Hello all,
I was reading a paper that detailed a bluetooth ad hoc network that made use of BlueTorrent (a P2P file sharing application based on ubiquitous Bluetooth-enabled devices) for file sharing between adjacent nodes.
These nodes are medical devices (not specified what devices but I'm assuming wearable devices e.g. insulin pumps) and potentially contain sensitive information relating to the wearer of the device.
Here is a link to the basics of the network -
https://imgur.com/gallery/Wi1Ytl5
This sharing of data ideology for medical data seems very susceptible from my novice standpoint.
This is a paragraph from the paper -
In this demo patients have sensors attached to their body, and the data collected from sensors is stored on a Bluetooth enabled PocketPC. Once a designated care giver, equipped with a Bluetooth device, is within the patients' vicinity, it is contacted by the patient's PocketPC and receives its data over Bluetooth using BlueTorrent. Data is transferred either on preset schedule or immediately upon the availability of a nurse or care giver. Subsequently, the care giver upon entering a designated location uploads the patients' data to a central server. This delivery can occur either directly, or again via BlueTorrent where more than one nurse helps transfer the data and upload it to the server
I was wondering what people's thoughts were to this. What is the most damaging attack that could be performed through this architecture? Many attacks have been performed on these types of devices in recent years.
Just to point out, BlueTorrent was originally proposed for sharing contents such as movie clips or music files. BlueTorrent works similarly to BitTorrent in that files are split into small chunks before being sent to other nodes.
No comments:
Post a Comment