PEES: Physiology-based End-to-End Security for mHealth

Ayan Banerjee, Sandeep K.S. Gupta, Krishna K. Venkatasubramanian

Research output: Chapter in Book/Report/Conference proceedingConference contribution

17 Scopus citations


Ensuring security of private health data over the communication channel from the sensors to the back-end medical cloud is crucial in a mHealth system. This end-to-end (E2E) security is enabled by distributing cryptographic keys between a sensor and the cloud so that the data can be encrypted and its integrity protected. Further, the key can also be used for mutually authenticating the communication. The distribution of keys is one of the biggest overheads in enabling secure communication and needs to be done is a transparent way that minimizes the cognitive load on the users (patients). Traditional approaches for providing E2E security for mHealth systems are based on asymmetric cryptosystems that require extensive security infrastructure. In this paper, we propose a novel protocol, Physiology-based End-to-End Security (PEES), which provides a secure communication channel between the sensors and the back-end medical cloud in a transparent way. PEES uses: (1) physiological signal features to hide a secret key, and (2) synthetically generated physiological signals from generative models parameterized with patient's physiological information, to unhide the key. Moreover, in PEES authentication comes for free since only sensors on the user's body has access to physiological features and can therefore gain access to the protected information in the cloud. The analysis of the approach using electrocardiogram (ECG) and phototplethysmogram (PPG) signals and their associated models demonstrate the feasibility of PEES. The protocol is light-weight for sensors and has no pre-deployment or storage requirements and can provide strong and random keys (≈ 90 bits long). We have also started clinical studies to establish its efficacy in practice.

Original languageEnglish (US)
Title of host publicationProceedings - Wireless Health 2013, WH 2013
PublisherAssociation for Computing Machinery
ISBN (Print)9781450322904
StatePublished - 2013
Event4th Conference on Wireless Health, WH 2013 - Baltimore, MD, United States
Duration: Nov 1 2013Nov 3 2013

Publication series

NameProceedings - Wireless Health 2013, WH 2013


Other4th Conference on Wireless Health, WH 2013
Country/TerritoryUnited States
CityBaltimore, MD

ASJC Scopus subject areas

  • Artificial Intelligence
  • Health Informatics


Dive into the research topics of 'PEES: Physiology-based End-to-End Security for mHealth'. Together they form a unique fingerprint.

Cite this