Convergence Security Journal (융합보안논문지)

Korea convergence Security Association (한국융합보안학회)
권호 표지

Design of 3-Tier Security Mechanism for Improving Security of the Implantable Medical Devices

체내 이식형 의료기기의 보안성 향상을 위한 3-Tier 보안 메커니즘 설계

  • 안승현 (단국대학교 일반대학원 전자계산학과) ;
  • 박창섭 (단국대학교 컴퓨터과학과) ;
  • 박주호 (단국대학교 일반대학원 소프트웨어보안전공)
  • Received : 2014.05.08
  • Accepted : 2014.05.26
  • Published : 2014.05.30
Download PDF
⟨ Previous Next ⟩

Abstract

As both medical and IT technologies advance, convergent medical technologies such as implantable medical devices are receiving a lot of attentions from the research and medical appliance market. On the other hand, such a new medical service is facing several new security threats including patient privacy breach since the service is based on the wireless communication. Especially, the new security threat could induce the patient's life threatening accident, so that more secure measures should be provided. In this paper, a variety of security threats associated with the implantable medical devices are pinpointed and a new security mechanism against such threats is proposed.

의료기술 및 IT 기술의 급격한 발전으로 인해 체내 이식형 의료기기와 같은 융합 의료기술에 대한 관심이 날로 증가하고 있다. 하지만, 체내 이식형 의료기기와 같은 새로운 형태의 의료서비스는 무선통신을 통해서 제공되고 있기 때문에 무선통신에서 발생가능한 개인정보 위협을 포함한 다양한 보안 취약점에 관한 문제 역시 중요 이슈로 떠오르고 있다. 특히, 이러한 의료서비스에서의 보안상 취약점은 환자에게 치명적인 위협으로 다가갈 수 있기 때문에 더욱 안전한 방식의 보안성 제공이 요구된다. 본 논문에서는 현재 제공되고 있는 체내 이식형 의료기기를 이용한 의료서비스에 서 발생할 수 있는 보안상 취약점들을 지적하고 이에 대응하기 위한 보안 메커니즘을 제안한다.

Keywords

References

  1. U. Lakshmanadoss, A. Shah and J. P. Daubert, "Telemonitoring of the Pacemakers," Modern Pacemakers - Present and Future, Prof. Mithilesh R Das (Ed.), InTech, pp. 129-146, Feb. 2011.
  2. Medtronic-Carelink (R) Network, http://world.medtroniccarelink.net/, Accessed on June 2013.
  3. Biotronik-Home Monitoring (R) Service Center, http://www.biotronik.com/, Accessed on June 2013.
  4. IEEE, "Part 15.6: Wireless Body Area Networks", 29 February 2012.
  5. D. Halperin, T. S. Heydt-Benjamin, K. Fu, T. Kohno, and W. H. Maisel, "Security and Privacy for Implantable Medical Devices," IEEE Pervasive Computing, vol. 7, no. 1, pp. 30-39, Jan. 2008. https://doi.org/10.1109/MPRV.2008.16
  6. R. A. Balczewski and K. Lent, "Security System for Implantable Medical Devices," U.S. Patent 6,880,085, Apr. 12, 2005.
  7. J. A. von Arx, A. T. Koshiol, and J. E. Bange, "Secure Long-Range Telemetry for Implantable Medical Device," U.S. Patent 7,155,290, Dec. 26, 2006.
  8. K. B. Rasmussen, C. Castelluccia, T. Heydt-Benjamin, and S. Capkun, "Proximity-based Access Control for Implantable Medical Devices," in Proc. of the 16th ACM conference on Computer and Communications Security, pp. 410-419, Chicago, Illinois, U.S.A., Nov. 9-13, 2009.
  9. T. Denning, A. Borning, B. Friedman, B. T. Gill, T. Kohno and W. H. Maisel, "Patients, Pacemakers, and Implantable Defibrillators: Human Values and Security for Wireless Implantable Medical Devices," In Proc. of the SIGCHI Conference on Human Factors in Computing Systems, pp. 917-926, Atlanta, GA. U.S.A., Apr. 10-15, 2010.
  10. S. Schechter, "Security that is Meant to be Skin Deep: Using Ultraviolet Micropigmentation to Store Emergency-Access Keys for Implantable Medical Devices," in Proc. of the first USENIX Workshop on Health Security and Privacy, pp. 1-2, Washington D.C., U.S.A., Aug. 11-13, 2010.
  11. S. Barold, R. Stroobandt and A. Sinnaeve, "Cardiac Pacemakers Step by Step," An Illustratied Guide, Blackwell Futra, 2004.
  12. D. Halperin, T. S. Heydt-Benjamin, B. Ransford, S. S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. H. Maisel, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," in Proc. of the IEEE Symposium on Security and Privacy, pp. 129-142, Oakland, CA. U.S.A., May 18-22, 2008.
  13. C. Li, A. Raghunathan and N. K. Jha, "Hijacking an Insulin Pump: Security Attacks and Defenses for a Diabetes Therapy System," In Proc. of the IEEE International Conference on e-Health Networking, Applications, and Services, pp. 150-156, Columbia, MO., U.S.A., June 13-15, 2011.
  14. K. Malasri and L. Wang, "Securing Wireless Implantable Devices for Healthcare: Ideas and Challenges," IEEE Communications Magazine, vol. 47, no. 7, pp. 74-80, July 2009.