A Seminar on

Data Security, Privacy and Other Applications in Emerging Body Area Networks

Narayana VinayakB080015EC

Layout of the Seminar Goals Introduction Typical Applications Research Challenges Data Security and Privacy Models Proposed

GoalsUnderstanding BANsAppreciating their ‘potency’Being aware of their current applications Understanding the challenges on the

horizonUnderstanding models proposed for data

security in BANs

Introduction

Definition by IEEE: “A communication standard optimized for low power devices for their operation on, in or around the human body (but not limited to humans) to serve a variety of applications including medical, consumer electronics or personal entertainment and other.”

Source: IEEE 802.15

Typical Applications

Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking

Technologies,” IEEE Wireless Communications, Feb. 2010

Layout

Source: M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless

Communications, Feb. 2010

Relevance

* Ageing population; sedentary lifestyle

* WHO stats:

# Diabetics-360 million by 2030

# >2.3 bn. people obese by 2015

# rise in neuro-degenerative diseases

* Fragile healthcare system, rising medical costs

* Shortage of trained health staff in third world

Realisation

Strategically placed wearable or implanted sensor nodes Job: sample, process and transmit vital signsWhat signs?

Heart rate, blood pressure, temperature, pH, respiration etc.

Where to? To a hospital, clinic or a central repository of medical data

How?• A gateway device (e.g., a cell phone or a PDA) is used as a

gateway device to connect to infrastructure networks like WLAN, WPAN etc.

Source: Mark A. Hanson et al., “Body Area Sensor Networks: Challenges and Opportunities,” Computer, Jan. 2009

UsesAlerting the patient via SMS, alarm or reminder messagesClose-loop bio-feedback: if high sugar-level, a device

triggers an insulin pump to inject a dose of insulin (artificial pancreas)

Long-term medical trend analysisReduction in hospital staysRegulation of treatment regimesEssence: Offering a paradigm shift from managing

ILLNESS to managing WELLNESS by focusing on prevention and early detection (pre-emptive defence!)

Research Challenges

1. Frequency Band Selection:1. Most BAN devices need global operability

2. Facility for low-power usage (less crowded)

3. Less stringent rules for flexible usage and adaptability

4. Solutions proposed: Opening up the 2360-2400 MHz spectrum near ISM for medical BANs and allocating up to 24 MHz in the 413-457 MHz range for medical micropower network

2. Antenna Design:1. Restrictions on size, material and shape of antenna

2. Hostile RF environment due to changes in wearer’s age, weight changes and posture changes

3. During implants only non-corrosive and bio-compatible material can be used: Platinum or Titanium (both poor) against the usual copper

Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications,

Feb. 2010

3. PHY Protocol Design:1. Minimize power consumption

2. Solution: Quick turn-around from transmit to receive and fast wake-up from sleep mode

3. Seamless connectivity in dynamic environments

4. Energy-Efficient Hardware:1. Today’s wireless technologies draw relatively high peak current

2. Also rely on duty cycling between sleep and active

3. Solution: Operation on low peak pulse-discharge current from thin-film (paper) batteries, idle listening, developing a crystal-less radio*

* Reference: F. Sebastiano et al., “Impulse Based Scheme for crystal-less ULP Radios”, Proc. IEEE ISCAS, May 2008, pp. 1508-1511.

5. Technical Requirements:1. Wide variation in data rate, BER, delay tolerance, duty cycle and

lifetime

2. Diverse application environments

Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless

Communications, Feb. 2010

Source: M. Patel and J. Wang, IEEE Wireless Communications, Feb. 2010

Candidate Technologies

Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications,

Feb. 2010

Entities Involved in Research

The IEEE 802.15.6 Task Group is developing the first industrial standard for the Physical and MAC layers for BAN (done, Feb. 2011)

Major competition: ZigBee and Bluetooth.

Holistic standardization needed for plug-and-play interoperability

ISO/IEEE 11073 Personal Health Data Working Group: Standardization of data exchange between peripheral area network devices and gateway devices

application

transport

network

link

physical

Source: M. Patel and J. Wang, “Applications, Challenges, And Prospective In Emerging Body Area

Networking Technologies,” IEEE Wireless Communications, Feb. 2010

Data Security and PrivacyData Security: Data is securely stored and transferredData Privacy: Data can be used only by authorized peopleApplication scenario:

◦ Emergency; paramedic reads RFID* tag to get the patient’s medical records and his profile.

◦ WBAN is set up with wearable sensors

◦ Nurse reads health data from WBAN and uploads data onto local network

◦ Patient’s gateway device is configured with an Access Policy (AP) that grants access to records (also adapts automatically)

◦ Patient can adjust his AP to hide sensitive data

* Radio Frequency Identification is a standard technology that uses Radio waves to sense the details of an object for tracking. It uses RFID tags for this purpose.

Threats Faced by Data within BAN:◦ Threat from Device Compromise (encrypted data and key in same

node)

◦ Threat from Network Dynamics (fake nodes masquerade real ones)

Storage Security Requirements:◦ Confidentiality

◦ Dynamic Integrity Assurance

◦ Dependability

Access Security Requirements:◦ Access Control (privacy; Fine-Grained)

◦ Accountability

◦ Revocability

◦ Non-Repudiation

Other Requirements:◦ Authentication

◦ Availability

◦ Security-Safety, Security-Efficiency and Security-Usability conflict resolution

Source: M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010

The above Access Policy reads: “allow access by a doctor from the surgery department but not Dr. X, or an analyst or a paramedic, or a nurse who is not an intern.”

Models ProposedSecure and Dependable Data Storage Schemes:

1. Based on Redundant Residue Number System (RRNS)1. Proposed by Chessa et al.

2. Method: A number representable on a set of h moduli is represented by h + r moduli, where the extra r moduli are redundant

3. Source Node S distributes a single file F among n other nodes, where n=h + r is a random pick

4. S computes F’s residue vector and distributes each file share to a different storage node

5. Pros.: Erasure tolerance is s<=r and corruption tolerance is ceil((r-s)/2)

6. Cons.: Set of moduli can be very large, data integrity not ensured when number of errors is more than r.

2. Based on Erasure Coding1. Proposed by Wang et al.

2. Original encrypted data is broken down into n data shares, with each of them made of a block generated from (n,k) erasure coding and a share of the secret key using (n,k) secret sharing

3. These data shares are then distributed among the n neighbouring nodes

4. Dynamic Integrity Check: Each storage node computes and broadcasts an algebraic signature on one data share; one node checks its signature against those by other nodes to detect alterations timely

5. Pros.: Data confidentiality, dependability and dynamic integrity achieved simultaneously

6. Cons.: No third party (say, the local server) can perform integrity checks.

3. Based on Constant Data Motion method1. Proposed by Pietro et al.

2. Idea: Move the data from one sensor node to the next so as to make it hard for the cracker to ‘track’ and ‘catch’ the data

3. Found to be very efficient (high data survival probability)

4. Cons.: High communication and storage overhead; less practical in energy-strained environments

4. Attribute Based Encryption (ABE)1. Proposed by Li et al.

2. Specifically called the Ciphertext Policy ABE (CP-ABE)

3. Perfectly matches the model of Role-Based Access Control (RBAC)

4. Each user has a set of roles; patient chooses which roles to grant access to.

5. When a node in WBAN generates data, the AP is built into the Ciphertext; splitting a secret among components belonging to different user attributes; randomized to prevent user-collusion

6. Effectively implements fine-grained access control

Physiological Signal-based Key Agreement (PSKA): Proposed by Ayan Banerjee et al. Requires no a priori deployment of keying material or

initialization Inspiration: Dynamic and complex nature of human

physiological signals Design goals met:

◦ Length and randomness

◦ Low latency

◦ Distinctiveness

◦ Temporal variance

Signal used: Electrocardiogram (EKG) commonly

Method used:

Cons.: It may correct a few differences in feature vectors but can’t handle the reordering of or presence of additional feature vectors; solution: fuzzy vault

Fuzzy VaultGenerate a v-th order polynomial p over the variable x that

encodes the secret SCompute the value of the polynomial at different x from

the set A (at the transmitter) and create a set R= {a, p(a)}

Add randomly generated set of points called chaff to R, which don’t lie on the polynomial; we call R as the vault

To unlock the vault using set B (at the receiver), construct a set Q (see example given overleaf)

Unlocking is possible only if Q has a significant number of legitimate (non-chaff) points that are on the polynomial

Mapping to PSKA: Features at sender are set to A and those at the receiver, in set B

Example

Consider the polynomial: p(x) = x + 1; A = {1, 2, 3}; B = {1, 3, 4}

Now, vault R is created by computing the polynomial’s value at each point in A and adding chaff-points

So, R = { (1, 2)(2, 3)(3, 4)(4, 7)(6, 9)(7, 12)(8, 5) }

The last four points are chaff-points

To unlock the vault, the set Q is constructed,

Q = { (1, 2)(3, 4)(4, 7) }

As the set Q has two points on the polynomial, we can use it to reconstruct the first-order polynomial, and thus, unlock the secret

Major ReferencesM. Patel and J. Wang, “Applications, Challenges, And

Prospective In Emerging Body Area Networking Technologies,” IEEE Wireless Communications, Feb. 2010, pp. 80-88

A. Banerjee et al., “PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks,” IEEE Transactions On Information Technology In Biomedicine, Jan. 2010, pp. 60-68

M. Li and W. Lou, “Data Security And Privacy In Wireless Body Area Networks,” IEEE Wireless Communications, Feb. 2010, pp. 51-58

Others: Cited in the Report

Thanks a lot!