Our solution is a system called Heart-to-Heart (H2H). H2H
implements a simple access-control policy for IMDs that we call
“touch-to-access”: A medical instrument (e.g., commercial device
programmer), which we call generically a Programmer, obtains access
to a patient’s IMD if and only if it has significant physical contact
with the patient’s body. An important facet of touch-to-access
is forward security. Authentication to the IMD lapses once the instrument
loses physical contact with the patient.