A Framework for Secure Data Management in Medical Devices

Abstract

Data is considered as a valuable currency that our modern world thrives upon today. Individuals, groups and even nations work hand in hand to protect private data. When it comes to medical data, its protection is considerably more apparent and significant with guidelines such as HIPAA and FDA regulations in place. Data breaches on medical devices are known to have a significant impact on a patient’s wellbeing. Most of these data breach attacks occur during the transit state. With these attacks in mind, there is still a need for continuous feedback between a patient and a doctor based on data that is collected from such devices. In this thesis, we propose a methodology that develops an autonomous secure communication channel between doctors and patients. Through examining the data life cycle of software built within medical devices, we address various security measures. We propose Adaptive Mode Selection (AMS) to investigate threats amongst system functions. By leveraging this technique, we obtain access to a lifetime assessment for risk mitigation and communication mode selection within medical devices. A Priority-Queue Based (PQB) process is established to improve data management and data isolation within life-critical systems. Further, we propose Adaptive Protocol Selection (APS) to enhance data transmission over the most appropriate communication protocol based on risk values identified by AMS. These protocols include Wi-Fi, Bluetooth, Radio Frequency or more. The combination of AMS, PQB and APS contributes towards delivering better health services with continuous secured data feeds and reduction in time of medical intervention.