February 4, 2013

We looked at various systems, but they did address mostly messaging and were often far too costly to deploy or suited just for one country. (See for example US driven Direct Project).Y3 enables us to design mobile centric solutions which are both interoperable and future proof. Yobidrive’s CEO, François Vaille, describes their vision pertaining to the use of PKI for Securing The Internet of Things:

Yobi Drive’s Blog: Securing the Internet of things.

Let’s take a pulse Oximeter: raw saturation data has to be cleaned from non representative measurement points, added to a live data set, but also aggregated day by day… the real, meaningful data is not the raw data from the sensor. Primary data is the saturation, metadata can be location, date and time, authorized readers, sensor health… context could be “live data” or “archived”.

All those operations being managed in a Y3 context transition, the data is encrypted with the keys of the sensor immediately after all those transforms in the blackboxed Y3 API, and stored ready for use by mHealth visualization apps. Those apps access the meaningful sensor data after door opening ( so decryption enablement ) by the end user himself, in the same way than he accesses protected shares in YobiDrive FX.

IoT is a very simple and natural application of contextual storage, immediately adding intelligence to the raw nature of – not so – smart things.

Whether used for chronic disease management, in hospitals or real time monitoring during emergency transport, security and trust are always among the top requirements for our customers. Even in a growingly fragmented and diverse mobile environment, once healthcare providers have agreed on PKI certificates revocation checking, one of the last barriers to adoption will have been addressed ; patients at the center of the healthcare system, will be able to use the m-Health Internet of Things on a daily basis.

To go further:

The Direct Project: Sending health information over the cloud
http://www.ibm.com/developerworks/java/library/cl-directproject/index.html

C. Doukas et al., Enabling data protection through PKI encryption in IoT m-Health devices, 2012 International Conference on Bioinformatics and bioengineering (BIBE), p 25-29.
http://www.slideshare.net/CharalamposDoukas/dmkmv-bibe12-v2

Healthcare use of X.509 and PKI is trust worthy when managed
http://healthcaresecprivacy.blogspot.fr/2011/03/healthcare-use-of-x509-and-pki-is-trust.html