Let me begin with a highly cited introductory technical paper on medical device security and privacy especially targeting implantable ones :- "Security and Privacy for Implantable Medical Devices" - IEEE Pervasive Computing Mobile and Ubiquitous Systems 2008.
- Balance security-privacy-safety-utility with efficacy.
- General framework for evaluating security and privacy of wireless IMDs giving design goals for the same.
- Safety and utility goals: data access/accuracy, software update, configurability, resource efficient, multidevice coordination and device identification.
- Security and privacy goals: authorization, availability, device software and settings, data integrity, device knowledge/presence and sensitive information privacy.
- Tradeoffs: security versus emergency access-device resources-usability.
- Cryptographic and energy-centric methods for providing security and privacy at low cost without diminishing the efficacy of IMD functionality.
Good overview. Has anything changed since 2008? I assume tech is better, but maybe auditing has improved as well (being able to monitor access).
ReplyDelete