Physiological Signal Based Security

Last updated

Body Area Networks (BANs) constantly interact with their physical environment with the help of sensors. Sensors collect process as well as communicate information gathered from their environment. Thus BANs are inherently cyber-physical systems. The BAN interacts with its physical world (human body) by collecting, processing, and communicating health data (vital signals, temperature, pressure) from the person. This information from the environment that is already being collected can be used to provide security to the BAN. Physiological Value based Security (PVS) uses the vital signals of the human body that is collected during health monitoring operation to provide usable security to BAN. [1]

Contents

Figure 1. Physiological Value Based Key Agreement Protocol PKAIdea.png
Figure 1. Physiological Value Based Key Agreement Protocol

Properties of PVS

For PVS to succeed the scheme developed should have the following properties:

  1. The keys provided by PVS for security are long and random (a basic requirement in any security protocol).
  2. Knowing the physiological signals at any time will not provide significant advantage in knowing the keys agreed upon in future executions of the scheme, i.e. time variance (required to prevent attacker from guessing future feature values from present ones).
  3. The physiological stimuli used for PVS is universally (ensures that sensors at different location can measure the same signal).
  4. Knowing the physiological value of one individual will not provide significant advantage in guessing the keys being agreed by sensors on another individual, i.e. distinctiveness.

Implementation of PVS using Photoplethysmogram (PPG) signals

Plethysmogram based Key Agreement protocol (PKA) uses PPG signals to provide PVS infrastructure to the BAN. It provides secure key agreement between two sensors that wish to communicate in a BAN.

Figure 2. Signal Processing for Extracting Common Features from 2 PPG Sensors on the Same Body PKAComputation.png
Figure 2. Signal Processing for Extracting Common Features from 2 PPG Sensors on the Same Body

PKA has been divided into four basic steps as described in Figure 1:

  1. Sensing - PPG signals are sensed using Smith Medical pulse oximeter boards. The sampling rate of the instrument was 60 Hz. 12.8 seconds of PPG signals were sensed by the two communicating sensors.
  2. Generate features
    1. Frequency domain features were generated by performing 256 point overlapped windowed FFT on the measured signal. The signal was divided into five Hamming windows with an overlap of 50. The first 32 coefficients of the FFT of each of the windows are concatenated to form the frequency domain features. The FFT computation is shown in Figure 2.
    2. Peak Detection, Peaks (maxima) in the FFT coefficient curve were detected by detecting sudden change in slopes (from positive to negative) of the curve. Both the peak index and the peak values were noted.
    3. Quantization, The peak indexes were represented in 8 bits binary (since they could only take values from 1 to 160). The peak values were re-quantized into 16 non uniform levels. The first twelve levels were exponential while the next 4 levels were linear. The main reason for doing this was to extract the variations in the higher frequency components (with low coefficient values) in the FFT. Thus the peak values got quantized into 5 bits binary numbers.
  3. Secure Transmission of Features: Fuzzy Vault security primitive was used for secure transmission of the features from transmitting sensor to receiving sensor.
  4. Select Common Features.

Related Research Articles

Digital signal processing (DSP) is the use of digital processing, such as by computers or more specialized digital signal processors, to perform a wide variety of signal processing operations. The digital signals processed in this manner are a sequence of numbers that represent samples of a continuous variable in a domain such as time, space, or frequency. In digital electronics, a digital signal is represented as a pulse train, which is typically generated by a MOSFET switch.

In telecommunications, orthogonal frequency-division multiplexing (OFDM) is a type of digital modulation, a method of encoding digital data on multiple carrier frequencies. OFDM has developed into a popular scheme for wideband digital communication, used in applications such as digital television and audio broadcasting, DSL internet access, wireless networks, power line networks, and 4G mobile communications.

Analog-to-digital converter system that converts an analog signal, such as a sound picked up by a microphone or light entering a digital camera, into a digital signal; device converting a physical quantity to a digital number

In electronics, an analog-to-digital converter is a system that converts an analog signal, such as a sound picked up by a microphone or light entering a digital camera, into a digital signal. An ADC may also provide an isolated measurement such as an electronic device that converts an input analog voltage or current to a digital number representing the magnitude of the voltage or current. Typically the digital output is a two's complement binary number that is proportional to the input, but there are other possibilities.

Signal-to-noise ratio is a measure used in science and engineering that compares the level of a desired signal to the level of background noise. SNR is defined as the ratio of signal power to the noise power, often expressed in decibels. A ratio higher than 1:1 indicates more signal than noise.

Zigbee IEEE 802.15.4-based specification for a suite of high-level communication protocols

ZigBee is an IEEE 802.15.4-based specification for a suite of high-level communication protocols used to create personal area networks with small, low-power digital radios, such as for home automation, medical device data collection, and other low-power low-bandwidth needs, designed for small scale projects which need wireless connection. Hence, ZigBee is a low-power, low data rate, and close proximity wireless ad hoc network.

Burrows–Abadi–Needham logic is a set of rules for defining and analyzing information exchange protocols. Specifically, BAN logic helps its users determine whether exchanged information is trustworthy, secured against eavesdropping, or both. BAN logic starts with the assumption that all information exchanges happen on media vulnerable to tampering and public monitoring. This has evolved into the popular security mantra, "Don't trust the network."

Spectrum analyzer

A spectrum analyzer measures the magnitude of an input signal versus frequency within the full frequency range of the instrument. The primary use is to measure the power of the spectrum of known and unknown signals. The input signal that most common spectrum analyzers measure is electrical; however, spectral compositions of other signals, such as acoustic pressure waves and optical light waves, can be considered through the use of an appropriate transducer. Spectrum analyzers for other types of signals also exist, such as optical spectrum analyzers which use direct optical techniques such as a monochromator to make measurements.

Quantization (signal processing)

Quantization, in mathematics and digital signal processing, is the process of mapping input values from a large set to output values in a (countable) smaller set, often with a finite number of elements. Rounding and truncation are typical examples of quantization processes. Quantization is involved to some degree in nearly all digital signal processing, as the process of representing a signal in digital form ordinarily involves rounding. Quantization also forms the core of essentially all lossy compression algorithms.

Wireless sensor network

Wireless sensor network (WSN) refers to a group of spatially dispersed and dedicated sensors for monitoring and recording the physical conditions of the environment and organizing the collected data at a central location. WSNs measure environmental conditions like temperature, sound, pollution levels, humidity, wind, and so on.

On-board diagnostics vehicle system which provides self-diagnostic and reporting capability

On-board diagnostics (OBD) is an automotive term referring to a vehicle's self-diagnostic and reporting capability. OBD systems give the vehicle owner or repair technician access to the status of the various vehicle sub-systems. The amount of diagnostic information available via OBD has varied widely since its introduction in the early 1980s versions of on-board vehicle computers. Early versions of OBD would simply illuminate a malfunction indicator light or "idiot light" if a problem was detected but would not provide any information as to the nature of the problem. Modern OBD implementations use a standardized digital communications port to provide real-time data in addition to a standardized series of diagnostic trouble codes, or DTCs, which allow a person to rapidly identify and remedy malfunctions within the vehicle.

ZRTP is a cryptographic key-agreement protocol to negotiate the keys for encryption between two end points in a Voice over Internet Protocol (VoIP) phone telephony call based on the Real-time Transport Protocol. It uses Diffie–Hellman key exchange and the Secure Real-time Transport Protocol (SRTP) for encryption. ZRTP was developed by Phil Zimmermann, with help from Bryce Wilcox-O'Hearn, Colin Plumb, Jon Callas and Alan Johnston and was submitted to the Internet Engineering Task Force (IETF) by Zimmermann, Callas and Johnston on March 5, 2006 and published on April 11, 2011 as RFC 6189.

Tamperproofing Any technique used to hinder, deter or detect unauthorised access to a device or circumvention of a security system

Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and time, the term "tamperproof" is a misnomer unless some limitations on the tampering party's resources is explicit or assumed.

In computing, a wireless intrusion prevention system (WIPS) is a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take countermeasures (intrusion prevention).

In telecommunication, a measuring receiver or measurement receiver is a calibrated laboratory-grade radio receiver designed to measure the characteristics of radio signals. The parameters of such receivers can usually be adjusted over a much wider range of values than is the case with other radio receivers. Their circuitry is optimized for stability and to enable calibration and reproducible results. Some measurement receivers also have especially robust input circuits that can survive brief impulses of more than 1000 V, as they can occur during measurements of radio signals on power lines and other conductors.

The Universal Mobile Telecommunications System (UMTS) is one of the new ‘third generation’ 3G mobile cellular communication systems. UMTS builds on the success of the ‘second generation’ GSM system. One of the factors in the success of GSM has been its security features. New services introduced in UMTS require new security features to protect them. In addition, certain real and perceived shortcomings of GSM security need to be addressed in UMTS.

Key distribution is an important issue in wireless sensor network (WSN) design. WSNs are networks of small, battery-powered, memory-constraint devices named sensor nodes, which have the capability of wireless communication over a restricted area. Due to memory and power constraints, they need to be well arranged to build a fully functional network.

Fault detection, isolation, and recovery (FDIR) is a subfield of control engineering which concerns itself with monitoring a system, identifying when a fault has occurred, and pinpointing the type of fault and its location. Two approaches can be distinguished: A direct pattern recognition of sensor readings that indicate a fault and an analysis of the discrepancy between the sensor readings and expected values, derived from some model. In the latter case, it is typical that a fault is said to be detected if the discrepancy or residual goes above a certain threshold. It is then the task of fault isolation to categorize the type of fault and its location in the machinery. Fault detection and isolation (FDI) techniques can be broadly classified into two categories. These include model-based FDI and signal processing based FDI.

Future Fibre Technologies

Future Fibre Technologies (FFT) is a fiber optic sensing technologies company based in Melbourne, Australia, with its US head office in Mountain View, California, Middle East head office in Dubai, Indian head office in New Delhi and European head office in London. Founded in 1994, Future Fibre Technologies product line provides optical fiber intrusion detection systems for perimeters, buried oil and gas pipelines and data communication networks.

Body area network Small-scale computer network to connect devices around a human body, typically wearables

A body area network (BAN), also referred to as a wireless body area network (WBAN) or a body sensor network (BSN) or a medical body area network (MBAN), is a wireless network of wearable computing devices.BAN devices may be embedded inside the body as implants, may be surface-mounted on the body in a fixed position, or may be accompanied devices which humans can carry in different positions, such as in clothes pockets, by hand, or in various bags. While there is a trend towards the miniaturization of devices, in particular, body area networks consist of several miniaturized body sensor units (BSUs) together with a single body central unit (BCU). Larger decimeter sized smart devices, accompanied devices, still play an important role in terms of acting as a data hub or data gateway and providing a user interface to view and manage BAN applications, in-situ. The development of WBAN technology started around 1995 around the idea of using wireless personal area network (WPAN) technologies to implement communications on, near, and around the human body. About six years later, the term "BAN" came to refer to systems where communication is entirely within, on, and in the immediate proximity of a human body. A WBAN system can use WPAN wireless technologies as gateways to reach longer ranges. Through gateway devices, it is possible to connect the wearable devices on the human body to the internet. This way, medical professionals can access patient data online using the internet independent of the patient location.

The Internet of Military Things (IoMT) is a class of Internet of things for combat operations and warfare. It is a complex network of interconnected entities, or "things", in the military domain that continually communicates with each other to coordinate, learn, and interact with the physical environment to accomplish a broad range of activities in a more efficient and informed manner. The concept of IoMT is largely driven by the idea that future military battles will be dominated by machine intelligence and cyber warfare and will likely take place in urban environments. By creating a miniature ecosystem of smart technology capable of distilling sensory information and autonomously governing multiple tasks at once, the IoMT is conceptually designed to offload much of the physical and mental burden that warfighters encounter in a combat setting.

References

  1. Cherukeri, Shriram; Venkatasubramanian, Krishna K.; Gupta, Sandeep K. S. (October 2003). Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body. Parallel Processing Workshops, 2003. Kaohsiung, Taiwan. doi:10.1109/MILCOM.2008.4753199.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.