Secure communication in imd

  • 119 views
Uploaded on

 

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
119
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. AJAY KarriAJITH Joseph Jose
  • 2. OverviewProblem Resource DepletionProposed SolutionFeatures of ShieldSecurity ModelTicket FormatSecurity Issues AddressedDemoTest CasesFuture EnhancementsReferences
  • 3. Problem- Resource DepletionIMD Wireless Attacker
  • 4. Why Prevent Resource Depletion?• Attacks can cause serious fatalities to the patient• The lifetime of IMD reduces from several years to weeks• Replacing an IMD requires major surgery and will put patient at risk• Attacker may try to gain access to patient privacy information
  • 5. Proposed SolutionIMD SHIELD WIRELESS ATTACKER
  • 6. Features of Shield Prevents against the resource depletion attacks . Provides user authentication. Provides confidentiality to the IMD data. Acts as an gateway to the IMD. Maintains the user log. Acts as a session manager for IMD.
  • 7. Security Model 6 3Shield User TGS 5 4 1 2 Assumption:  Shared Secret shared securely shared between the users.  AES used as encryption algorithm. IMD Authenticator
  • 8. User Authenticator TGS SHIELD E[Name,Idc] K * - SHARED SECRED IDc - CLIENT ID E[K*,Tickettgs] E[IDc, Tickettgs] E[K*,Ticketshield ] E[IDc, Ticketshield] Begin Communication
  • 9. TICKET FORMATAuthentication Client Server E[K*, IDC, TIMESTAMP, LIFETIME]
  • 10. Access Pattern
  • 11. Authenticator User Request Access Allow or Deny Access Verify the user with Request TGS shared the secret database User accessShared Keys Authenticator Valid/ Pattern Invalid TGS Shared secret
  • 12. Shield Session Management:  Date and Time the user requested the access .  Duration of the user request.  Ticket lifetime. User logs: [ Time, User, Session Time, Access/Denied ] Establishes a secure communication channel between User and IMD by acting as a relay. Shield User Secure Channel Secure Channel IMD
  • 13. Start Listen to the incoming request Deny Accept Accept Check Validate Block the the log the userconnection Initiate Connection Deny the connection Add to log
  • 14. Security Issues Addressed• Attacker Directly contacts the IMD• Using Fake User ID and Password to authenticate• Sending Expired Ticket to TGS or Shield Server• Sending Fake Ticket to TGS or Shield Server
  • 15. DEMOSHIELD USER TGS  Communication between devices via Sockets  Programing Language: Java  Java CryptoX package used for security. IMD AUTHENTICATOR
  • 16. Test Cases Expired Ticket Invalid Ticket Invalid User access Pattern User Trying to Contact the IMD Directly Session Management
  • 17. Future Enhancements System needs to handle simultaneous user request The user and shield can to be implemented on a mobile device. Incorporate Key Exchange. Incorporate Log Auditing. The Log File At the Shield can be synchronized with the Authentication server
  • 18. Sources[1] Daniel Halperin, Thomas S. Heydt-benjamin, Kevin Fu, Tadayoshi Kohno, William H. Maisel“Security and Privacy for Implantable Medical Devices”, IEEE Pervasive Computing, vol 7, no.1,pp. 30-39, 2008.[2] Daniel Halperin, Kevin Fu, Shaun S.Clark, Pacemakers and Implantable CardiacDefibrillators: Software Radio Attacks and Zero-Power Defenses, IEEE Symposium on Securityand Privacy 2008.[3] http://www.ists.dartmouth.edu/events/abstract-kevinfu.html[4] K. Fu, “Inside risks: reducing risks of implantable medical devices,” Communications of theACM,vol. 52, pp: 25-27, Jun. 2009.[5] K. Malasri and L. Wang, “Securing wireless implantable devices for healthcare: ideas andchallenges,” IEEE Communications, vol. 47, pp: 74-80, Jul. 2009[6] Xiali Hei, Xiaojiang Du, Jie Wu, Fei Hu “Defending Resource Depletion Attacks onImplantable edical Devices”, Global Telecommunication Conference-GLOBECOM,pMp 1-5,2010.[7] B. E. Boser, I. M. Guyon, and V. N. Vapnik, “A training algorithm for optimal marginclassifiers,” In Proc. of the 5th Annual ACM Workshop on COLT, pp: 144-152, 1992.[8] S. Cherukuri, K. K. Venkatasubramanian, and S. K. S. Gupta, “Biosec: a biometric basedapproach for securing communication in wireless networks of biosensors implanted in thehuman body,” In Proc. of Intl. Conf. on Parallel Processing Workshops, pp: 432-439, 2003.