Biometric-based authentication scheme for Implantable Medical Devices during emergency situations

Abstract

Biometric recognition and analysis are among the most trusted features to be used by Implantable Medical Devices (IMDs). We aim to secure these devices by using these features in emergency scenarios. As patients can witness unpredictable lethal accidents, any implantable medical device should allow access to urgent medical interventions from legitimate parties. Any delay in providing immediate medical support can endanger the patient's life. Hence, we propose in this work an authentication scheme that allows access to the implanted devices in emergency situations for only legitimate users. We have designed in the first place a scheme for authentication using Electrocardiogram instantaneous readings. Then, we joined the latter to a fixed biometric reading, which is fingerprint reading, to enable access to emergency medical teams. We have designed a scheme in a way to prevent attackers from accessing/hijacking the device even during emergency situations. This scheme has been assisted with elliptic curve cryptography to protect the wireless exchange of requested keys. The scheme relies on the instantaneous reading of the patient's heartbeat and his/her fingerprint reading to create a secure key. This key will validate the authentication request of the new medical team. We have analyzed this scheme deeply to verify that they offer the necessary security for the patient's life. We have tested if the wireless exchange of the key will expose the device's privacy. We have also tested the accuracy of the authentication process to ensure a safe and a valid performance of the authentication process. The scheme has been designed with consideration to any hardware/software limitation that characterize any implantable medical device. - 2019 Elsevier B.V.