Cryptographic transfer of sensor data from the Amulet to a smartphone
[harmon:thesis]David B. Harmon. Cryptographic transfer of sensor data from the Amulet to a smartphone. Technical Report number TR2017-826, Dartmouth College, Computer Science, Hanover, NH, May 2017. ©Copyright the author. Senior Honors Thesis.
The authenticity, confidentiality, and integrity of data streams from wearable healthcare devices are critical to patients, researchers, physicians, and others who depend on this data to measure the effectiveness of treatment plans and clinical trials. Many forms of mHealth data are highly sensitive; in the hands of unintended parties such data may reveal indicators of a patient’s disorder, disability, or identity. Furthermore, if a malicious party tampers with the data, it can affect the diagnosis or treatment of patients, or the results of a research study. Although existing network protocols leverage encryption for confidentiality and integrity, network-level encryption does not provide end-to-end security from the device, through the smartphone and database, to downstream data consumers. In this thesis we provide a new open protocol that provides end-to-end authentication, confidentiality, and integrity for healthcare data in such a pipeline.
We present and evaluate a prototype implementation to demonstrate this protocol’s feasibility on low-power wearable devices, and present a case for the system’s ability to meet critical security properties under a specific adversary model and trust assumptions.
Citable with [BibTeX]
Keywords: [mhealth] [security] [wearable]
Available from the publisher: [page]
Available from the author:
Please obtain a copy from the publisher.