1 / 13

Privacy & Pervasive Healthcare

Privacy & Pervasive Healthcare. Machines of Loving Grace Spring 2008. Issues in Privacy & Security. Access control: ensuring that people who are authorized to see the information can, and others cannot Create Access Control Policies

mickey
Télécharger la présentation

Privacy & Pervasive Healthcare

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Privacy & Pervasive Healthcare Machines of Loving Grace Spring 2008

  2. Issues in Privacy & Security • Access control: ensuring that people who are authorized to see the information can, and others cannot • Create Access Control Policies • User identification: verify that users are who they say they are • Spoofing attack: attacker masquerades as another • Gain access to private data • Data validation: verify that data is from who it says it is from • E.g., spoofer could insert false data • Denial of service attacks • Overwhelm data servers by sheer volume • Attacker prevents legitimate users from accessing data

  3. Security & Privacy Techniques • Formulate clear access policies • Specify classes of subjects, data, users, situations • Rules that state when a class of users can access a class of data about a class of subjects • Implement access policies using cryptographic techniques • Protocols for distributing and using cryptographic keys and data • E.g.: public-key cryptography • Even well-established protocols often turn out to have bugs!

  4. Privacy Issues for Healthcare • Of particular concern for healthcare: • Conformance with HEPA privacy regulations • Volume of sensitive data • Large number of individuals require access to data • Authorized user base can change quickly, e.g. a new doctor is consulted on a case • Interaction with legacy computer systems that have privacy & security loopholes • Perfect privacy & security may not be attainable in a practical system!

  5. Physiological Value Based Security • Krishna Venkatasubramanian and Sandeep K. S. Gupta • Ira A. Fulton School of Engineering • Department of Computer Science and Engineering • Arizona State University • Tempe, Arizona • sandeep.gupta@asu.edu

  6. Biomedical Sensors (Biosensors) Inter-Pulse-Interval (V’1) Inter-Pulse-Interval (V1)  EKG EKG Inter-Pulse-Interval (V2) = = Inter-Pulse-Interval (V’2) PPG  PPG • Physiological Values (PV): Measure Stimuli from bodye.g EKG, PPG(Photoplethysymograph) • PVs are universally collectable, vary with time and can have similar values in one human being • Biomedical Sensor Platforms • In-vivo sensors • Are primarily at experimental stage • Measure one stimuli • Wearable sensors • Groups of sensors packaged together • Products available • Have wireless capability • Generic Sensors • Measure environmental stimuli • Can perform wireless communication • Used in medical monitoring projects, Code Blue @ Harvard • Mica2, MicaZ, TelosB Nano-scale Blood Glucose level detector Developed @ UIUC Mica2 based EKG sensor AMON Wearable Health Monitor • Properties • Small form factor • Limited processor, memory, communication capabilities • Form large networks within body for energy- efficiency Life Shirt Ambulatory Monitoring

  7. PVS: Physiological Value based Security ECG, Heart/Pulse Rate • Principle Idea: Use PVs as security primitives in biomedical sensor networks: • Hide cryptographic keys • Authenticate and secure biosensor communication • Examples: • Blood Pressure, Heart Rate, Glucose level • Temporal variations in different PVs. • Combination of multiple PV • PVs values at two location slightly different • Use Error Correction Codes like Majority Encoding for correction Blood Pressure + Blood Glucose Easier and safe key generation • Cheaper key distribution Sensors

  8. Value Time  Aspects of Physiological Values Required Properties of Physiological Values FOUND: Inter-Pulse-Interval (IPI), Heart Rate Variation (HPV) FUTURE QUEST: Find Others… • Universal • Should be measurable in everyone • Distinctive • Should be able to differentiate 2 individuals • Random • To prevent brute-force attacks • Timevariant • If broken, the next set of values should not be guessable. Physiological Certificate • Cert = MAC (Key, Data), γ Where γ = Key  PV • hides the actual Key used for computing the Message Authentication Code (MAC) over the data for integrity protection.

  9. PV Based Communication Measure Pre-defined PV @ Sender PVs & Receiver PVr Generate Random Key @ sender Randkey Cert = MAC(Randkey, Data) , γ where γ = PVs Randkey Compute Physiological Certificate with Key Rand on Data Send Message <Data, Cert, γ> Receiver message Unhide RandKeyusing PVr and γ from the Cert RandKey’= PVr Cert. γ Correct RandKey, verify certificate by computing MAC RandKey’’ = ECC(RandKey’) Cert == MAC (RandKey’’, Data) ? Error Correction Code used  Majority Encoding [Juels99,CVG03]

  10. Choosing Physiological Values PV1 PV0 • Identified PVs • Inter-Pulse-Interval (IPI) [PZ06]. • Heart Rate Variation (HRV) [BZZ05] • PV Distinctiveness Testing • Performanceevaluation criteria: • False Rejection Rate (FRR) • False Acceptance Rate (FAR) • FAR and FRR increased if two PVs lack synchronicity. • Randomness of PVs verified using Chi-Square Test. • Interference possible: • Drastic difference between PVs of two people will prevent un-wanted communication HRV HRV Encoder Encoder I1 Io 128 bits Hamming Distance 128 bits < 22 bits (same person)  90 bits (different person) Radio-range for Intended communication Interference

  11. Advantage of Using PV Based Security Traditional Secure Biosensor Network Communication S R BS Topology Formation Key Distribution Secure Communication • Unsecured • Cluster • Linear • Use distributed keys • Diffie Hellman (ECC) • Pre-deployed Keys • Random Key Assignment… PV based Secure Biosensor Network Communication S R BS Secure Topology Formation Secure Communication • PV based security • Centralized Cluster Formation • Distributed Cluster Formation • Use PV for sensor-sensor secure communication Key Distribution Completely Eliminated VERY EFFICIENT

More Related