Spanish and Iranian researchers at the Carlos III Politécnica and the University of Tehran have created an authentication protocol that ensures the privacy and security of communications between medical devices implanted in patients through radiofrequency identification (RFID).
According to the developers, the integration of e-Health systems with RFID technology will help to reduce costs and improve monitoring and treatment of patients. The protocol is thus based on ISO standards.
In fact, the designers propose certain RFID standards (ISO/IEC 9798 and 11770) and apply the public recommendations of the National Institute of Standards and Technology of the United States, which are useful for preventing the stored data becoming vulnerable to computer attack.
RFID Technology
In spite of its use in other sectors, the use of RFID technology in healthcare environments has not been explored very much. It could be very useful for automatic medical monitoring of patients, checking the administration of medications to ensure there are no problems with dosage and communicating with devices implanted inside the human body – such as pacemakers and insulin pumps.
This data system is made up of a database, a reader and cards. However, the implementation of the technology has not been completely accepted within the health sector. Why? Although communication between the reader and the database is considered secure, the communication between the card and reader does not ensure the security and privacy of the patient’s information as it is carried out via a channel that is susceptible to spying by an attacker able to modify data.
Source: Universidad Politécnica de Madrid