The Community for Technology Leaders
RSS Icon
Issue No.01 - January-March (2008 vol.7)
pp: 30-39
Daniel Halperin , University of Washington
Thomas S. Heydt-Benjamin , University of Massachusetts Amherst
Kevin Fu , University of Massachusetts Amherst
Tadayoshi Kohno , University of Washington
William H. Maisel , Beth Israel Deaconess Medical Center and Harvard Medical School
Implantable medical devices, such as pacemakers and implantable cardiac defibrillators, can save lives and greatly improve a patient’s quality of life. As the use of wireless IMDs increases and as these devices begin to interoperate in vivo, the need to address IMD security and patient privacy under adversarial conditions will increase. A new framework for evaluating the security and privacy of wireless IMDs attempts to balance the tensions between these goals and traditional IMD design goals such as safety and utility. Proposed research directions can help mitigate conflicts between these goals, but solutions will require design trade-offs and the collective expertise of the medical community, security community, and regulatory bodies. This article is part of a special issue on implantable electronics.
medical safety, implantable medical devices, security, privacy, pervasive computing
Daniel Halperin, Thomas S. Heydt-Benjamin, Kevin Fu, Tadayoshi Kohno, William H. Maisel, "Security and Privacy for Implantable Medical Devices", IEEE Pervasive Computing, vol.7, no. 1, pp. 30-39, January-March 2008, doi:10.1109/MPRV.2008.16
1. K. Hanna et al., eds., Innovation and Invention in Medical Devices: Workshop Summary, US Nat'l Academy of Sciences, 2001.
2. S. Cherukuri, K. Venkatasubramanian, and S. Gupta, "BioSec: A Biometricthe Based Approach for Securing Communication in Wireless Networks of Biosensors Implanted in the Human Body," Proc. Int'l Conf. Parallel Processing (ICPP) Workshops, IEEE CS Press, 2003, pp. 432–439.
3. US Food and Drug Administration, "Unique Device Identification; Request forComments," Federal Register, vol. 71, no. 155, 2006, pp. 46,233–46,236; .
4. T. Drew and M. Gini, "Implantable Medical Devices as Agents and Part of Multiagent Systems," Proc. 5th Int'l Joint Conf. Autonomous Agents and Multiagent Systems (AAMAS06), ACM Press, 2006, pp. 1534–1541.
5. S. Gupta, T. Mukherjee, and K. Venkatasubramanian, "Criticality Aware Access Control Model for Pervasive Applications," Proc. 4th Ann. IEEE Int'l Conf. Pervasive Computing and Comm. (PERCOM06), IEEE CS Press, 2006, pp. 251–257.
6. A. Juels, "RFID Security and Privacy: A Research Survey," IEEE J. Selected Areas in Comm., Feb. 2006, pp. 381–394.
7. M. Jakobsson and S. Wetzel, "Security Weaknesses in Bluetooth," Progress in Cryptology—CT-RSA 2001: The Cryptographers' Track at RSA Conf. 2001, LNCS 2020, Springer, 2001, pp. 176–191.
8. M. Gruteser and D. Grunwald, "A Methodological Assessment of Location Privacy Risks in Wireless Hotspot Networks," First Int'l Conf. Security in Pervasive Computing, Springer, 2003, pp. 10–24.
9. L. Bauer et al., "Device-Enabled Authorization in the Grey System," Proc. 8th Int'l Conf. Information Security (ISC 05), Springer, 2005, pp. 431–445.
10. B. Schneier and J. Kelsey, "Cryptographic Support for Secure Logs on Untrusted Machines," Proc. Usenix Security Symp., Usenix Press, 1998, pp. 53–62.
11. A. Juels and J. Brainard, "Client Puzzles: A Cryptographic Countermeasure against Connection Depletion Attacks," Proc. Network and System Security Symp. (NDSS 99), Internet Soc., 1999, pp. 151–165.
12. A. Juels, P. Syverson, and D. Bailey, "High-Power Proxies for Enhancing RFID Privacy and Utility," Privacy Enhancing Technologies, LNCS 3856, Springer, 2005, pp. 210–226.
13. M. Rieback, B. Crispo, and A. Tanenbaum, "RFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management," Proc. 10th Australasian Conf. Information Security and Privacy (ACISP05), LNCS 3574, Springer, 2005, pp. 184–194.
39 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool