 27, 2021 at 8:38 pm
HM Revenue & Customs violated European Union and basic procurement law when awarding contracts for telecommunication services to Amazon and a second provider, a British tech company told a London ...
- The Volvo strike in Virginia, what are the lessons for Amazon workers?on July 27, 2021 at 5:21 pm
The bravery shown by the Volvo strikers during this weeks-long two-front confrontation has been an inspiration to workers around the world who are seeking to improve their conditions after a year of ...
- Cerba Research Awarded NIH Contract for Central Lab Serviceson July 27, 2021 at 9:00 am
Cerba Research announces a five-year contract for Clinical Central Laboratory Services from NIAID, part of U.S. National Institutes of Health (NIH).
- Goldschmitt-CRI Gets $136M SBA Contract for Paycheck Protection Program Platform, Call Center Supporton July 27, 2021 at 2:20 am
Small Business Administration’s software-as-a-service platform for the Paycheck Protection Program and provide call center support under a potential 12-month, $136.4 million contract with SBA. SBA ...
- Qualys Wins Contract to Support DHS CDM for Group F Federal Agencieson July 26, 2021 at 6:00 am
(NASDAQ: QLYS), a pioneer and leading provider of disruptive cloud-based IT, security and compliance solutions, today announced it has secured a contract to provide its FedRAMP-authorized Cloud ...