Kriangsiri Malasri
Lan Wang
ABSTRACT
A medical sensor network can wirelessly monitor vital signs of humans, making it useful for long-term health care without sacrificing patient comfort and mobility. For such a network to be viable, its design must protect data privacy and authenticity given that medical data are highly sensitive. We identify the unique security challenges facing such a sensor network and propose a set of resource-efficient mechanisms to address these challenges. Our solution includes (1) a novel two-tier scheme for verifying the authenticity of patient data; (2) an ECC-based secure key exchange protocol to set up shared keys between sensor nodes and base stations; and (3) symmetric encryption/decryption for protecting data confidentiality and integrity. We have implemented the proposed mechanisms on a wireless mote platform and our results confirm their feasibility.
- M. Morris, S. S. Intille, and J. S. Beaudin, "Embedded assessment: Overcoming barriers to early detection with pervasive computing," in Proc. of PERVASIVE 2005, H. W. Gellersen, R. Want, and A. Schmidt, Eds. Springer-Verlag, 2005, pp. 333--346. Google Scholar
Digital Library
- S. Stern and D. Tzivoni, "Early detection of silent ischaemic heart disease by 24-hour electrocardiographic monitoring of active subjects," British Heart Journal, vol. 36, pp. 481--486, 1974.Google ScholarCross Ref
- R. Fischer, L. Ohno-Machado, D. Curtis, R. Greenes, T. Stair, and J. Guttag, "SMART: Scalable medical alert response technology," in Smart Medical Technologies Summit (SMT), 2004.Google Scholar
- V. Shnayder, B.-R. Chen, K. Lorincz, T. R. F. Fulford-Jones, and M. Welsh, "Sensor networks for medical care," Harvard University, Tech. Rep. TR-08-05, Apr. 2005.Google Scholar
- C. Park, P. H. Chou, Y. Bai, R. Matthews, and A. Hibbs, "An Ultra-Wearable, Wireless, Low Power ECG Monitoring System," Proceedings of IEEE BioCAS, Nov. 2006.Google Scholar
- A. Wood, G. Virone, T. Doan, Q. Cao, L. Selavo, Y. Wu, L. Fang, Z. He, S. Lin, and J. Stankovic, "ALARM-NET: Wireless Sensor Networks for Assisted-Living and Health Monitoring," University of Virginia, Tech. Rep. CS-2006-01, 2006.Google Scholar
- T. Gao, C. Pesto, L. Selavo, Y. Chen, J. Ko, J. Lim, A. Terzis, A. Watt, J. Jeng, B.-R. Chen, K. Lorincz, and M. Welsh, "Wireless medical sensor networks in emergency response: Implementation and pilot results," in Proc. 2008 IEEE Int. Conf. Technologies for Homeland Security, Waltham, MA, 2008.Google ScholarCross Ref
- Crossbow Technology, "MPR/MIB mote hardware users manual," Jan. 2006, http://www.xbow.com/Support/manuals.htm.Google Scholar
- Office for Civil Rights, United State Department of Health and Human Services, "Medical Privacy - National Standards to Protect the Privacy of Personal Health Information," http://hhs.gov/ocr/hipaa/finalreg.html.Google Scholar
- K. K. Venkatasubramanian and S. K. S. Gupta, "Security solutions for pervasive healthcare," in Security in Distributed, Grid, Mobile, and Pervasive Computing, Y. Xiao, Ed., 2007.Google Scholar
- Moteiv Corporation, "Tmote Sky," 2007, http://www.moteiv.com/products/tmotesky.php.Google Scholar
- N. Gura, A. Patel, A. Wander, H. Eberle, and S. C. Shantz, "Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs," in Workshop on Cryptographic Hardware and Embedded Systems, Aug. 2004.Google Scholar
- D. Chaum and E. van Heijst, "Group Signatures," in Advances in Cryptology - Eurocrypt '91, 1991, pp. 257--265.Google ScholarCross Ref
- "Fujitsu MBF200 Solid State Fingerprint Sensor," http://www.fujitsu.com/emea/services/microelectronics/sensors/.Google Scholar
- ODI Security, "Embedded Fingerprint Matching Module Utilizing Fujitsu Array Sensor," http://www.odisecurity.com/.Google Scholar
- A. L. Goldberger, L. A. N. Amaral, L. Glass, J. M. Hausdorff, P. C. Ivanov, R. G. Mark, J. E. Mietus, G. B. Moody, C.-K. Peng, and H. E. Stanley, "PhysioBank, PhysioToolkit, and PhysioNet: Components of a new research resource for complex physiologic signals," Circulation, vol. 101, no. 23, pp. e215--e220, 2000 (June 13).Google ScholarCross Ref
- N. Koblitz, "Elliptic curve cryptosystems," Mathematics of Computation, vol. 48, pp. 203--209, 1987.Google ScholarCross Ref
- V. Miller, "Use of elliptic curves in cryptography," in CRYPTO 85, 1985. Google ScholarDigital Library
- Certicom Research, "Standards for Efficient Cryptography (SEC) 1: Elliptic Curve Cryptography," Sept. 2000.Google Scholar
- "TinyOS Website," http://www.tinyos.net/.Google Scholar
- A. Liu, P. Kampanakis, and P. Ning, "TinyECC: Elliptic Curve Cryptography for Sensor Networks," http://discovery.csc.ncsu.edu/software/TinyECC/.Google Scholar
- S. C. Shantz, "From Euclid's GCD to Montgomery Multiplication to the Great Divide," Sun Microsystems, Tech. Rep. TR-2001-95, June 2001. Google ScholarDigital Library
- Certicom Research, "Standards for Efficient Cryptography (SEC) 2: Recommended Elliptic Curve Domain Parameters," Sept. 2000.Google Scholar
- H. Wang, B. Sheng, C. C. Tan, and Q. Li, "WM-ECC: an Elliptic Curve Cryptography Suite on Sensor Motes," Dept. of Computer Science, College of William and Mary, Tech. Rep. WM-CS-2007-11, 2007.Google Scholar
- D. Eastlake and P. Jones, "US Secure Hash Algorithm 1," Sept. 2001, RFC 3174, http://www.ietf.org/rfc/rfc3174.txt. Google ScholarDigital Library
- H. Krawczyk, M. Bellare, and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication," Feb. 1997, RFC 2104, http://www.ietf.org/rfc/rfc2104.txt. Google ScholarDigital Library
- B. Kaliski, "PKCS #5: Password-Based Cryptography Specification," Sept. 2000, RFC 2898, http://www.ietf.org/rfc/rfc2898.txt. Google ScholarDigital Library
- D. J. Malan, M. Welsh, and M. D. Smith, "A Public-Key Infrastructure for TinyOS Based on Elliptic Curve Cryptography," in Proceedings of the IEEE International Conference on Sensor and Ad Hoc Communications and Networks, Oct. 2004.Google Scholar
- Q. Wang, W. Shin, X. Liu, Z. Zeng, C. Oh, B. Al-Shebli, M. Caccamo, C. Gunter, E. Gunter, J. Hou, K. Karahalios, and L. Sha, "I-Living: An open system architecture for assisted living," in Proceedings of the IEEE SMC, 2006.Google Scholar
- J. C. Hou, et al., "PAS: A wireless-enabled, sensor-integrated personal assistance system for independent and assisted living," Proc. of Joint Workshop on High Confidence Medical Devices, Software, and Systems (HCMDSS) and Medical Device Plug-and-Play (MD PnP) Interoperability (HCMDSS/MD PnP'07), June 2007. Google ScholarDigital Library
- M. Aydos, B. Sunar, and C. K. Koc, "An elliptic curve cryptography based authentication and key agreement protocol for wireless communication," in Proceedings of the 2nd International Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications, 1998.Google Scholar
- Q. Zhang, J. Cukier, H. Kobayashi, B. Liu, and J. Zhang, "Fast authenticated key eastblishment protocols for self-organizing sensor networks," in Proceedings of the 2nd ACM International Conference on Wireless Sensor Networks and Applications, 2003, pp. 141--150. Google ScholarDigital Library
- A. Perrig, R. Szewczyk, V. Wen, D. Culler, and J. D. Tygar, "SPINS: Security protocols for sensor networks," in Proceedings of the ACM MOBICOM, 2001. Google ScholarDigital Library
- S. Zhu, S. Setia, and S. Jajodia, "LEAP: Efficient security mechanisms for large-scale distributed sensor networks," in Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), 2003. Google ScholarDigital Library
- NIST, "Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A," 2007, http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf.Google Scholar
Index Terms
- Design and implementation of a secure wireless mote-based medical sensor network
Recommendations
Cryptanalysis of Several Authentication Schemes for Healthcare Applications Using Wireless Medical Sensor Networks
ICNCC '16: Proceedings of the Fifth International Conference on Network, Communication and ComputingWireless sensor networks are being applied in different fields. One of those fields is the body sensor networks. Body sensor networks is a kind of wireless sensor network with higher flexibility and sensitivity because the sensors are put on or in user'...
Efficient and provably secure aggregation of encrypted data in wireless sensor networks
Wireless sensor networks (WSNs) are composed of tiny devices with limited computation and battery capacities. For such resource-constrained devices, data transmission is a very energy-consuming operation. To maximize WSN lifetime, it is essential to ...
Energy-efficient secure pattern based data aggregation for wireless sensor networks
Data aggregation in wireless sensor networks eliminates redundancy to improve bandwidth utilization and energy-efficiency of sensor nodes. This paper presents a secure energy-efficient data aggregation protocol called ESPDA (Energy-Efficient Secure ...
Comments