Emergency Aware, Non-invasive, Personalized Access Control Framework for IMDs

Abstract

Implantable Medical Devices have helped patients suffering from chronic diseases by providing continuous diagnosis, treatment and remote monitoring without hospitalization and at a less expense with increased flexibility. Incorporation of wireless bidirectional communication has introduced vulnerabilities like unauthorized wireless access which might get realized as a security attack and endanger patient privacy and safety. Traditional security and privacy techniques cannot be directly applied to these devices because of their miniaturized size which leads to power, computational and storage constraint. Moreover their positioning inside the human body makes battery replacement possible only through surgery. Security and privacy technique for these devices must balance security and safety and should also be acceptable and usable. Moreover it should not reduce the clinical effectiveness of the device. Security researchers have proposed ways of providing security but have kept the property of fail openness in order to make IMD accessible during emergencies. Fail openness is defined as a property of Implantable Medical Device due to which during emergency condition access is granted bypassing all security techniques. We argue that the patient is all the more vulnerable during an emergency situation and complete removal of security may be dangerous for the safety of the patient.We propose a solution to provide fine grained Access Control which also takes emergency condition into notice. The security needs for IMD communication requires dynamic and flexible policy enforcement. While providing strong Access Control during normal situation, our solution accommodates emergency access to the data in a life-threatening situation. We propose personalized Emergency Aware role based Access Control (EAAC) framework. This framework can work in conjunction with Authentication and Encryption to provide a strong security solution as compared to other solutions. In fact we believe that the possibility of an attacker inducing false alarms to introduce fake emergency situation and take control of the IMD is likely to increase and the solution that we propose here may be more useful in such cases.Our paper highlight security challenges when fail open access is given and provide a solution using EAAC framework. © Springer-Verlag Berlin Heidelberg 2014.