Securing access to next generation IP-enabled pacemakers and ICDs using Ladon

The upcoming development of the Internet of Things (IoT) envisions IP-enabled pacemakers and ICDs, giving place to a completely new scenario in the field of remote monitoring of patients implanted with these devices. Apart from the costs saved thanks to the reduction of in-clinic visits, this new approach will help improving the quality of life of chronic patients that depend on such devices. However, this scenario cannot be conceived without an effective mechanism to protect the privacy of the health information collected by implanted sensors, understanding privacy as the capacity to determine when, how and to what extent information is communicated to others. In this paper, we show how the Ladon authentication, authorization and key establishment protocol can be successfully applied to achieve this purpose. The Ladon protocol is based on Kerberos, but appropriately modified and extended to support independence of clock synchronization and authorization functionalities. In order to demonstrate the feasibility of introducing Ladon in the targeted scenarios, a prototype implementation based on general purpose sensors has been developed. The obtained results show that the performance penalty introduced by the protocol in terms of energy and time consumption is negligible.