Personal security manager for ubiquitous patient monitoring
First Claim
1. A secure end-to-end patient healthcare system comprising:
- at least two wireless medical sensors adapted to be attached to a patient'"'"'s body and in communication with each other forming a body sensor network within a wireless medical sensor network including one or more body sensor networks, the at least two wireless medical sensors including a first and a second wireless medical sensor;
a memory configured to store λ
-secure key material, the memory incorporated into each of said wireless medical sensors for enabling secure communications between said wireless medical sensors;
a personal security manager within the body sensor network and in communication with said one or more wireless medical sensors within said body sensor network, said personal security manager providing secure communications with backend services and providing security relationships within said body sensor network by use of said λ
-secure key material, wherein said λ
-secure key material ensures that a coalition of less than λ
compromised wireless medical sensors cannot calculate a pairwise key between any two non-compromised wireless medical sensors and the λ
-secure key material provides protection against wireless medical sensor compromise until λ
+1 wireless medical sensors have been compromised, the λ
-secure key material being generated by evaluating a bivariate polynomial of degree λ
; and
a healthcare card plugged into the personal security manager, wherein the healthcare card includes identification information and security information for secure communication with the backend healthcare services, wherein the personal security manager includes a certificate issued by a local trust center, and wherein the system is adapted to execute a security protocol for auditing and/or access control and/or privacy protection, and/or mutual authentication of the personal security manager with the healthcare cardwherein the first wireless medical sensor generates a pairwise key based on the λ
-secure key material , encrypts a message using the pairwise key, and sends the encrypted message to the second wireless medical sensor which decrypts the message using the pairwise key.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention relates to a system and corresponding method for a secure end-to-end patient healthcare system which includes wireless medical sensors adapted to be attached to a patient'"'"'s body and in communication with each other forming a body sensor network within a wireless medical sensor network including one or more body sensor networks; λ-secure keying means incorporated into each wireless medical sensor for enabling secure communications between the wireless medical sensors, and a personal security manager within the body sensor network and in communication with the wireless medical sensors within the body sensor network, the personal security manager providing secure communications with backend services and providing security relationships within the body sensor network by means of the λ-secure keying means, wherein the λ-secure keying means are such that a coalition of no more than λ compromised wireless medical sensors conceals a pairwise key between any two non-compromised wireless medical sensors and provides protection against node compromise until λ+1 wireless medical sensors have been compromised.
-
Citations
13 Claims
-
1. A secure end-to-end patient healthcare system comprising:
-
at least two wireless medical sensors adapted to be attached to a patient'"'"'s body and in communication with each other forming a body sensor network within a wireless medical sensor network including one or more body sensor networks, the at least two wireless medical sensors including a first and a second wireless medical sensor; a memory configured to store λ
-secure key material, the memory incorporated into each of said wireless medical sensors for enabling secure communications between said wireless medical sensors;a personal security manager within the body sensor network and in communication with said one or more wireless medical sensors within said body sensor network, said personal security manager providing secure communications with backend services and providing security relationships within said body sensor network by use of said λ
-secure key material, wherein said λ
-secure key material ensures that a coalition of less than λ
compromised wireless medical sensors cannot calculate a pairwise key between any two non-compromised wireless medical sensors and the λ
-secure key material provides protection against wireless medical sensor compromise until λ
+1 wireless medical sensors have been compromised, the λ
-secure key material being generated by evaluating a bivariate polynomial of degree λ
; anda healthcare card plugged into the personal security manager, wherein the healthcare card includes identification information and security information for secure communication with the backend healthcare services, wherein the personal security manager includes a certificate issued by a local trust center, and wherein the system is adapted to execute a security protocol for auditing and/or access control and/or privacy protection, and/or mutual authentication of the personal security manager with the healthcare card wherein the first wireless medical sensor generates a pairwise key based on the λ
-secure key material , encrypts a message using the pairwise key, and sends the encrypted message to the second wireless medical sensor which decrypts the message using the pairwise key.
-
-
2. A secure end-to-end patient healthcare system, comprising:
-
a plurality of wireless medical sensors, including a first wireless medical sensor, adapted to be attached to a patient'"'"'s body and in communication with each other forming a body sensor network within a wireless medical sensor network including one or more body sensor networks, wherein information from the body sensor network is linked to the patient'"'"'s identity; a memory incorporated into each of the wireless medical sensors to store λ
-secure key material which enables secure communications among said wireless medical sensors, said λ
-secure key material being such that a coalition of less than λ
compromised wireless medical sensors cannot calculate a pairwise key between any two non-compromised wireless medical sensors, enabling the λ
-secure key material to provide protection against wireless medical system compromise until λ
+1 wireless medical sensors have been compromised, said λ
-secure keys being generated by evaluating a polynomial of degree λ
;a personal security manager within the body sensor network and in communication with the plurality of wireless medical sensors within said body sensor network, said personal security manager providing secure communications with backend services and using the λ
-secure key material to provide security relationships within said body sensor network; anda patient healthcare card (HCC) which plugs into the personal security manager, the healthcare card including identification information and security information for secure communication with the backend healthcare services, wherein the personal security manager includes a certificate issued by a local trust center, and wherein the system is configured to execute a security protocol for auditing and/or access control and/or privacy protection, and/or mutual authentication of the personal security manager with the healthcare card wherein said patient healthcare card (HCC) and said personal security manager (PSM) form an extended personal security manager (PSMx) for connecting a number of wireless medical sensor network security domains to a pervasive healthcare system, said extended personal security manager being configured for; storing said certificate issued by said local trust center, storing said λ
-secure key material for establishing an end-to-end security communication issued by centralized healthcare services,implementing said security protocol to enable mutual authentication of said extended personal security manager and said healthcare card, end-to-end security and/or auditing, and/or management of context access control and privacy policies, and issuing λ
-secure key material to the first wireless medical sensor of the plurality of wireless medical sensors, the first wireless medical sensor encrypting sensed data with the λ
-secure key material and sending the encrypted sensed data to the personal security manager, the personal security manager decrypting the encrypted sensed data using the λ
-secure key material. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A personal security manager for a secure end-to-end patient healthcare system, wherein the personal security manager is within a body sensor network and in communication with a plurality of wireless medical sensors within said body sensor network, said personal security manager providing secure communications with backend services and providing security relationships within said body sensor network by use of λ
- -secure keys,
wherein the plurality of wireless medical sensors are adapted to be attached to a patient'"'"'s body and in communication with each other to form said body sensor network within a wireless medical sensor network including one or more body sensor networks; a memory storing a λ
-secure key incorporated into each of said wireless medical sensors for enabling secure communications between said wireless medical sensors, the λ
-secure key comprising a λ
-secure keying material share provided by the personal security manager to the wireless medical sensors within the body sensor network, the wireless medical sensors encrypting sensed data with the λ
-secure keying material share and sending the encrypted sensed data to the personal security manager, the personal manager decrypting the encrypted sensed data, andwherein said λ
-secure keys are such that a coalition of no more than λ
compromised wireless medical sensors cannot calculate a pairwise key between any two non-compromised wireless medical sensors and the λ
-secure keys provide protection against node compromise until λ
+1 wireless medical sensors have been compromised. - View Dependent Claims (12, 13)
- -secure keys,
Specification