News Release 16-023

Security with the wave of a wand

Dartmouth project designs cybersecurity measures for home-based health care

Man jolds a commercial prototype of Wanda device

Wanda makes it easy for people to safely add new mobile health devices to their home Wi-Fi network.


February 29, 2016

This material is available primarily for archival purposes. Telephone numbers or other contact information may be out of date; please see current contact information at media contacts.

Increasingly, health care is moving out of the doctor's office and into the home, allowing greater patient freedom and monitoring, but also giving rise to new security risks.

One of the main challenges facing home health technology design is the public's inability to set up a secure network in their home and keep it operational. This can lead to compromised or stolen data, or even potentially hacked devices, such as heart rate monitors or dialysis machines.

To address this problem, researchers at Dartmouth College have developed a digital "magic wand" to improve home health care and prevent hackers from stealing personal data.

The system, called Wanda, makes it easy for people to add a new device to their Wi-Fi network at home (or in a clinic), even if they don't have professional IT support staff to configure, track and update the medical devices.

The researchers will present a paper on the wand-based cybersecurity configurations at the Institute of Electrical and Electronics Engineers International Conference on Computer Communications in San Francisco in April.

The research is part of a project funded by the National Science Foundation (NSF) titled "Trustworthy Health and Wellness" (THaW.org) and led by Dartmouth computer science professor David Kotz. The project aims to protect patients and preserve the confidentiality of medical data.

The THaW team conducts research related to mobile and cloud technology for health and wellness applications, including efforts to secure small-scale clinical networks and to reduce malicious activity in hospitals.

Supported by a $10 million, five-year grant from NSF, the project includes experts in computer science, business, behavioral health, health policy and health care information technology at Dartmouth, Johns Hopkins University, the University of Illinois at Urbana-Champaign, the University of Michigan and Vanderbilt University.

As part of ThaW, graduate student Tim Pierson developed a system where an individual can simply pull a small wand from a USB port on a Wi-Fi access point and point it at a new device at close range. Within a few seconds, the wand securely beams the secret Wi-Fi network information to the device, making it secure and operational.

The same method can be used to transfer any information from the wand to the new device without anyone nearby capturing private data or tampering with the information.

"People love this new approach to connecting devices to Wi-Fi," says Pierson. "So many of our volunteer testers remark on the frustration they've encountered in configuring wireless devices at home and ask when they can take our 'wand' home."

There are three basic operations involved. First, Wanda configures a device to join the wireless local-area network. Second, it partners that device with others nearby, so they can work together. And third, it configures the device so it can connect to the relevant individual or organizational account in the cloud.

Wanda -- a small piece of hardware with two antennas that uses radio strength as a communication channel -- accomplishes all of these tasks without the need for outside assistance.

"We anticipate our Wanda technology being useful in a wide variety of applications, not just health care, and for a wide range of device management tasks, not just Wi-Fi network configuration," Kotz says.

Kotz notes that mobile health technologies have incredible potential, but that insufficient attention to their security could hinder their adoption and lead to the theft of personal data or worse.

Fortunately, THaW researchers are identifying gaps in security and providing practical security solutions, says Kotz.

"We are developing novel methods for security and privacy so we can help usher in an era of effective and secure mobile health solutions," he says.

-NSF-

Media Contacts
Aaron Dubrow, NSF, 703-292-4489, email: adubrow@nsf.gov
John Cramer, Dartmouth College, 603- 646-9130, email: John.D.Cramer@dartmouth.edu

Principal Investigators
David Kotz, Dartmouth College, 603-646-1439, email: David.F.Kotz@dartmouth.edu

The U.S. National Science Foundation propels the nation forward by advancing fundamental research in all fields of science and engineering. NSF supports research and people by providing facilities, instruments and funding to support their ingenuity and sustain the U.S. as a global leader in research and innovation. With a fiscal year 2023 budget of $9.5 billion, NSF funds reach all 50 states through grants to nearly 2,000 colleges, universities and institutions. Each year, NSF receives more than 40,000 competitive proposals and makes about 11,000 new awards. Those awards include support for cooperative research with industry, Arctic and Antarctic research and operations, and U.S. participation in international scientific efforts.

mail icon Get News Updates by Email 

Connect with us online
NSF website: nsf.gov
NSF News: nsf.gov/news
For News Media: nsf.gov/news/newsroom
Statistics: nsf.gov/statistics/
Awards database: nsf.gov/awardsearch/

Follow us on social
Twitter: twitter.com/NSF
Facebook: facebook.com/US.NSF
Instagram: instagram.com/nsfgov