Secure long-range telemetry for implantable medical device
First Claim
1. A method for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
- implementing a telemetry interlock which limits any communications between the ED and the IMD over the telemetry channel;
releasing the telemetry interlock by transmitting an enable command to the IMD via a short-range communications channel requiring physical proximity to the IMD;
authenticating the IMD to the ED when the ED receives a message from the IMD evidencing use of an encryption key expected to be possessed by the IMD;
authenticating the ED to the IMD when the IMD receives a message from the ED evidencing use of an encryption key expected to be possessed by the ED; and
, allowing a data communications session between the IMD and ED over the telemetry channel to occur only after the IMD and ED have been authenticated to one other.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel. A telemetry interlock may be implemented which limits any communications between the ED and the IMD over the telemetry channel, where the telemetry interlock is released when the ED transmits an enable command to the IMD via a short-range communications channel requiring physical proximity to the IMD. As either an alternative or addition to the telemetry interlock, a data communications session between the IMD and ED over the telemetry channel may be allowed to occur only after the IMD and ED have been cryptographically authenticated to one other.
328 Citations
35 Claims
-
1. A method for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
-
implementing a telemetry interlock which limits any communications between the ED and the IMD over the telemetry channel;
releasing the telemetry interlock by transmitting an enable command to the IMD via a short-range communications channel requiring physical proximity to the IMD;
authenticating the IMD to the ED when the ED receives a message from the IMD evidencing use of an encryption key expected to be possessed by the IMD;
authenticating the ED to the IMD when the IMD receives a message from the ED evidencing use of an encryption key expected to be possessed by the ED; and
,allowing a data communications session between the IMD and ED over the telemetry channel to occur only after the IMD and ED have been authenticated to one other. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
-
implementing a telemetry interlock which is released by transmitting an enable command to the IMD via a short-range communications channel requiring physical proximity to the IMD; and
,limiting data communications between the IMD and ED over the telemetry channel until the telemetry interlock has been released. - View Dependent Claims (22, 23, 24, 25, 26)
-
-
27. A method for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
-
authenticating the IMD to the ED when the ED receives a message from the IMD evidencing use of an encryption key expected to be possessed by the IMD; and
,allowing a data communications session between the IMD and ED over the telemetry channel to occur only after the MD has been authenticated to the ED. - View Dependent Claims (28, 29, 30)
-
-
31. A method for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
-
authenticating the ED to the IMD when the IMD receives a message from the ED evidencing use of an encryption key expected to be possessed by the ED; and
,allowing a data communications session between the IMD and ED over the telemetry channel to occur only after the ED has been authenticated to the IMD.
-
-
32. A system for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
-
means for implementing a telemetry interlock which limits any communications between the ED and the IMD over the telemetry channel;
means for releasing the telemetry interlock by transmitting an enable command to the IMD via a short-range communications channel requiring physical proximity to the IMD;
means for authenticating the IMD to the ED when the ED receives a message from the IMD evidencing use of an encryption key expected to be possessed by the IMD;
means for authenticating the ED to the IMD when the IMD receives a message from the ED evidencing use of an encryption key expected to be possessed by the ED; and
,means for allowing a data communications session between the IMD and ED over the telemetry channel to occur only after the IMD and ED have been authenticated to one other.
-
-
33. A system for enabling secure communications between an implantable medical device (IMD) and an external device (ED) over a telemetry channel, comprising:
-
means for implementing a telemetry interlock which is released by transmitting an enable command to the IMD via a short-range communications channel requiring physical proximity to the IMD; and
,means for limiting data communications between the IMD and ED over the telemetry channel until the telemetry interlock has been released. - View Dependent Claims (34, 35)
-
Specification