Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Seminar on Body Area Networks


Published on

A seminar on Body Area Networks for Electronics and Communication students

Published in: Education, Business

Seminar on Body Area Networks

  1. 1. A Seminar onData Security, Privacy and OtherApplications in Emerging BodyArea Networks Narayana Vinayak B080015EC
  2. 2. Layout of the Seminar Goals Introduction Typical Applications Research Challenges Data Security and Privacy Models Proposed
  3. 3. Goals Understanding BANs Appreciating their „potency‟ Being aware of their current applications Understanding the challenges on the horizon Understanding models proposed for data security in BANs
  4. 4. IntroductionDefinition by IEEE: “A communicationstandard optimized for low power devices for theiroperation on, in or around the human body (but notlimited to humans) to serve a variety ofapplications including medical, consumerelectronics or personal entertainment and other.”Source: IEEE 802.15
  5. 5. Typical ApplicationsSource: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area NetworkingTechnologies,” IEEE Wireless Communications, Feb. 2010
  6. 6. LayoutSource: M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010
  7. 7. Relevance* Ageing population; sedentary lifestyle* WHO stats: # Diabetics-360 million by 2030 # >2.3 bn. people obese by 2015 # rise in neuro-degenerative diseases* Fragile healthcare system, rising medical costs* Shortage of trained health staff in third world
  8. 8. Realisation Strategically placed wearable or implanted sensor nodes Job: sample, process and transmit vital signs What signs?  Heart rate, blood pressure, temperature, pH, respiration etc. Where to?  To a hospital, clinic or a central repository of medical data How? • A gateway device (e.g., a cell phone or a PDA) is used as a gateway device to connect to infrastructure networks like WLAN, WPAN etc.
  9. 9. Source: Mark A. Hanson et al., “Body Area Sensor Networks: Challenges and Opportunities,” Computer, Jan. 2009
  10. 10. Uses Alerting the patient via SMS, alarm or reminder messages Close-loop bio-feedback: if high sugar-level, a device triggers an insulin pump to inject a dose of insulin (artificial pancreas) Long-term medical trend analysis Reduction in hospital stays Regulation of treatment regimes Essence: Offering a paradigm shift from managing ILLNESS to managing WELLNESS by focusing on prevention and early detection (pre-emptive defence!)
  11. 11. Research Challenges1. Frequency Band Selection: 1. Most BAN devices need global operability 2. Facility for low-power usage (less crowded) 3. Less stringent rules for flexible usage and adaptability 4. Solutions proposed: Opening up the 2360-2400 MHz spectrum near ISM for medical BANs and allocating up to 24 MHz in the 413-457 MHz range for medical micropower network2. Antenna Design: 1. Restrictions on size, material and shape of antenna 2. Hostile RF environment due to changes in wearer‟s age, weight changes and posture changes 3. During implants only non-corrosive and bio-compatible material can be used: Platinum or Titanium (both poor) against the usual copper
  12. 12. Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective InEmerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010
  13. 13. 3. PHY Protocol Design: 1. Minimize power consumption 2. Solution: Quick turn-around from transmit to receive and fast wake-up from sleep mode 3. Seamless connectivity in dynamic environments4. Energy-Efficient Hardware: 1. Today‟s wireless technologies draw relatively high peak current 2. Also rely on duty cycling between sleep and active 3. Solution: Operation on low peak pulse-discharge current from thin-film (paper) batteries, idle listening, developing a crystal- less radio* * Reference: F. Sebastiano et al., “Impulse Based Scheme for crystal- less ULP Radios”, Proc. IEEE ISCAS, May 2008, pp. 1508-1511.5. Technical Requirements: 1. Wide variation in data rate, BER, delay tolerance, duty cycle and lifetime 2. Diverse application environments
  14. 14. Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010
  15. 15. Source: M. Patel and J. Wang, IEEE Wireless Communications, Feb. 2010
  16. 16. Candidate Technologies Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective InEmerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010
  17. 17. Entities Involved in Research The IEEE 802.15.6 Task Group is application developing the first industrial standard for the Physical and MAC layers for BAN (done, Feb. 2011) transport Major competition: ZigBee and Bluetooth. network Holistic standardization needed for plug- and-play interoperability link ISO/IEEE 11073 Personal Health Data Working Group: Standardization of data exchange between peripheral area physical network devices and gateway devices
  18. 18. Source: M. Patel and J. Wang, “Applications,Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010
  19. 19. Data Security and Privacy Data Security: Data is securely stored and transferred Data Privacy: Data can be used only by authorized people Application scenario: ◦ Emergency; paramedic reads RFID* tag to get the patient‟s medical records and his profile. ◦ WBAN is set up with wearable sensors ◦ Nurse reads health data from WBAN and uploads data onto local network ◦ Patient‟s gateway device is configured with an Access Policy (AP) that grants access to records (also adapts automatically) ◦ Patient can adjust his AP to hide sensitive data* Radio Frequency Identification is a standard technologythat uses Radio waves to sense the details of an object fortracking. It uses RFID tags for this purpose.
  20. 20.  Threats Faced by Data within BAN: ◦ Threat from Device Compromise (encrypted data and key in same node) ◦ Threat from Network Dynamics (fake nodes masquerade real ones) Storage Security Requirements: ◦ Confidentiality ◦ Dynamic Integrity Assurance ◦ Dependability Access Security Requirements: ◦ Access Control (privacy; Fine-Grained) ◦ Accountability ◦ Revocability ◦ Non-Repudiation Other Requirements: ◦ Authentication ◦ Availability ◦ Security-Safety, Security-Efficiency and Security-Usability conflict resolution
  21. 21. Source: M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010The above Access Policy reads: “allow access by a doctorfrom the surgery department but not Dr. X, or an analyst ora paramedic, or a nurse who is not an intern.”
  22. 22. Models ProposedSecure and Dependable Data Storage Schemes:1. Based on Redundant Residue Number System (RRNS) 1. Proposed by Chessa et al. 2. Method: A number representable on a set of h moduli is represented by h + r moduli, where the extra r moduli are redundant 3. Source Node S distributes a single file F among n other nodes, where n=h + r is a random pick 4. S computes F‟s residue vector and distributes each file share to a different storage node 5. Pros.: Erasure tolerance is s<=r and corruption tolerance is ceil((r-s)/2) 6. Cons.: Set of moduli can be very large, data integrity not ensured when number of errors is more than r.
  23. 23. 2. Based on Erasure Coding 1. Proposed by Wang et al. 2. Original encrypted data is broken down into n data shares, with each of them made of a block generated from (n,k) erasure coding and a share of the secret key using (n,k) secret sharing 3. These data shares are then distributed among the n neighbouring nodes 4. Dynamic Integrity Check: Each storage node computes and broadcasts an algebraic signature on one data share; one node checks its signature against those by other nodes to detect alterations timely 5. Pros.: Data confidentiality, dependability and dynamic integrity achieved simultaneously 6. Cons.: No third party (say, the local server) can perform integrity checks.
  24. 24. 3. Based on Constant Data Motion method 1. Proposed by Pietro et al. 2. Idea: Move the data from one sensor node to the next so as to make it hard for the cracker to „track‟ and „catch‟ the data 3. Found to be very efficient (high data survival probability) 4. Cons.: High communication and storage overhead; less practical in energy-strained environments4. Attribute Based Encryption (ABE) 1. Proposed by Li et al. 2. Specifically called the Ciphertext Policy ABE (CP-ABE) 3. Perfectly matches the model of Role-Based Access Control (RBAC) 4. Each user has a set of roles; patient chooses which roles to grant access to. 5. When a node in WBAN generates data, the AP is built into the Ciphertext; splitting a secret among components belonging to different user attributes; randomized to prevent user-collusion 6. Effectively implements fine-grained access control
  25. 25. Physiological Signal-based Key Agreement (PSKA): Proposed by Ayan Banerjee et al. Requires no a priori deployment of keying material or initialization Inspiration: Dynamic and complex nature of human physiological signals Design goals met: ◦ Length and randomness ◦ Low latency ◦ Distinctiveness ◦ Temporal variance Signal used: Electrocardiogram (EKG) commonly
  26. 26.  Method used: Cons.: It may correct a few differences in feature vectors but can‟t handle the reordering of or presence of additional feature vectors; solution: fuzzy vault
  27. 27. Fuzzy Vault Generate a v-th order polynomial p over the variable x that encodes the secret S Compute the value of the polynomial at different x from the set A (at the transmitter) and create a set R= {a, p(a)} Add randomly generated set of points called chaff to R, which don‟t lie on the polynomial; we call R as the vault To unlock the vault using set B (at the receiver), construct a set Q (see example given overleaf) Unlocking is possible only if Q has a significant number of legitimate (non-chaff) points that are on the polynomial Mapping to PSKA: Features at sender are set to A and those at the receiver, in set B
  28. 28. ExampleConsider the polynomial: p(x) = x + 1; A = {1, 2, 3};B = {1, 3, 4}Now, vault R is created by computing the polynomial‟s valueat each point in A and adding chaff-pointsSo, R = { (1, 2)(2, 3)(3, 4)(4, 7)(6, 9)(7, 12)(8, 5) }The last four points are chaff-pointsTo unlock the vault, the set Q is constructed, Q = { (1, 2)(3, 4)(4, 7) }As the set Q has two points on the polynomial, we can use itto reconstruct the first-order polynomial, and thus, unlockthe secret
  29. 29. Major References M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010, pp. 80-88 A. Banerjee et al., “PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks,” IEEE Transactions On Information Technology In Biomedicine, Jan. 2010, pp. 60-68 M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010, pp. 51-58 Others: Cited in the Report
  30. 30. Thanks a lot!