Protecting Interoperable Clinical Environment With Authentication
Integrated Clinical Environment
Medical cyber physical system
The Integrated Clinical Environment (ICE) is a standard dedicated to promote open coordination of heterogeneous medical devices in a plug-and-play manner. This carries the potential to radically improve medical care through coordinating, cooperating devices, but also to undermine the patient safety by giving rise to security vulnerabilities in the cyber world. In this paper, we propose an authentication framework as the first step to build an ICE security architecture. This framework is designed in a three-layered structure, allowing it to fit in the variety of authentication requirements from different ICE entities and of networking middleware from ICE instantiations. We implement the authentication framework on OpenICE, an open source ICE instantiation. Our experiments shows that the framework can help OpenICE mitigate the vulnerabilities caused by forged identity with negligible performance overload.