System and method for confirming identity and authority by a patient medical device

US 9,781,086 B2
Filed: 12/28/2012
Issued: 10/03/2017
Est. Priority Date: 03/29/2007
Status: Active Grant

First Claim

Patent Images

1. A system for confirming identity and authority by a patient medical device, comprising:

master credentials issued to a requesting device and an implantable medical device from an authorizing agent comprising a public key of the authorizing agent and a digital signature of a root certification authority;

a public key of the root certification authority provided to the implantable medical device;

requesting device credentials issued to the requesting device from the authorizing agent comprising a public key of the requesting device and a digital signature of the authorizing agent;

identification credentials provided to the implantable medical device comprising the requesting device credentials and a digital signature of the requesting device; and

the implantable medical device configured to;

check the digital signature of the root certification authority using the public key of the root certification authority;

check the digital signature of the authorizing agent in the requesting device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device; and

check the digital signature of the requesting device in the identification credentials using the public key of the requesting device in the requesting device credentials;

wherein programming of the implantable medical device is only permitted upon verification of the digital signature of the authorizing agent and verification of the digital signature of the requesting device.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for confirming identity and authority by a patient medical device is provided. Master credentials are issued to a requesting device and a receiving device from an authorizing agent. The master credentials include a public key of the authorizing agent and a digital signature of a root certification authority. Device credentials are issued to the requesting device from the authorizing agent. The device credentials include a public key of the requesting device and a digital signature of the authorizing agent. Identification credentials are provided to the receiving device and include the device credentials and a digital signature of the requesting device. The requesting device is authenticated. The digital signature of the authorizing agent in the device credentials is checked using the public key of the authorizing agent in the master credentials of the receiving device. The digital signature of the requesting device in the identification credentials is checked using the public key of the requesting device in the device credentials.

24 Citations

18 Claims

1. A system for confirming identity and authority by a patient medical device, comprising:
- master credentials issued to a requesting device and an implantable medical device from an authorizing agent comprising a public key of the authorizing agent and a digital signature of a root certification authority;
  
  a public key of the root certification authority provided to the implantable medical device;
  
  requesting device credentials issued to the requesting device from the authorizing agent comprising a public key of the requesting device and a digital signature of the authorizing agent;
  
  identification credentials provided to the implantable medical device comprising the requesting device credentials and a digital signature of the requesting device; and
  
  the implantable medical device configured to;
  
  check the digital signature of the root certification authority using the public key of the root certification authority;
  
  check the digital signature of the authorizing agent in the requesting device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device; and
  
  check the digital signature of the requesting device in the identification credentials using the public key of the requesting device in the requesting device credentials;
  
  wherein programming of the implantable medical device is only permitted upon verification of the digital signature of the authorizing agent and verification of the digital signature of the requesting device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The system of claim 1, further comprising:
    - further master credentials issued to the requesting device and the implantable medical device from a verification agent comprising a public key of the verification agent and a digital signature of a root certification authority;
      
      authorization credentials issued to the requesting device from the verification agent comprising a digital signature of the verification agent;
      
      access credentials provided in lieu of the identification credentials to the implantable medical device and comprising the device credentials, the authorization credentials, and a digital signature of the requesting device; and
      
      the implantable medical device further configured to;
      
      check the digital signature of the authorizing agent in the requesting device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device;
      
      check the digital signature of the verification agent in the authorization credentials using the public key of the verification agent in the further master credentials of the implantable medical device; and
      
      check the digital signature of the requesting device in the access credentials using the public key of the requesting device in the requesting device credentials.
  - 3. The system of claim 2, further comprising:
    - at least one of permissions, limits, and restrictions on the requesting device included in the authorization credentials, wherein the at least one permission, limit, and restriction in the access credentials are checked.
  - 4. The system of claim 3, wherein one of interrogation and programming of the implantable medical device within the at least one permission, limit, and restriction are permitted upon successful authentication of the requesting device.
  - 5. The system of claim 2, wherein the master credentials, further master credentials, requesting device credentials, and authorization credentials comprise digital asymmetric public and private key pairs.
  - 6. The system of claim 1, further comprising:
    - a chain of trust, comprising a root certification authority, wherein the trust is delegated to one or more further certification authorities from the root certification authority.
  - 7. The system of claim 6, wherein the chain of trust is structured as a hierarchy and the further certification authorities inherit the trust from the root certification authority.
  - 8. The system of claim 1, wherein the requesting device is selected from the group comprising a programmer and a personal communicator, each of which can interrogate or program the implantable medical device using long range telemetry.
  - 9. The system of claim 1, wherein the implantable medical device is selected from the group comprising a pacemaker, implantable cardioverter-defibrillator, and cardiac resynchronization therapy device.

10. A method for confirming identity and authority by a patient medical device, comprising:
- issuing master credentials to a requesting device and an implantable medical device from an authorizing agent comprising a public key of the authorizing agent and a digital signature of a root certification authority;
  
  issuing requesting device credentials to the requesting device from the authorizing agent comprising a public key of the requesting device and a digital signature of the authorizing agent;
  
  providing a public key of the root certification authority to the implantable medical device;
  
  providing identification credentials to the implantable medical device comprising the requesting device credentials and a digital signature of the requesting device; and
  
  authenticating the requesting device, comprising;
  
  checking the digital signature of the root certification authority in the master credentials of the requesting device using the public key of the root certification authority;
  
  checking the digital signature of the authorizing agent in the requesting device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device;
  
  checking the digital signature of the requesting device in the identification credentials using the public key of the requesting device in the requesting device credentials; and
  
  programming of the implantable medical device only if the digital signature of the authorizing agent and the digital signature of the requesting device are verified after checking.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The method of claim 10, further comprising:
    - issuing further master credentials to the requesting device and the implantable medical device from a verification agent comprising a public key of the verification agent and a digital signature of a root certification authority;
      
      issuing authorization credentials to the requesting device from the verification agent comprising a digital signature of the verification agent;
      
      providing access credentials in lieu of the identification credentials to the implantable medical device and comprising the requesting device credentials, the authorization credentials, and a digital signature of the requesting device; and
      
      authenticating authorization of the requesting device, comprising;
      
      checking the digital signature of the authorizing agent in the requesting device credentials using the public key of the authorizing agent in the master credentials of the implantable medical device;
      
      checking the digital signature of the verification agent in the authorization credentials using the public key of the verification agent in the further master credentials of the implantable medical device; and
      
      checking the digital signature of the requesting device in the access credentials using the public key of the requesting device in the requesting device credentials.
  - 12. The method of claim 11, further comprising:
    - including at least one of permissions, limits, and restrictions on the requesting device in the authorization credentials; and
      
      checking the at least one permission, limit, and restriction in the access credentials.
  - 13. The method of claim 12, further comprising:
    - permitting one of interrogation and programming of the implantable medical device within the at least one permission, limit, and restriction upon successful authentication of the requesting device.
  - 14. The method of claim 11, wherein the master credentials, further master credentials, device credentials, and authorization credentials comprise digital asymmetric public and private key pairs.
  - 15. The method of claim 10, further comprising:
    - defining a chain of trust, comprising a root certification authority; and
      
      delegating the trust to one or more further certification authorities from the root certification authority.
  - 16. The method of claim 15, further comprising:
    - structuring the chain of trust as a hierarchy, wherein the further certification authorities inherit the trust from the root certification authority.
  - 17. The method of claim 10, wherein the requesting device is selected from the group comprising a programmer and a personal communicator, each of which can interrogate or program the implantable medical device using long range telemetry.
  - 18. The method of claim 10, wherein the implantable medical device is selected from the group comprising a pacemaker, implantable cardioverter-defibrillator, and cardiac resynchronization therapy device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cardiac Pacemakers Incorporated (Boston Scientific Corporation)
Original Assignee
Cardiac Pacemakers Incorporated (Boston Scientific Corporation)
Inventors
Jelatis, George D., Healy, Scott J.
Primary Examiner(s)
Homayounmehr, Farid
Assistant Examiner(s)
Debnath, Suman

Application Number

US13/730,394
Publication Number

US 20130185783A1
Time in Patent Office

1,740 Days
Field of Search

726 2- 5, 713156, 713168, 713176, 713177
US Class Current
CPC Class Codes

A61N 1/37252   Details of algorithms or da...

A61N 1/37254   Pacemaker or defibrillator ...

G06F 21/34   involving the use of extern...

G16H 40/63   for local operation

G16Z 99/00   Subject matter not provided...

H04L 2209/80   Wireless network architectu...

H04L 2209/88   Medical equipments

H04L 63/08   for authentication of entit...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

System and method for confirming identity and authority by a patient medical device

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

24 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

System and method for confirming identity and authority by a patient medical device

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

24 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others