Retrofitting Communication Security into a Publish/Subscribe Middleware Platform

The Medical Device Coordination Framework (MDCF) is an open source middleware package for interoperable medical devices, designed to support the emerging Integrated Clinical Environment (ICE) interoperability standard. As in any open system, medical devices connected to the MDCF or other ICE-like network should be authenticated to defend the system against malicious, dangerous, or otherwise unauthorized devices. In this paper, we describe the creation and integration of a pluggable, flexible authentication system into the almost 18,000 lines of MDCF codebase, and evaluate the performance of proof-of-concept device authentication providers. The framework is sufficiently expressive to support arbitrary modules implementing arbitrary authentication protocols using arbitrarily many rounds of communication. In contrast with the expected costs in securing nontrivial systems, often involving major architectural changes and significant degradation of system performance, our solution requires the addition of just over 1,000 lines of code (∼ 5.56%), and incurs performance overhead only from the authentication protocols themselves, rather than from the framework.