Securely connecting devices to Wi-Fi networks with a wave of a magic "Wanda"
A prototype "magic wand" has been developed that allows wireless devices to be securely configured and connected to a Wi-Fi network simply by pointing the wand at them. The device, dubbed "Wanda," was created with the goal of preventing hackers from gaining access to personal data from wireless and mobile health technologies, be they in the home or clinic.
Part of a National Science Foundation-funded project called "Trustworthy Health and Wellness" (THaW) that is steered by Dartmouth College, Wanda has been developed to help in the broader realm of protecting patient privacy and confidentiality. This is particularly relevant with health records increasingly being transferred from paper files into digital format as healthcare services and medical devices become more computer-based and Web-connected to improve data quality and reduce costs.
"But these new technologies, whether in the form of software for smartphones or specialized devices to be worn, carried or applied as needed, also pose risks if they're not designed or configured with security and privacy in mind," said David Kotz, a professor of computer science at Dartmouth.
Relying on patients to set up their devices to talk to a Wi-Fi network, however, is fraught with difficulties. Not only are many patients unlikely to be tech-savvy enough to carry out such tasks, but those that can may have a medical condition that may prevent their doing so. Increasing technical staff numbers to help install these devices for patients would simply negate the cost-savings. But more than this, poor set-ups without passwords could lead to stolen data which may compromise the security of a patient's records or even the health of the patients themselves if devices such as heart-monitors or dialysis machinesare hacked or compromised.
Securely joining a local network is only one part of the puzzle. Devices also need to partner with other nearby devices so they can share information and work together, and they also need to connect with the relevant cloud account. To address all three needs, Dartmouth College doctoral student Tim Pierson and his team developed "Wanda" as a wand-shaped device that consists of two antennas separated by one-half wavelength and uses radio strength as a communication channel.
To add a new device to a Wi-Fi network, the wand is first removed from a USB port on a Wi-Fi access point (where data has been loaded to it), taken over to the device to be connected, and then pointed at said device. After the couple of seconds required to securely handshake with the new piece of equipment, the wand then securely transfers the confidential Wi-Fi network information using encrypted key protocols, and the connection is made. The researchers claim that the same procedure may be used to convey all types of information from the wand to another device.
To achieve this automatic wireless transfer, Wanda is fitted with two antennas, so that it is able to determine when it is close enough to another device capable of receiving and transmitting radio signals by comparing the difference of field strength of the signals received. Once the device determines that there is a device present in close proximity and capable of receiving information in the form transmitted, Wanda then imparts that information to the new device.
"People love this new approach to connecting devices to Wi-Fi," said Pierson. "Many of our volunteer testers remarked on the frustration they've encountered when configuring wireless devices at home and ask when they can take our wand home."
The results of this research will be presented at the IEEE International Conference on Computer Communications in April this year.