| CPC G16H 40/40 (2018.01) [G16H 20/30 (2018.01); G16H 40/67 (2018.01); H04L 9/3247 (2013.01); H04L 9/3268 (2013.01)] | 32 Claims |
|
1. A method of authorizing communication with an implanted therapy system, the method comprising:
receiving, in the implanted therapy system, a communication from a user with a digitally signed certificate and a date and/or time setting for the implanted therapy system with a second digitally signed certificate, wherein the digitally signed certificate was provided to the user by a remote server after verifying that the user is a clinician who has provided a recognized user name and password to the remote server;
verifying, by the implanted therapy system, that each of a digital signature on the digitally signed certificate and a digital signature on the second digitally signed certificate corresponds to an authorized user by either:
(1) using a unique, implant-specific key to confirm each of the digital signature on the digitally signed certificate and the digital signature on the second digitally signed certificate, wherein the implant-specific key is known only to the implanted therapy system and to the remote server, or
(2) using a public key maintained in the implanted therapy system to confirm that each of the digital signature on the digitally signed certificate and the digital signature on the second digitally signed certificate corresponds to a private key held by only the remote server;
modifying operation of the implanted therapy system based on the communication received from the authorized user, and
modifying the date and/or time setting of the implanted therapy system based on the received date and/or time setting once the digital signature on the second digitally signed certificate is verified.
|