Secure Point-of-Care Medical Diagnostics via Trusted Sensing and Cyto-Coded Passwords

Trustworthy and usable healthcare requires not only effective disease diagnostic procedures to ensure delivery of rapid and accurate outcomes, but also lightweight user privacy-preserving capabilities for resource-limited medical sensing devices. In this paper, we present MedSen, a portable, inexpensive and secure smartphone-based biomarker1 detection sensor to provide users with easy-to-use real-time disease diagnostic capabilities without the need for in-person clinical visits. To minimize the deployment cost and size without sacrificing the diagnostic accuracy, security and time requirement, MedSen operates as a dongle to the user's smartphone and leverages the smartphone's computational capabilities for its real-time data processing. From the security viewpoint, MedSen introduces a new hardware-level trusted sensing framework, built in the sensor, to encrypt measured analog signals related to cell counting in the patient's blood sample, at the data acquisition point. To protect the user privacy, MedSen's in-sensor encryption scheme conceals the user's private information before sending them out for cloud-based medical diagnostics analysis. The analysis outcomes are sent back to Med-Sen for decryption and user notifications. Additionally, MedSen introduces cyto-coded passwords to authenticate the user to the cloud server without the need for explicit screen password entry. Each user's password constitutes a predetermined number of synthetic beads with different dielectric characteristics. MedSen mixes the password beads with the user's blood before submitting the data for diagnostics analysis. The cloud server authenticates the user based on the statistics and characteristics of the beads with the blood sample, and links the user's identity to the encrypted analysis outcomes. We have implemented a real-world working prototype of MedSen through bio-sensor fabrication and smartphone app (Android) implementations. Our results show that MedSen can reliably classify different users based on their cyto-coded passwords with high accuracy. MedSen's built-in analog signal encryption guarantees the user's privacy by considering the smartphone and cloud server possibly untrusted (curious but honest). MedSen's end-to-end time requirement for disease diagnostics is approximately 0.2 seconds on average.