A group of researchers is proposing a sensor that would authenticate mobile and wearable computer systems by using their unique electrical properties of a person's body to recognize their identity.
In a paper being presented today at the USENIX Workshop on Health Security and Privacy, researchers from Dartmouth University Institute for Security, Technology, and Society defined this security sensor device, known as Amulet, as a "piece of jewelry, not unlike a watch, that would contain small electrodes to measure bioimpedance -- a measure of how the body's tissues oppose a tiny applied alternating current- and learns how a person's body uniquely responds to alternating current of different frequencies." The device uses a recognition algorithm to determine whether the person matches the measured bioimpedance.
Once identity has been established a person would be able to simply attach other devices to their body - whether clipped on, strapped on, stuck on, slipped into a pocket, or even implanted or ingested - and have the devices just work. That is, without any other action on the part of the user, the devices discover each other's presence, recognize that they are on the same body, develop shared secrets from which to derive encryption keys, and establish reliable and secure communications, the researchers stated.
"We have proposed the concept of a wearable device, in a wristwatch form factor, that would coordinate a person's body-area network of sensors, providing a root of trust. Such a device also provides a perfect platform for implementing a biometric recognition mechanism. We expect that the necessary electronics and skin-contact sensors for bioimpedance could easily be integrated into an Amulet-like device."
The idea is to ensure the security of the increasing amounts of mobile and wearable systems used for monitoring health conditions and lifestyle-related conditions at what the researchers called an unprecedented level of detail, researchers stated.
"Wireless connectivity allows interaction with other devices nearby (like entertainment systems, climate control systems, or medical devices). Sensor data may be automatically shared with a social-networking service, or uploaded to an Electronic Medical Record system for review by a healthcare provider, the researchers stated. "However, in spite of recent advances, significant challenges remain. Reliably interpreting data from a body-worn sensor often requires information about who is wearing the sensor as well as the current person's environment, location, current activity, and social context. Existing recognition schemes for such mobile applications and pervasive devices are not particularly usable - they require active engagement with the person (such as the input of passwords), or they are too easy to fool."
The Dartmouth research is supported by the National Science Foundation and by the US Department of Health and Human Services.
Layer 8 Extra
Check out these other hot stories: