Researchers at ASU have developed protocol that provides a secure communication channel by encrypting a patient’s medical data using their unique electrocardiogram (ECG) and photoplethysmogram (PPG) signals. EHRs can be securely created, managed, combined, or updated without redundant manual authentication, and cannot be accessed without the patient’s most recent ECG and PPG signals. The protocol can be used with a smartphone, or a sensor with Wi-Fi or mobile capabilities that communicates directly with the cloud. The protocol does not involve heavy processing which is ideal for battery powered sensors, and has no pre-deployment or security requirements. Once a secure channel has been established, the model’s parameters are continuously updated with the patient’s physiological information and rekeying is automatic. Should there be a significant change in a patient’s ECG or PPG signals (e.g. after heart surgery), the new physiological information can be updated through a doctor’s authorized account.
- EHR Management
- End-To-End Security
- Machine-To-Machine Communication
- Physiology Based Encryption
Benefits and Advantages
- Automatic – Once a secure channel has initially been established, no user intervention is needed to manage EHRs or update security configurations.
- Efficient – Does not involve heavy computer processing, saving battery life in remote sensors.
- Increased Security
- End-to-end physiology based encryption requires current patient data to hack.
- Allows for direct communication between sensors and the cloud.
- Longevity – Can potentially last the entire lifetime of a patient.
- Can be combined with other end-to-end security techniques.
- Can be used with or without a base-station or smartphone.
For more information about the inventor(s) and their research, please see