The issue sought to be addressed by this technolgy is that implantable programmable medical electronic devices often need to communicate with a remote server, and the emerging model is that the device relay through a smartphone. However, if the smartphone is compromised, typical implementations may leave open risks of significant patient harm. However, fully locked down systems with a predesigned VPN to a single endpoint pose other risks as the implant ages, in that the server or server technology may change during the usable lifetime of the device.
Our patented technology provides an architecture that avoids reliance on trust or security within the relay smartphone and, instead, permits the implanted device to manage VPN-style connections to multiple endpoints with properly implemented certificate revocation list management. The implant responds to a request to open a secure communication link from the smartphone, to open the link, and thus has an ability to receive requests for unsolicited communications.