Secure communication architecture for medical devices

US 10,341,866 B1
Filed: 04/23/2018
Issued: 07/02/2019
Est. Priority Date: 02/11/2016
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method of establishing a secure wireless communication connection between an insulin pump device and a mobile computing device using a remote server system, the method comprising:

receiving, at the mobile computing device, a device identifier for at least the insulin pump device, wherein the insulin pump device includes an insulin reservoir to store insulin to be administered to a user, a pump assembly to deliver insulin from the insulin reservoir to the user, and a controller to control operation of the pump assembly according, at least in part, to commands provided to the insulin pump by the mobile computing device;

obtaining, by the mobile computing device, device information for the insulin pump device from the remote server system using the device identifier;

establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device identifier;

authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using a public key of an asymmetric key pair, the authentication including;

sending a first challenge to the insulin pump device that includes a first value;

determining a first response based on the first value and a shared secret;

receiving the first response from the insulin pump device, wherein the insulin pump device is authenticated based on receipt of the first response;

receiving, by the mobile computing device, a second challenge from the insulin pump device that includes a second value;

determining, by the mobile computing device, a second response based on the second value and the shared secret;

sending, by the mobile computing device, the second response to the insulin pump device; and

securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one implementation, a computer-implemented method of establishing a secure wireless communication connection between an insulin pump device and a mobile computing device includes receiving, at a mobile computing device, a device identifier for the insulin pump device; obtaining, by the mobile computing device, device information for the insulin pump device from a remote server system using the device identifier; establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device information; authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using the public key for the insulin pump; and securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device.

58 Citations

View as Search Results

20 Claims

1. A computer-implemented method of establishing a secure wireless communication connection between an insulin pump device and a mobile computing device using a remote server system, the method comprising:
- receiving, at the mobile computing device, a device identifier for at least the insulin pump device, wherein the insulin pump device includes an insulin reservoir to store insulin to be administered to a user, a pump assembly to deliver insulin from the insulin reservoir to the user, and a controller to control operation of the pump assembly according, at least in part, to commands provided to the insulin pump by the mobile computing device;
  
  obtaining, by the mobile computing device, device information for the insulin pump device from the remote server system using the device identifier;
  
  establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device identifier;
  
  authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using a public key of an asymmetric key pair, the authentication including;
  
  sending a first challenge to the insulin pump device that includes a first value;
  
  determining a first response based on the first value and a shared secret;
  
  receiving the first response from the insulin pump device, wherein the insulin pump device is authenticated based on receipt of the first response;
  
  receiving, by the mobile computing device, a second challenge from the insulin pump device that includes a second value;
  
  determining, by the mobile computing device, a second response based on the second value and the shared secret;
  
  sending, by the mobile computing device, the second response to the insulin pump device; and
  
  securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The computer-implemented method of claim 1, wherein receiving the device identifier comprises:
    - optically scanning, using a digital camera that is embedded within or otherwise in communication with the mobile computing device, a barcode on one or more surfaces of the insulin pump device; and
      
      identifying the device identifier based on the optical scanning of the barcode.
  - 3. The computer-implemented method of claim 1, wherein receiving the device identifier comprises:
    - receiving, through a user interface of the mobile computing device, user input that identifies at least a portion of the device identifier.
  - 4. The computer-implemented method of claim 1, wherein the device identifier comprises a serial number for the insulin pump device.
  - 5. The computer-implemented method of claim 1, wherein the secure wireless connection comprises a BLUETOOTH connection.
  - 6. The computer-implemented method of claim 1, wherein the insulin pump further includes a crypto processor that is configured to encrypt and decrypt information securely communicated with the mobile computing device.
  - 7. The computer-implemented method of claim 1, wherein the communication between the mobile computing device and the insulin pump device is encrypted using symmetric key encryption.
  - 8. The computer-implemented method of claim 7, wherein the symmetric key encryption comprises AES-CBC symmetric key encryption.
  - 9. The computer-implemented method of claim 1, wherein the mobile computing device comprises a smartphone.

10. Computer readable media storing instructions to cause an electronic processor of a mobile computing device to perform operations for establishing a secure wireless communication connection between an insulin pump device and the mobile computing device using a remote server system, the operations comprising:
- receiving, at the mobile computing device, a device identifier for at least the insulin pump device, wherein the insulin pump device includes an insulin reservoir to store insulin to be administered to a user, a pump assembly to deliver insulin from the insulin reservoir to the user, and a controller to control operation of the pump assembly according, at least in part, to commands provided to the insulin pump by the mobile computing device;
  
  obtaining, by the mobile computing device, device information for the insulin pump device from the remote server system using the device identifier;
  
  establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device identifier;
  
  authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using a public key of an asymmetric key pair, the authentication including;
  
  sending a first challenge to the insulin pump device that includes a first value;
  
  determining a first response based on the first value and a shared secret;
  
  receiving the first response from the insulin pump device, wherein the insulin pump device is authenticated based on receipt of the first response;
  
  receiving, by the mobile computing device, a second challenge from the insulin pump device that includes a second value;
  
  determining, by the mobile computing device, a second response based on the second value and the shared secret;
  
  sending, by the mobile computing device, the second response to the insulin pump device; and
  
  securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The computer readable media of claim 10, wherein receiving the device identifier comprises:
    - optically scanning, using a digital camera that is embedded within or otherwise in communication with the mobile computing device, a barcode on one or more surfaces of the insulin pump device; and
      
      identifying the device identifier based on the optical scanning of the barcode.
  - 12. The computer readable media of claim 10, wherein receiving the device identifier comprises:
    - receiving, through a user interface of the mobile computing device, user input that identifies at least a portion of the device identifier.
  - 13. The computer readable media of claim 10, wherein the device identifier comprises a serial number for the insulin pump device.
  - 14. The computer readable media of claim 10, wherein the secure wireless connection comprises a BLUETOOTH connection.
  - 15. The computer readable media of claim 10, wherein the insulin pump further includes a crypto processor that is configured to encrypt and decrypt information securely communicated with the mobile computing device.
  - 16. The computer readable media of claim 10, wherein the communication between the mobile computing device and the insulin pump device is encrypted using symmetric key encryption.
  - 17. The computer readable media of claim 16, wherein the symmetric key encryption comprises AES-CBC symmetric key encryption.
  - 18. The computer readable media of claim 10, wherein the mobile computing device comprises a smartphone.

19. A method for authenticating a mobile application installed on a diabetes management controller, the method comprising:
- generating, by a diabetes management computer system, a secret value to be used to verify authenticity of the mobile application installed on the diabetes management controller, wherein the diabetes management controller comprises a mobile computing device that interfaces with an insulin pump and the diabetes management computer system over in-band communication channels to control operation of the insulin pump;
  
  transmitting, by the diabetes management computer system, a request to an out-of-band service to provide the secret value to the mobile application via an out-of-band communication channel that is different from the in-band communication channels, wherein the transmitting causes;
  
  (i) the secret value to be transmitted to the diabetes management controller via the out-of-band communication channel,(ii) the diabetes management controller to provide the secret value to an authentic instance of the mobile application installed on the diabetes management controller, and(iii) the authentic instance of the mobile application on the diabetes management controller to automatically retransmit the secret value to the diabetes management computer system;
  
  receiving, at the diabetes management computer system, verification value from the diabetes management controller;
  
  comparing, by the diabetes management computer system, the verification value to the secret value; and
  
  determining, by the diabetes management computer system, that the instance of the mobile application installed on the diabetes management controller is authentic based, at least in part, on the comparison of the verification value with the secret value.
- View Dependent Claims (20)
- - 20. The method of claim 19, further comprising:
    - automatically initiating a timer on the diabetes management computer system after transmitting the request to the out-of-band service, the timer being programmed to expire if the verification value is not received within a threshold period of time since initiating the timer, wherein expiration of the timer indicates that the mobile application installed on the diabetes management controller is not authentic.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Insulet Corporation
Original Assignee
Bigfoot Biomedical, Inc.
Inventors
Spencer, Gil, Lee, Kevin S., Hinkel, Cameron
Primary Examiner(s)
Le, Thien M

Application Number

US15/959,450
Time in Patent Office

435 Days
Field of Search
US Class Current
CPC Class Codes

A61M 2205/3569   sublocal, e.g. between cons...

A61M 2205/3584   using modem, internet or bl...

A61M 2205/50   with microprocessors or com...

A61M 2205/502   User interfaces, e.g. scree...

A61M 2205/6072   Bar codes

A61M 2205/8206   battery-operated

A61M 5/14244   adapted to be carried by th...

A61M 5/172   electrical or electronic A6...

A61M 5/20   Automatic syringes, e.g. wi...

G06F 21/44   Program or device authentic...

G06F 21/602   Providing cryptographic fac...

G06F 21/629   to features or functions of...

G06K 19/06028   using bar codes

G06K 7/10722   Photodetector array or CCD ...

G06K 7/1413   1D bar codes

H04L 2209/80   Wireless network architectu...

H04L 2209/88   Medical equipments

H04L 63/0435   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 63/18   using different networks or...

H04L 9/0631 : Substitution permutation ne...

H04L 9/0637 : Modes of operation, e.g. ci...

H04L 9/0825 : using asymmetric-key encryp...

H04L 9/3236 : using cryptographic hash fu...

H04L 9/3271 : using challenge-response

H04W 12/02 : Protecting privacy or anony...

H04W 12/06 : Authentication

H04W 12/50 : Secure pairing of devices

H04W 12/71 : Hardware identity

H04W 12/77 : Graphical identity

H04W 84/18 : Self-organising networks, e...

View All

Secure communication architecture for medical devices

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Secure communication architecture for medical devices

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others