Secure authorization in an implantable medical device system

US 10,306,472 B2
Filed: 05/18/2016
Issued: 05/28/2019
Est. Priority Date: 01/28/2016
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

sending identification information from an implantable medical device system to a central system via an intermediary mobile electronic device, wherein the identity information includes a serial number of a component of the implantable medical device system and implantable medical device system nonce data;

using, at the central system, the implantable medical device system nonce data to generate an encrypted verification message that includes nonce data specific to the central system;

sending the encrypted verification message to the implantable medical device system via the intermediary mobile electronic device;

based on the encrypted verification message, establishing, at implantable medical device system, an indirect secure communication channel between the implantable medical device system and the central system via the intermediary mobile electronic device; and

using the indirect secure communication channel to authorize a user to wirelessly control one or more functions of the implantable medical device system via the mobile electronic device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments presented herein are generally directed to techniques for enabling a user of a mobile electronic device to wirelessly control one or more functions of an implantable medical device system. The techniques presented herein establish a secure (encrypted) communication channel between the implantable medical device system and a central system associated with the manufacturer of the implantable medical device system and use the secure communication channel to authorize a user to wirelessly control one or more functions of the implantable medical device system via the mobile electronic device.

Citations

19 Claims

1. A method, comprising:
- sending identification information from an implantable medical device system to a central system via an intermediary mobile electronic device, wherein the identity information includes a serial number of a component of the implantable medical device system and implantable medical device system nonce data;
  
  using, at the central system, the implantable medical device system nonce data to generate an encrypted verification message that includes nonce data specific to the central system;
  
  sending the encrypted verification message to the implantable medical device system via the intermediary mobile electronic device;
  
  based on the encrypted verification message, establishing, at implantable medical device system, an indirect secure communication channel between the implantable medical device system and the central system via the intermediary mobile electronic device; and
  
  using the indirect secure communication channel to authorize a user to wirelessly control one or more functions of the implantable medical device system via the mobile electronic device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the intermediary mobile electronic device is unable to decrypt any communication transferred between the implantable medical device system and the central system on the indirect secure communication channel.
  - 3. The method of claim 1, wherein the implantable medical device system communicates with the intermediary mobile electronic device via a short-range wireless communication channel, and wherein the central system communicates with the intermediary mobile electronic device via one or more network links.
  - 4. The method of claim 1, wherein establishing the indirect secure communication channel between the implantable medical device system and the central system comprises:
    - using a pre-existing encryption key that is known to both the implantable medical device system and the central system to decrypt the encrypted verification message sent between the implantable medical device system and the central system.
  - 5. The method of claim 1, wherein using the implantable medical device system nonce data to generate an encrypted verification message that includes nonce data specific to the central system comprises:
    - encrypting the data implantable medical device system nonce data using the pre-existing encryption key;
      
      randomly generating the nonce data specific to the central system;
      
      encrypting the nonce data specific to the central system using the pre-existing encryption key; and
      
      sending the encrypted data implantable medical device system nonce data and the encrypted cloud nonce data to the implantable medical device system via the intermediary mobile electronic device in the encrypted verification message.
  - 6. The method of claim 1, further comprising:
    - at the implantable medical device system, decrypting the nonce data specific to the central system using the pre-existing encryption key;
      
      generating a secondary encryption key based on the nonce data specific to the central system;
      
      encrypting the secondary encryption key using the pre-existing encryption key; and
      
      sending the encrypted secondary encryption key to the central system via the intermediary mobile electronic device.
  - 7. The method of claim 6, further comprising:
    - at the central system, decrypting the secondary encryption key using the pre-existing encryption key to extract the secondary encryption key; and
      
      configuring the central system to use the secondary encryption key for future communications with the implantable medical device system.
  - 8. The method of claim 7, further comprising:
    - generating a response message indicating that the secondary encryption key has been accepted for future use by the central system;
      
      encrypting the response message using the secondary encryption key; and
      
      sending the encrypted response message to the implantable medical device system via the intermediary mobile electronic device.

9. A system, comprising:
- a central system;
  
  an intermediary mobile electronic device; and
  
  an implantable medical device system configured to send identification information to the central system via the intermediary mobile electronic device, wherein the identity information includes a serial number of a component of the implantable medical device system and implantable medical device system nonce data,wherein the central system is configured to use the implantable medical device system nonce data to generate an encrypted verification message that includes nonce data specific to the central system, and to send the encrypted verification message to the implantable medical device system via the intermediary mobile electronic device, andwherein the implantable medical device system is configured to use the encrypted verification message to establish an indirect secure communication channel with the central system via the intermediary mobile electronic device, and wherein the indirect secure communication channel is useable authorize a user to wirelessly control one or more functions of the implantable medical device system via the mobile electronic device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the intermediary mobile electronic device is unable to decrypt any communication transferred between the implantable medical device system and the central system on the indirect secure communication channel.
  - 11. The system of claim 9, wherein the implantable medical device system is configured to communicate with the intermediary mobile electronic device via a short-range wireless communication channel, and wherein the central system is configured to communicate with the intermediary mobile electronic device via one or more network links.
  - 12. The system of claim 9, wherein to establish the indirect secure communication channel between the implantable medical device system and the central system, the implantable medical device system is configured to:
    - use a pre-existing encryption key that is known to both the implantable medical device system and the central system to decrypt the encrypted verification message sent between the implantable medical device system and the central system.
  - 13. The system of claim 9, wherein to use the implantable medical device system nonce data to generate the encrypted verification message that includes nonce data specific to the central system, the central system is configured to:
    - encrypt the data implantable medical device system nonce data using the pre-existing encryption key;
      
      randomly generate the nonce data specific to the central system;
      
      encrypt the nonce data specific to the central system using the pre-existing encryption key; and
      
      combine the encrypted data implantable medical device system nonce data with the encrypted cloud nonce data to form the encrypted verification message.
  - 14. The system of claim 9, wherein the implantable medical device system is configured to:
    - decrypt the nonce data specific to the central system using the pre-existing encryption key;
      
      generate a secondary encryption key based on the nonce data specific to the central system;
      
      encrypt the secondary encryption key using the pre-existing encryption key; and
      
      send the encrypted secondary encryption key to the central system via the intermediary mobile electronic device.
  - 15. The system of claim 14, wherein the central system is configured to:
    - decrypt the secondary encryption key using the pre-existing encryption key to extract the secondary encryption key; and
      
      use the secondary encryption key for future communications with the implantable medical device system.
  - 16. The system of claim 15, wherein the central system is configured to:
    - generate a response message indicating that the secondary encryption key has been accepted for future use by the central system;
      
      encrypt the response message using the secondary encryption key; and
      
      send the encrypted response message to the implantable medical device system via the intermediary mobile electronic device.

17. An implantable medical device system, comprising:
- a memory;
  
  a short-range wireless communication transceiver; and
  
  one or more processors configured to;
  
  send identification information from an implantable medical device system to a central system via an intermediary mobile electronic device, wherein the identity information includes a serial number of a component of the implantable medical device system and implantable medical device system nonce data;
  
  receive, via the intermediary mobile electronic device, an encrypted message sent by the central system, wherein the encrypted message is generated by the central system based on the identity information sent by the implantable medical device system;
  
  use the encrypted message to establish, via the intermediary mobile electronic device, an indirect secure communication channel with the central system; and
  
  use the indirect secure communication channel to authorize a user to wirelessly control one or more functions of the implantable medical device system via the mobile electronic device.
- View Dependent Claims (18, 19)
- - 18. The implantable medical device system of claim 17, wherein to establish the indirect secure communication channel with the central system, the one or more processors are configured to:
    - use a pre-existing encryption key that is known to both the implantable medical device system and the central system to decrypt the encrypted message by the central system.
  - 19. The implantable medical device system of claim 18, wherein the encrypted message includes nonce data specific to the central system, and wherein the one or more processors are configured to:
    - decrypt the encrypted message to obtain the nonce data specific to the central system using the pre-existing encryption key;
      
      generate a secondary encryption key based on the nonce data specific to the central system; and
      
      encrypt the secondary encryption key using the pre-existing encryption key; and
      
      send the encrypted secondary encryption key to the central system via the intermediary mobile electronic device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cochlear Limited
Original Assignee
Cochlear Limited
Inventors
Battiwalla, Xerxes, Rodrigues, Victor, Aufflick, Mark, Leslie, Ben
Primary Examiner(s)
Abedin, Shanto

Application Number

US15/158,128
Publication Number

US 20170223540A1
Time in Patent Office

1,105 Days
Field of Search

713168-172, 713182
US Class Current
CPC Class Codes

G16H 40/67   for remote operation

H04L 2209/88   Medical equipments

H04L 63/0435   wherein the sending and rec...

H04L 63/0492   by using a location-limited...

H04L 63/0876   based on the identity of th...

H04L 67/12   specially adapted for propr...

H04W 12/041   Key generation or derivation

H04W 12/069   using certificates or pre-s...

H04W 12/08   Access security

Secure authorization in an implantable medical device system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Secure authorization in an implantable medical device system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links