Elderly patients or those with chronic diseases are increasingly able to monitor their condition from home or other convenient locations because their vital signs and test results can be sent over the Internet to their physicians. But as this becomes standard practice, patient confidentiality is an increasing concern. At RMIT University, in Melbourne, Australia, scientists are working on a way to hide a patient’s private data in plain sight.
The technique, published last month in IEEE Transactions on Biomedical Engineering, uses steganography, the practice of embedding secret information inside a larger bit of innocuous data without noticeably affecting the size or character of the larger data. (Steganography—such as hiding a message in an image file—was famously used by a Russian spy ring caught in the United States in 2010.)
In the research, the technology conceals identifying patient information so it can only be accessed by healthcare workers who have the correct credentials. Its inventors demonstrated it using electrocardiogram (ECG) signals but the researchers hope that it will be applicable for use with various medical monitoring devices.
“It can hide a picture of a person, it can hide personal details of the person, and it can also contain information about who can look at the ECG,” says Ibrahim Khalil, a computer scientist at RMIT and one of the study’s two authors.
Khalil points out that ECG lent itself to developing the steganographic trick because it produces a lot of data every second. A heart monitor’s readouts consume a lot of computing resources, but that makes it a good haystack in which to hide a needle of data; even a few seconds worth is enough to hide patient information.
Previous research has focused on using cryptographic algorithms to keep patient information confidential when sending physiological signals. But these strategies have significant computational overhead because both the physiological signal and the identifying information must be encrypted on one end and decrypted on the other. Steganography is less computationally intensive because only the hidden data is encrypted.
Biometrics: Investigations into the biometric identifying properties of EKG data have been going on for more than a decade. The peaks and valleys (P,Q,R,S, and T in the diagram) on an EKG readout represent the different phases of a heartbeat, and with the help of some processing, they can act as a physiological fingerprint. For example, when measuring the time between different events in the heartbeat, engineers at the JIS College of Engineering in Kolkata, India, were recently able to generate an 8-bit identifier, or “BioHash,” for a given individual’s EKG. An EKG could then be used in a process, similar to that of fingerprint scanning, that verifies an individual’s identity by comparing new scans with the original ones.
Another important aspect of the technology demonstrated by the RMIT researchers is that the steganographic process does not distort the ECG data. This is significant because shielding a patient’s identity should not come at the expense of an accurate diagnosis.
After the private data is encrypted, the ECG signal is broken down into frequency sub-bands, some carrying the meaningful data of the ECG and some carrying noise. A mathematical model identifies the different sub-bands and embeds the encrypted personal data in the noise bands. To embed the data securely, the model calls for two types of encryption. One relies on a key that the sender and the recipient both know. The other is based on a uniquely generated matrix that scrambles a key stored by both the sender’s and recipient’s computers. Once the data has been sent, the recipient’s device must have the shared key, the scrambling matrix, and information about how the data was broken down into sub-bands in order to even prompt healthcare personnel for their credentials.
Going forward, Khalil and coauthor Ayman Ibaida, a doctoral candidate in computer science at RMIT, would like to see their technique implemented in industry. They are also looking to bring their mathematical model to other biomedical signals. It seems like the process could be implemented fairly easily, but in practice it may be years before steganographic techniques can be incorporated into medical monitoring systems.
“The challenge was how do you make it really difficult for people to break. We did mathematical analysis to prove that it is secure and it is almost unbreakable,” Khalil says. “The way we achieve it without decrypting or increasing the size of the data, I think that’s a big plus for us.”
Post updated on 9 Dec, 2013
A version of this post appeared in print as "You Are Your Heartbeat."