Secure communication architecture for medical devices
First Claim
1. A computer-implemented method of establishing a secure wireless communication connection between an insulin pump device and a mobile computing device using a remote server system, the method comprising:
- receiving, at the mobile computing device, a device identifier for at least the insulin pump device, wherein the insulin pump device includes an insulin reservoir to store insulin to be administered to a user, a pump assembly to deliver insulin from the insulin reservoir to the user, and a controller to control operation of the pump assembly according, at least in part, to commands provided to the insulin pump by the mobile computing device;
obtaining, by the mobile computing device, device information for the insulin pump device from the remote server system using the device identifier;
establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device identifier;
authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using a public key of an asymmetric key pair, the authentication including;
sending a first challenge to the insulin pump device that includes a first value;
determining a first response based on the first value and a shared secret;
receiving the first response from the insulin pump device, wherein the insulin pump device is authenticated based on receipt of the first response;
receiving, by the mobile computing device, a second challenge from the insulin pump device that includes a second value;
determining, by the mobile computing device, a second response based on the second value and the shared secret;
sending, by the mobile computing device, the second response to the insulin pump device; and
securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device.
6 Assignments
0 Petitions
Accused Products
Abstract
In one implementation, a computer-implemented method of establishing a secure wireless communication connection between an insulin pump device and a mobile computing device includes receiving, at a mobile computing device, a device identifier for the insulin pump device; obtaining, by the mobile computing device, device information for the insulin pump device from a remote server system using the device identifier; establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device information; authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using the public key for the insulin pump; and securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device.
58 Citations
20 Claims
-
1. A computer-implemented method of establishing a secure wireless communication connection between an insulin pump device and a mobile computing device using a remote server system, the method comprising:
-
receiving, at the mobile computing device, a device identifier for at least the insulin pump device, wherein the insulin pump device includes an insulin reservoir to store insulin to be administered to a user, a pump assembly to deliver insulin from the insulin reservoir to the user, and a controller to control operation of the pump assembly according, at least in part, to commands provided to the insulin pump by the mobile computing device; obtaining, by the mobile computing device, device information for the insulin pump device from the remote server system using the device identifier; establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device identifier; authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using a public key of an asymmetric key pair, the authentication including; sending a first challenge to the insulin pump device that includes a first value; determining a first response based on the first value and a shared secret; receiving the first response from the insulin pump device, wherein the insulin pump device is authenticated based on receipt of the first response; receiving, by the mobile computing device, a second challenge from the insulin pump device that includes a second value; determining, by the mobile computing device, a second response based on the second value and the shared secret; sending, by the mobile computing device, the second response to the insulin pump device; and securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. Computer readable media storing instructions to cause an electronic processor of a mobile computing device to perform operations for establishing a secure wireless communication connection between an insulin pump device and the mobile computing device using a remote server system, the operations comprising:
-
receiving, at the mobile computing device, a device identifier for at least the insulin pump device, wherein the insulin pump device includes an insulin reservoir to store insulin to be administered to a user, a pump assembly to deliver insulin from the insulin reservoir to the user, and a controller to control operation of the pump assembly according, at least in part, to commands provided to the insulin pump by the mobile computing device; obtaining, by the mobile computing device, device information for the insulin pump device from the remote server system using the device identifier; establishing, by the mobile computing device, a secure wireless connection with the insulin pump device using, at least in part, the device identifier; authenticating, by the mobile computing device, the insulin pump device based on asymmetric key verification using a public key of an asymmetric key pair, the authentication including; sending a first challenge to the insulin pump device that includes a first value; determining a first response based on the first value and a shared secret; receiving the first response from the insulin pump device, wherein the insulin pump device is authenticated based on receipt of the first response; receiving, by the mobile computing device, a second challenge from the insulin pump device that includes a second value; determining, by the mobile computing device, a second response based on the second value and the shared secret; sending, by the mobile computing device, the second response to the insulin pump device; and securely communicating, by the mobile computing device and in response to authenticating the insulin pump device, information with the insulin pump device. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method for authenticating a mobile application installed on a diabetes management controller, the method comprising:
-
generating, by a diabetes management computer system, a secret value to be used to verify authenticity of the mobile application installed on the diabetes management controller, wherein the diabetes management controller comprises a mobile computing device that interfaces with an insulin pump and the diabetes management computer system over in-band communication channels to control operation of the insulin pump; transmitting, by the diabetes management computer system, a request to an out-of-band service to provide the secret value to the mobile application via an out-of-band communication channel that is different from the in-band communication channels, wherein the transmitting causes; (i) the secret value to be transmitted to the diabetes management controller via the out-of-band communication channel, (ii) the diabetes management controller to provide the secret value to an authentic instance of the mobile application installed on the diabetes management controller, and (iii) the authentic instance of the mobile application on the diabetes management controller to automatically retransmit the secret value to the diabetes management computer system; receiving, at the diabetes management computer system, verification value from the diabetes management controller; comparing, by the diabetes management computer system, the verification value to the secret value; and determining, by the diabetes management computer system, that the instance of the mobile application installed on the diabetes management controller is authentic based, at least in part, on the comparison of the verification value with the secret value. - View Dependent Claims (20)
-
Specification