TY - GEN
T1 - PEES
T2 - 4th Conference on Wireless Health, WH 2013
AU - Banerjee, Ayan
AU - Gupta, Sandeep K.S.
AU - Venkatasubramanian, Krishna K.
N1 - Funding Information:
Lifelong monitoring of health has been recently prescribed as an e↵ective remedy to potentially life threatening diseases that have ⇤The works of Ayan Banerjee and Sandeep K.S. Gupta are supported by the NSF grants CNS-0831544 and IIS-1116385.
Publisher Copyright:
© 2013 ACM.
PY - 2013
Y1 - 2013
N2 - Ensuring security of private health data over the communication channel from the sensors to the back-end medical cloud is crucial in a mHealth system. This end-to-end (E2E) security is enabled by distributing cryptographic keys between a sensor and the cloud so that the data can be encrypted and its integrity protected. Further, the key can also be used for mutually authenticating the communication. The distribution of keys is one of the biggest overheads in enabling secure communication and needs to be done is a transparent way that minimizes the cognitive load on the users (patients). Traditional approaches for providing E2E security for mHealth systems are based on asymmetric cryptosystems that require extensive security infrastructure. In this paper, we propose a novel protocol, Physiology-based End-to-End Security (PEES), which provides a secure communication channel between the sensors and the back-end medical cloud in a transparent way. PEES uses: (1) physiological signal features to hide a secret key, and (2) synthetically generated physiological signals from generative models parameterized with patient's physiological information, to unhide the key. Moreover, in PEES authentication comes for free since only sensors on the user's body has access to physiological features and can therefore gain access to the protected information in the cloud. The analysis of the approach using electrocardiogram (ECG) and phototplethysmogram (PPG) signals and their associated models demonstrate the feasibility of PEES. The protocol is light-weight for sensors and has no pre-deployment or storage requirements and can provide strong and random keys (≈ 90 bits long). We have also started clinical studies to establish its efficacy in practice.
AB - Ensuring security of private health data over the communication channel from the sensors to the back-end medical cloud is crucial in a mHealth system. This end-to-end (E2E) security is enabled by distributing cryptographic keys between a sensor and the cloud so that the data can be encrypted and its integrity protected. Further, the key can also be used for mutually authenticating the communication. The distribution of keys is one of the biggest overheads in enabling secure communication and needs to be done is a transparent way that minimizes the cognitive load on the users (patients). Traditional approaches for providing E2E security for mHealth systems are based on asymmetric cryptosystems that require extensive security infrastructure. In this paper, we propose a novel protocol, Physiology-based End-to-End Security (PEES), which provides a secure communication channel between the sensors and the back-end medical cloud in a transparent way. PEES uses: (1) physiological signal features to hide a secret key, and (2) synthetically generated physiological signals from generative models parameterized with patient's physiological information, to unhide the key. Moreover, in PEES authentication comes for free since only sensors on the user's body has access to physiological features and can therefore gain access to the protected information in the cloud. The analysis of the approach using electrocardiogram (ECG) and phototplethysmogram (PPG) signals and their associated models demonstrate the feasibility of PEES. The protocol is light-weight for sensors and has no pre-deployment or storage requirements and can provide strong and random keys (≈ 90 bits long). We have also started clinical studies to establish its efficacy in practice.
UR - http://www.scopus.com/inward/record.url?scp=85139388494&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85139388494&partnerID=8YFLogxK
U2 - 10.1145/2534088.2534109
DO - 10.1145/2534088.2534109
M3 - Conference contribution
AN - SCOPUS:85139388494
SN - 9781450322904
T3 - Proceedings - Wireless Health 2013, WH 2013
BT - Proceedings - Wireless Health 2013, WH 2013
PB - Association for Computing Machinery
Y2 - 1 November 2013 through 3 November 2013
ER -