Zang GH, Poon CCY, Li Y, and Zhang YT, A Biometric Method to Secure Telemedicine Systems, 31st
Annual International Conference of the IEEE EMBS, September 2009, pp. 701-704.
Telemedicine was first proposed in the 1970s. It is defined as using various telecommunication
systems to provide healthcare, information, and services to patients by physicians and medical centers.
Security of telemedicine systems is extremely important since protected health information is
transmitted. These data need to be protected from unauthorized personnel.
There are three levels of data transmission that must be considered: transmissions within a
body sensor network, transmissions from the body sensor network to a remote server, and transmission
from a remote server to a healthcare provider. Real-time data is collected by body sensors worn by
patients or implanted in patients. These body sensors transmit this data in a short-range wireless
network. Data collected can include information such as vital signs (blood pressure, respiratory rate,
temperature, heart rate, electrocardiography, and others). After the data is collected it has to be
transmitted to a remote server via a wired or wireless network and then from the remote server to the
workstation of the healthcare provider. The provider then transmits data in the reverse direction
through the remote server back to the location of the patient in order to provide a diagnosis or
instructions. Under the law, the Health Insurance Portability and Accountability Act require that all
patient data remain private and secure.
Body sensor networks operate under the IEEE 802.15.4 standard which specifies physical layer
and media access control for low-power wireless personal area networks. Security in 802.15.4 is mainly
achieved by access control lists where groups of devices can be authorized to receive data transmissions
based on MAC addresses. Unfortunately this security will not function in body sensor networks because
the memory requirement is too high. Passcodes are not applicable for security in body sensor networks
since they operate without a user interface. Public key-mutual authentication is not an option because
of the expense of the high computational requirement. Body sensor network devices under 802.15.4 are
very low power devices and are meant to be very inexpensive.
To solve the problem of security for body sensor networks, the authors developed a system
utilizing biometrics from the body. Each body senor is capable of processing its own task (measuring the
physiologic parameter), encrypting data, and transmitting data to a Local Processing Unit (LPU). The
sensor uses a physiologic parameter (for example heart rate variability or electrocardiogram data) to
generate a unique key that is used for encryption and decryption of data transmissions between the
sensor and the LPU. This same key can be used for encryption and decryption between the LPU and the
remote server and between the remote server and the healthcare provider’s computer.
In traditional telemedicine systems, there is only one symmetric key for encryption/decryption
at each communication step. The advantage of the proposed system of key generation based on
biometrics is that a great variety of keys will be generated because they depend on each individual
patient’s physiological parameters, and, as I understand the system, these keys may change frequently
as the physiologic parameters change with a patient’s health status. This leaves the system very secure
and less vulnerable to a brute force attack.