Date of this Version
Hung Nguyen, Bipeen Acharya, Radoslav Ivanov, Andreas Haeberlen, Linh T.X. Phan, Oleg Sokolsky, Jesse Walker, James Weimer, C. William Hanson III, and Insup Lee, "Cloud-Based Secure Logger for Medical Devices", IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE 2016) . June 2016. http://dx.doi.org/10.1109/CHASE.2016.48
A logger in the cloud capable of keeping a secure, time-synchronized and tamper-evident log of medical device and patient information allows efficient forensic analysis in cases of adverse events or attacks on interoperable medical devices. A secure logger as such must meet requirements of confidentiality and integrity of message logs and provide tamper-detection and tamper-evidence. In this paper, we propose a design for such a cloud-based secure logger using the Intel Software Guard Extensions (SGX) and the Trusted Platform Module (TPM). The proposed logger receives medical device information from a dongle attached to a medical device. The logger relies on SGX, TPM and standard encryption to maintain a secure communication channel even on an untrusted network and operating system. We also show that the logger is resilient against different kinds of attacks such as Replay attacks, Injection attacks and Eavesdropping attacks.
IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE 2016)
Medical diagnostic imaging, Software, Radiation detectors, Safety, Cryptography, Communication channels
Date Posted: 12 June 2017
This document has been peer reviewed.