Abstract: As healthcare in developed countries faces increasing demand due to an aging population and rising costs, mobile and sensing technologies promise a new opportunity; health providers can deliver healthcare services to the homes and workplaces of patients with low-cost equipment and improved quality. Recently, the research community and government regulators rightly recognized the importance of the security and privacy of remote healthcare systems. In particular, while protecting data integrity and delivering reliable information to health providers is important, it is challenging to achieve because of the nature of low-cost and remote sensors, which are untrustworthy devices out of the control of providers.
We present SenseRight, our scheme to provide three main integrity properties: platform integrity protects mobile phones and sensors from compromise; temporal integrity certifies the timings of sensor readings and their simultaneity; and spatial integrity alleviates attempts to misguide the system with fraudulent sensor locations. SenseRight achieves its goal by providing a certification architecture in conjunction with tamper-resistant hardware, a secure pairing protocol, a time-aware adaptive collection protocol, and secure frequency hopping. We evaluate the feasibility of SenseRight by experimenting with state-of-the-art medical sensor board (SHIMMER by Intel) and mobile computing devices (Nokia N800/N810). Results show that SenseRight imposes minimal performance overhead onto existing mechanisms and its adaptive collection protocol significantly improves timing error of unreliable sensor clocks.
No online copy available.
Copyright © 2009 by the authors.