Research And Implementation Of Secure Transmission System Based On Optimized Exchange Protocol In 11073

The ISO/IEEE11073 standard of personal health devices(11073PHD)is designed to ensure interoperability between personal health devices and terminal devices such as mobile phones and tablets.The optimal exchange protocol(11073-20601)is the core part of 11073 PHD.As long as the both sides in communication follow the framework and grammar model defined by this standard,they can achieve the transmission of health data in different systems.The current 11073 PHD does not provide a way to ensure the secure exchange of health data.Instead,it delivers the task of secure transmission to an ideal transmission channel.In particular,there's a lot of uncertainty in wireless transmission.For the questions,this dissertation studies and implements a secure transfer system.The system used a security extension of 11073 PHD standard.It ensures security of the health data in communications between personal health devices and terminal devices,and minimizes the impact of the interoperability.First of all,this dissertation starts with several communication entities and points out that data in the current IEEE11073 standard may be confronted with a large number of threats and then proposes a security extension scheme of 11073 protocol.It created a challenge-response mechanism which can authentic both sides in communication by using Shared key and challenge values.The session key and HMAC key generated after authentication guarantee the confidentiality and validity of messages.Local data encryption storage can prevent health data from being leaked locally.The Shared key update mechanism makes the scheme more robust.At the same time,security analysis and time space analysis are carried out on the extension protocol in theory,and the analysis indicates that the extension protocol has a certain amount of security and less delay.Secondly,the extended 11073 protocol is designed in detail.The 11073 protocol module is implemented on the Android platform,and it is the most important part of this dissertation.It includes communication model and data processing module.In the aspect of communication model,the application data unit(APDU)and state machine is designed,which is convenient for data analysis and processing.The association phase,configuration phase and measurement transmission phase in the communication processare realized.The association phase enables agent and manager to establish session connections and generate session keys.The configuration phase allows the two sides in communication to agree on a general set of operating parameters,so that the measurements can be transferred.measurement transmission phase uses managerinitiated mode,providing a control of the data stream.The data processing module parses the interactive data and transforms health data.In order to make 11073 protocol module more portable,it is considered to use C to implement the protocol part.Finally,on the Android platform,the management system is implemented.It used JNI to call 11073 protocol module to interact with personal health devices.It shows health data in an intuitive way to user.Tests show that the transmission system have a certain practicality and security.