Access Control for CGM Devices
Continuous Glucose Monitoring (CGM) systems transmit sensitive health data between sensors, displays, and insulin delivery devices, processing up to 288 readings per day per patient. These systems must maintain data integrity and access control while operating within strict power and latency constraints—typically requiring sensor readings every 5 minutes with transmission ranges of 3-10 meters.
The fundamental challenge lies in balancing robust security protocols against the need for immediate, reliable data access in potentially life-critical situations.
This page brings together solutions from recent research—including password-authenticated key exchange (PAKE) protocols, proximity-based authentication systems, selective data transmission strategies, and configurable partner interfaces. These and other approaches demonstrate how CGM systems can maintain security while ensuring timely, power-efficient data delivery to authorized devices.
1. Diabetes Management System with Configurable Partner Interface for Device Interoperability
Dexcom, Inc., 2023
A diabetes management system that improves the flexibility and adaptability of connected devices like continuous glucose monitors, insulin pumps, and displays to work better together. The system uses a diabetes management partner interface to configure devices like sensors and pumps for wireless communication with partners like displays and alerts. It allows partner devices to request access to the sensor's configuration parameters via the interface. The sensor can then modify its settings to accommodate partner requirements. This enables customized communication and coordination between devices from different manufacturers.
2. Device Pairing and Synchronization System with Secure Display Authentication and Key Exchange Mechanism
Dexcom, Inc., 2023
Securely pairing and synchronizing multiple displays like smartphones and dedicated glucose monitors to transmit and display glucose levels. The transmitter limits the number of connected displays and exchanges an application key with each device periodically. This prevents unauthorized devices from connecting. The displays authenticate with the transmitter using a hash of their ID. The transmitter allows only matched devices. This allows consistent display across devices while preventing unauthorized access.
3. Glucose Monitoring Data Retrieval System Using Access Code-Based Web Requests
ABBOTT DIABETES CARE INC., 2023
Retrieving glucose data from a glucose monitoring system without requiring a wired connection to a user device or an account login. The system uses access codes associated with users to enable others like EMR systems or patients' devices to request and receive glucose reports without direct system access. When a user's device sends a web request with their access code, the monitoring system retrieves their report and sends it back. This allows external systems and users to access glucose data without needing system connectivity or login credentials.
4. Method for Secure Pairing of Medical Devices Using Password-Authenticated Key Exchange Without Input/Output Dependency
Dexcom, Inc., 2023
Securely pair medical devices like sensors and displays in healthcare facilities without requiring input/output capabilities on both devices. The method involves using password-authenticated key exchange (PAKE) to generate an authentication key at the application layer. Each device derives a passkey from that key for verifying pairing. This allows devices without I/O to authenticate without requiring devices with I/O to enter a passkey. The derived passkeys are then used to establish encrypted connections.
5. Access Control System for In Vivo Analyte Sensors with User Application Authentication and Data Expiration Mechanism
ABBOTT DIABETES CARE INC., 2022
Controlling access to data from in vivo analyte sensors to prevent unauthorized use. It involves authenticating user interface applications to operate with sensor interface applications, restricting access to real-time sensor data, and expiring displayed analyte levels after a set time. This ensures accurate and secure analyte monitoring when multiple apps interact with sensors. It prevents apps from accessing sensor data without approval and prevents displaying outdated levels.
6. System for Continuous Biometric Verification and Contextual Access Control
THE WHISPER COMPANY, 2021
Determining persistent presence of an authorized user while performing allowed operations on an allowed resource of the system while satisfying certain context-sensitive restrictions. The system uses biometric authentication and sensors to verify user identity and allow authorized operations. It prevents unauthorized access by requiring continuous authentication and context matching. If the user steps away from the device or context changes, they must reauthenticate to continue. This ensures authorized users can access resources while preventing others from misusing them.
7. System for Controlled Secure Transmission and Verification of Medical Data Across Devices
DexCom, Inc., 2021
Controlling and protecting the retransmission of patient medical data like glucose levels to prevent compromising confidentiality and ensure proper use. The controls limit access and redistribution of medical data between apps and devices. Techniques include delaying the transmission of sensitive data, encrypting it, or separating less sensitive data. Apps are verified to accurately store received medical data. This allows using medical apps on devices like smartphones while mitigating risks of compromised data, incorrect recommendations, or missed alarms.
All of these technologiesᅳwhich range from sophisticated authentication mechanisms to secure pairing techniquesᅳhelp ensure that CGM devices operate safely and effectively while protecting patient data and making it available to authorized users only. Ensuring patient data security and improving diabetes care will depend on strict security requirements being upheld as CGM technology develops.
Get Full Report
Access our comprehensive collection of patents related to this technology
