Cytocoded passwords: BioMEMS based barcoding of biologicalsamples for user authentication in microfluidic diagnostic devices

Gabriel Salles-Loustau1& Tuan Le1

& Laleh Najafizadeh1& Saman Zonouz1 & Mehdi Javanmard1

Published online: 31 July 2018# Springer Science+Business Media, LLC, part of Springer Nature 2018

AbstractSmart and connected point-of-care (POC) medical devices are becoming ever more ubiquitous and have the potential to radicallyimprove disease diagnosis and health monitoring. This emerging connectivity can potentially create serious security issues wherepatient privacy can be easily compromised. Protection of patient data from malicious cyber-physical attackers requires radicalsolutions at the BioMEMS level. Ideally, the information exchange between the patient and practitioner is an automated andtransparent process for the patient. In practice, this exchange requires both the patient and the test results to be authenticated andvalidated respectively on the storage service to ensure that the medical diagnostic results are properly stored and their access isprotected. This secure authentication phase is particularly critical for medical diagnostics: patient data exposure could lead tonegative social effects. This work focuses on providing a transparent authentication mechanism for patient blood tests performedusing impedance flow cytometry. The goal is twofold: first, to alleviate the user from security procedures, precisely an authen-tication step, while using the medical device; second, to provide a unique identifier for the test results when stored in a remoteserver. This paper describes a domain specific authentication method for impedance flow cytometry devices. We spike into theblood samples synthetic micro-beads of different sizes, at determined concentrations, to generate a unique authentication stringthat uniquely identify a test result on the remote storage service. These authentication strings are embedded in the test devices andcan be used as a convenient alternative to generic authentication methods, such as logins and passwords. This alternative methodremoves the authentication burden from the user and protects patient’s privacy further by preventing them from linking theirpersonal information to their test results.

Keywords BioMEMS .Microfluidic Device . Point-of-Care . Passwords . Authentication . Cytocoded passwords

1 Introduction

Portable medical diagnostic or point-of-care (PoC) devicesenable a transition from a hospital-centered healthcare man-agement to a preventive, patient-centered, and cost-effectivealternative. PoC device users can monitor and detect medicalanomalies at an early stage while the diseases are still curable.

Early detection contributes to reducing individual healthcarecosts (Fries et al. 1993).

Medical diagnosis in PoC devices can be carried throughmultiple techniques, including microfluidic impedance cy-tometry. Cytometry and particle quantification have been ex-tensively used for the diagnosis of a wide range of patholog-ical conditions such as cancer and infectious (both viral andbacterial) diseases (Greve et al. 2012; Balakrishnan et al.2004; Ellis McKenzie et al. 2005; Martin et al. 1995; Chenget al. 2007a; Cheng et al. 2007b; Logan et al. 2013; Dheda etal. 2005; Wallis et al. 2010; Jones et al. 1993; Jones et al.1997; Dawit Wolday et al. 2003; Velusamy et al. 2010;Olivier Lazcka and Xavier Munoz 2007).

However, portable medical diagnostic devices do not re-place medical practitioners: patients need to consult and sharetheir medical results with medical practitioners. This informa-tion exchange requires careful consideration when designingPoC devices. Current solutions provide access to medical

Gabriel Salles-Loustau and Tuan Le contributed equally to this work.

Electronic supplementary material The online version of this article(https://doi.org/10.1007/s10544-018-0306-4) contains supplementarymaterial, which is available to authorized users.

* Mehdi Javanmardmehdi.javanmard@rutgers.edu

1 Department of Electrical and Computer Engineering, RutgersUniversity, Piscataway, NJ, USA

Biomedical Microdevices (2018) 20: 63https://doi.org/10.1007/s10544-018-0306-4

records to both parties using online services: previous works(Mancuso et al. 2014; Lee et al. 2014; Lillehoj 2014) demon-strate the integration of medical diagnostic devices with amobile platform that stores the experiment results in text fileand distributes them through Google Drive cloud services.This dependence on online services comes at a cost of extrasecurity mechanisms, such as the necessity for a strong useridentification and authentication to ensure the protection ofthe patient data. Unfortunately, authentication mechanismsare often a burden on the user and impair the usability of thedevice (Bonneau et al. 2012).

Security researchers are constantly trying to improve au-thentication mechanisms (Bonneau et al. 2012). As of today,login and password credentials are the reference solution toidentify or authenticate users. However, users dislike pass-words (Adams and Sasse 1999) and user generated passwordsprovide poor security protection. Users reuse their passwordsacross accounts, forget their passwords, or create passwordsthat are too easily brute forced (Adams and Sasse 1999;Florencio and Herley 2007; Morris and Thompson 1979;Grampp and Morris 1984). Also, user credentials or biometricauthentication (Jain et al. 2000) respectively leverage what theuser knows or is and thus create a link between patient iden-tities and their medical data. For example, current healthcareinstitutions leverage patient’s private information, such astheir name, date of birth, social security number, to index themedical records.

This work introduces a transparent authentication mechanismfor impedance flow cytometry PoC devices by embedding thepasswords in the test protocol. The proposed authenticationmech-anism differentiates either individual tests, or individual users, byleveraging unique authentication strings respectively per test oruser. The proposed design does not require any interface for theuser to authenticate and thus reduces the overall system complex-ity. This domain specific authentication method does not requireany patient information, which protects further the patient privacy.

The proposed solution leverages different combinations ofsynthetic beads to generate authentication strings. Recent de-velopments of microfluidic devices allow the high throughputand accurate particles counting (Tang et al. 2017). This can beapplied to differentiate bead counting in authentication strings.These authentication strings are unique and identifiable by theamplitude of the peak signal response in the impedance flowcytometry measurements. By carefully choosing the syntheticbeads (based on size and dielectric properties), the peak signalresponse of the beads differs to the peak signal response of thepredominant elements in the test solution, such as the bloodcells or the cells of interest. Both the user and the remoteserver know the authentication string. Users can request thetest result using the known combination and concentrations ofthe synthetic beads from the test. This proposed scheme pro-vides a domain specific authentication and an alternative touser’s credentials.

This paper is organized as follow. Section II describes theuse of synthetic micro-beads in the authentication strings as thealternative to traditional on-screen entering of identifications.Furthermore, this section describes the evaluation of the infor-mation entropy of the authentication strings. Section III de-scribes system design. This includes the fabrication of themicrofluidic device and the processing of the acquired signalfrom impedance flow cytometry measurements. Section IVevaluates the requirements for using beads in authentication.This section details the ability to identify the unique authenti-cation strings. Furthermore, this section analyzes the informa-tion entropy of using the synthetic micro-size beads in thecytocoded passwords. Section V concludes the paper.

2 Overview

In this section, we present the design and evaluation procedure ofa domain specific and transparent authentication scheme for thePoC diagnostic device. Figure 1 describes the test procedure for auser performing a blood test with the device. The transparentauthentication operates as follow: the user collects a blood sam-ple with a dedicated lancet embedded with a unique authentica-tion string. This authentication string corresponds to a set ofsynthetic beads of different sizes and concentrations. The PoCdevice measures the impedance of the synthetic beads and bloodcells in the mixed sample using impedance flow cytometry. ThePoC device then transmits the signal acquired to the remoteserver for analysis and storage using the network connection ofthe mobile device. The cloud service analyzes the impedancesignal and extracts the count of peaks corresponding to the syn-thetic beads and blood contents. The peak count of the combina-tion of synthetic beads corresponds to the authentication stringfor the blood test. Both the user and the cloud know the infor-mation at this stage of the test. Upon request, the user can sharethe authentication string with the medical practitioner who, inturn, requests the specific test result stored on the remote server.This authentication scheme does not require any patient informa-tion such as in a login and password credential authentication.

The biosensor is embedded in the microfluidic channel.This sensor enables impedance cytometry measurements.Figure 2 describes the particle detection operation in the bio-sensor. The input electrode of the biosensor embedded in themicrofluidic channel is excited with multiple signals at differ-ent frequencies while the output electrode measures the im-pedance change in the channel between the electrode pair. Thelock-in amplifier recovers the measured signals. Impedanceresponses vary between polystyrene beads and blood cellsdue to the difference in frequency dependant dielectric prop-erties between these particles. The biosensor acquires the sig-nal responses for these particles and differentiates the embed-ded authentication strings from the measurement of the cellsin the test sample. In addition to obtaining a cell count, as

63 Page 2 of 9 Biomed Microdevices (2018) 20: 63

would normally be done, the authentication password is alsoextracted based on bead count.

The characters of the proposed authentication string correspondto composition (different sizes) and concentration of syntheticbeads in the blood sample. Each bead size corresponds to a pass-word Bcharacter .̂ The percentage composition of characters willdiffer from one user password to another. The better the resolutionof the sensor in differentiating between different bead types, themore characters the password will have, thus resulting in higherentropy, which allows for more secure passwords. An optimalsensor accuracy and thus a good resolution of the different sizesand concentrations of beads and cells is the fundamental objective.This enables the detection of the different types and sizes of cellsin the blood sample and provides an accurate analysis of thesample. It also enables the detection of subtle variations ofbead sizes and concentrations, or character, used as authen-tication string. A good resolution multiplies the number ofcharacters usable in an authentication string and enhancesthe protection provided by this mechanism. In this work, weevaluate the authentication string strength by the granular-ity of the impedance detection and concentrations of themicro-bead compositions as the characters in the authenti-cation strings.

3 Microfluidic System Design

3.1 Biosensor

The impedance flow-cytometry biosensor is integrated inits microfluidic system. The sensor acquires data by mon-itoring the electrical impedance change across the elec-trode pairs in the channel. Micro-electrodes are fabricatedon the glass substrate using standard photolithographyprocedures (Xia and Whitesides 1998). The biosensor fab-rication procedure is described in the following steps. Athin layer of photoresist AZ5214 (MicroChem, MA,USA) is spin-coated on the glass substrate and cured at80°C on the hot plate. The spin-coated photoresist is thenexposed to UV light under the photomask with the micro-pattern of the micro-electrodes in the biosensor. The pat-tern of the biosensor is imposed on the thin layer ofphotoresist. After the exposure, the pattern of the biosen-sor is developed in photoresist developer. Photoresistexposed to UV light will be washed away; thusuncovering the glass substrate underneath. Whereas, theunexposed regions of the photoresist will be retained onthe glass wafer.

Fig. 2. Operation model of the integrated system. The biosensorelectrodes are excited with multiple frequencies. The lock-in amplifierrecovers the measurement signal. The distinct combination of syntheticbeads generates the authentication string associated with a test. Syntheticbeads and cells have different impedance responses due to their dielectric

property difference. Furthermore, the biosensor can distinguish furtherbetween the measurement of the embedded authentication strings andthe measurement of cells in the test samples using signal responses atmultiple frequencies.

Fig. 1. High level operation of the point-of-care (PoC) medicaldiagnostic device with transparent authentication mechanism. (1) Usersutilize the dedicated pipettes embedded with unique authenticationbarcodes to collect the blood samples. The authentication strings,constructed from the mixture of micron-sized polystyrene beads, getspiked into the blood. (2) The PoC device measures the impedance ofthe contents of the beads and blood solution using impedance cytometry.(3) The device sends the acquired signal to the remote server for analysis

and/or storage leveraging the connection of the mobile device. (4) Thecloud service analyzes the impedance signal to count the peakscorresponding to beads and blood contents. (5) Users or medicalpractitioners can request the specific test result using the uniqueauthentication string by matching the known mixture of beads to themeasured impedance signal of the beads in the solution. The methodprovides the transparent authentication mechanism as a convenientalternative to traditional on-screen authentication.

Biomed Microdevices (2018) 20: 63 Page 3 of 9 63

The impedance sensor is fabricated by depositing a thinlayer of chromium and gold on the glass wafer using electronbeam (e-beam) evaporation. The chromium and gold is depos-ited on the exposed micro-region of the glass substrateforming the biosensor with the micro-electrodes. The regionswhich are covered in photoresist will prevent the Chromiumand Gold to adhere to the glass substrate. A thin layer of 5 nmChromium and 200 nm of Gold are deposited on the glasswafer to form the biosensor. After the e-beam evaporation,lift-off processing is used to remove excess regions coveredwith Chromium and Gold. The excess regions are those whichhave a layer of photoresist underneath the Chromium andGold. By submerging the glass wafer in an acetone bath, thephotoresist will be lifted off from the glass wafer. Hence, thechromium and gold from the excess regions also removedfrom the glass wafer.

3.2 Microfluidic channel

The microfluidic channel is designed to accommodate thetransport of blood cells and beads across the electrode pairfor signal measurement. In this work, we evaluate variousauthentication strings composed of micron-sized beads. Thebeads are mixed with blood samples and used to identify thetest results at remote servers. An authentication string consistsof different bead sizes at specific concentrations. The sensor isdesigned to count individual particles (beads or cells) in asmall volume of the test solution. The microfluidic channelis designed with a thin pore to deliver a single particle at atime through the electrode pair at the measurement region.Figure 3 shows the design of the microfluidic channel. Thepore is the narrow channel at the center, which can directcells or beads sequentially. The larger well in which wedeposit the test solution, allows the beads or blood cells todispersed before entering the measurement pore of themicrofluidic channel.

The microfluidic channel is fabricated using polydimethyl-siloxane (PDMS). To fabricate the microfluidic channel, first amold is constructed. Standard photolithography is used tomicro-pattern the SU-8 mold.

In fabricating the microfluidic channel, Sylgard® 184 sili-cone elastomer base and curing agent (Dow Corning) aremixed uniformly at 10:1 in weight ratio to produce PDMSmixture. The solution is mixed and degassed in a vacuumdesiccator and then poured onto the mold. The PDMS is thencured at 80°C for 1 hour. The cured PDMS is peeled off fromthe mold. A biopsy hole punch is used to cut out the wells atthe ends of the microfluidic channel as seen in Fig. 3. Thelarger well is used as the channel inlet; whereas the smallerwell is used as the outlet. Fluid is withdrawn through themicrofluidic channel at the outlet well using a syringe pump(Harvard Apparatus 11 Pico Plus Elite).

3.3 Microfluidic system

To fabricate the microfluidic device for testing, the PDMSslab is bonded to a glass wafer using oxygen plasma bonding.Figure 4 shows the microfluidic device under the microscope.Though the electrode is interdigitated with multiple pairs, inthis work, only the counting of beads and cells via the peaksignal response of a single microelectrode pair is of interest.The biosensor is excited and the signal is measured using alock-in amplifier (Zurich Instruments HF2IS impedance spec-troscope coupled with a HF2TA transimpedance amplifier).

4 Evaluations

In this section, we evaluate the ability of the micro-device todetect the authentication strings. The micron sized beads arealso evaluated against the blood cells to show the ability todifferentiate the synthetic particles and blood cells using thesame device. This domain specific authentication method usesa variation of bead sizes and concentrations as an

Fig. 3. Polydimethylsiloxane (PDMS) microfluidic channel design. Thecircles on the left and right correspond respectively to the inlet and theoutlet. The narrow part at the middle is the pore of the channel, where theelectrode pair of the biosensor would be embedded for impedancemeasurement.

Fig. 4. Microfluidic device under test. PDMS channel is bonded to thebiosensor to create microfluidic device. The electrode pair is embedded inthe microfluidic channel to detect the impedance changes as syntheticbeads and cells pass through the channel. The fluid is driven throughthe channel via an external peristaltic pump.

63 Page 4 of 9 Biomed Microdevices (2018) 20: 63

authentication strings. This section evaluates how robust theseauthentication strings are. To read different authenticationstrings, the sensormust be able to recognize the size differenceof the synthetic beads and correctly count the number of beadsin each size in the specific composition and tell the differencebetween cells and beads. As part of the evaluation, we deter-mine the accuracy of the sensor to assess the ability to differ-entiate the characters in the authentication string. Furthermore,we evaluate the method for data analysis to count the peaks inthe data set under the influence of baseline drifting.

To evaluate the classification accuracy of the sensor, we usetwo groups of beads with sizes of 3.1 μm, 3.23 μm, 3.58 μmdiameter, and 7.1 μm, 7.26 μm, and 7.8 μm diameter. In theseexperiments, we determined the ability of the sensor to con-trast small variations in peak signal response within the group.The proportion of beads of different sizes, at specific concen-trations create unique authentication strings. In this examina-tion, the authentication strings consist of one variation in eachof 3 μm, 4 μm, 5 μm, 6 μm, and 7 μm diameter syntheticbeads at different concentrations.

To obtain several concentrations of each bead size, we de-rive the concentrations from the single stock solution of eachbead size. We calculate the diluted concentrations to have thespecific bead counts. We confirm the bead counts from eachconcentration using the MultisizerTM 3 Coulter Counter, toobtain a ground truth. We measure the empirical bead countsof the diluted concentrations using the biosensor described inSection III, and compare the empirical mean counts of thediluted concentrations with the theoretical calculations.

Additionally, we compare the signal response of beads andthe blood cells in the biosensor to show the difference in peaksignal responses. Finally, we show that the combinations ofbeads sizes at varying proportions/concentrations is a suitablemethod to be used as authentication strings for this domainspecific method.

4.1 Signal analysis

Several environmental factors such as slow changes in tem-perature, slight differences in buffer concentrations, etc. caninfluence the baseline impedance obtained from the sensingelectrodes. Due to the changes in the measurement environ-ment overtime, the data is pre-processed before using a peak-detection algorithm. The two main tasks before peak countanalysis are signal denoising and detrending. The mainsources of noise in the measured signal are thermal noiseand flicker noise (which dominates at low frequencies). Byexciting the channel electrically at high frequencies (above100 kHz) and then using a transimpedance amplifier to con-vert the current to a voltage, and then demodulating the signalusing the lock-in amplifier, flicker noise becomes negligible.A low-pass filter can be used for the denoising process.

Another source of fluctuation in impedance is the change intemperature and/or local ion adsorption at electrode surfaceover time. This causes the baseline of the measured signalto drift arbitrarily. We perform peak counting using thesimple thresholding method. However, due to arbitrary driftof the baseline during measurement, baseline drift removalmust be performed first. One possible method for signaldetrending is polynomial fitting and detrending accordingto the polynomial line. We use polynomial fitting to isolatethe contour of the baseline. We then normalize the data setby dividing the polynomial fit line. Simple threshold todetect the peak signals corresponding to the synthetic beadcounts. Further detail is shown in the supporting informa-tion section.

4.2 Bead size differentiability

In order to simultaneously perform a cell count (for diagnosticpurposes) and read the authentication strings in themicrofluidic channel, the peak signal responses of the beadsand the blood cells must be differentiated from each other.Therefore, the peak signal response of the beads used in theauthentication string must exhibit a different frequency-dependent amplitude response compared to the blood cells.According to (Cheung et al. 2005), different bead sizes showdifferent peak amplitude responses. Cheung et al. (2005)demonstrated the peak amplitude difference of 4 μm, 5μm, and 6 μm beads. Similarly, we evaluate the uniquecharacters in the authentication string by using differentbeads sizes. Different bead sizes are identified based onthe amplitude of the peak response of the beads in themicrofluidic channel. In our previous work (Le et al.2016), we evaluate the amplitude of peak signal responseof 3.58 μm and 7.8 μm diameter synthetic beads and bloodcells. Blood cells typically have a diameter of 6 μm - 8 μm.Figure 5 shows the impedance measurement of 3.58 μmbeads, 7.8 μm beads, and blood cells. At lower frequencies,the amplitude response of the beads and blood cells do notdiffer significantly. At higher frequencies, the amplitude ofthe blood cells attenuates faster with frequency compared tobeads. Using this attribute, we can differentiate peak signalresponse of the bead that similar to the blood cells in the testsolutions. Figure 6 shows the peak signal responses of 7.8μm and 3.58 μm bead. The amplitude of the signal responseof 7.8 μm and 3.58 μm beads indicates that the biosensorcan identify these beads as unique characters in the authen-tication string.

Additionally, we evaluate the biosensor’s resilience to thesmall variations in bead diameter and blood cells in themicrofluidic channel. Figure 7 shows the cluster of peaksignal responses of the beads and blood cells. There arethree distinctive groups of peak signal response to the 3μm synthetic bead group, 7 μm synthetic bead group, and

Biomed Microdevices (2018) 20: 63 Page 5 of 9 63

blood cells. The signal response of 3.1 μm, 3.23 μm, and3.58 μm are similar to each other. However, the inset figurein Fig. 7 shows that the lowest measurable amplitude fromeach bead size increases as the diameter of the beads in-creases. Although the sensor cannot complete distinguishthe group of 3 μm beads from each other, it indicates thesensitivity of the sensor nevertheless. Similarly, for the 7μm bead group, the sensor can detect the slight difference insizes based on the lowest detectable amplitude whilst notcompletely separating the beads of different sizes.However, the sensor can accurately differentiate between3 μm beads, 7 μm beads, and the blood cells.

Therefore, using the peak signals response across arange of excitation frequencies, beads at suitable sizescan be distinguished in the mixture of beads and bloodcells. An authentication string consisting of beads ofsuitable sizes can be used as a unique identifier to aspecific test sample.

Fig. 5. Normalized impedancemeasurement of (a) 3.58 μmsynthetic beads, b 7.8 μmsynthetic beads, and (c) bloodcells at different frequencies. Athigher frequencies, theimpedance of blood cellsattenuates greatly compared to theimpedance of polystyrene beads.Using this signal response, thebiosensor can differentiatebetween the cells and beadswhich have similar impedanceresponses at the lower excitationfrequencies, but differentresponse at higher frequencies.The inset figure shows thedifferences in amplitude responseof 3.58 μm synthetic bead, 7.8μm synthetic bead, and bloodcell.

Fig. 6. Peak signal response of 7.8 μm and 3.58 μm beads. Syntheticbeads with different diameters can be differentiated in the microfluidicchannel due to the difference in impedance response.

63 Page 6 of 9 Biomed Microdevices (2018) 20: 63

4.3 Bead concentration differentiability

The authentication strings consist of different bead sizes thatcan be used as characters for barcoding a specific sample.However, due to the limit of bead sizes that can pass throughthe microfluidic channel, there is a limit on the number ofauthentication strings that can be created by the combinationof bead sizes. Since, our fabricated biosensor is designed toperform the cell counting, we can specify the concentrationsof each beads size in the strings, in order to broaden the size ofcharacters in authentication strings. The challenge is to cor-rectly distinguish the authentication strings based on the dif-ferent concentration of beads in the strings. It is important toquantify beads with minimum variation and error.

To assess quantification error, we used the 7.8 μm beads toevaluate the empirical measurement of beads at different con-centrations. To demonstrate that we can control the concentra-tions of the beads as the characters in the authenticationstrings, we first measured the preliminary bead count at thearbitrary stock concentration using the Coulter counter. Afterthe empirical measurement using the biosensor, the solution ofeach concentration is verified again using the Coulter counter.Figure 8 shows the verification of empirical measurements ofdifferent bead concentrations against the confirmation of theCoulter counter. Each data point in Fig. 8 shows the mean ofthe empirical measurement, the standard error, and its verifi-cation against the Coulter counter. The plot indicates the ac-curacy of the sensor as the empirical measurement varies lin-early with the ground truth measurement using the Coultercounter. By carefully selecting the concentrations of different

beads, we can create the unique authentication strings to de-termine the specific test result. The sensor can identify beadsof different sizes, coupled with the ability to differentiate thebeads concentration, the sensor can distinguish the uniqueauthentication strings.

4.4 Authentication string alphabet size

As shown in the previous subsections, different bead sizes andconcentrations can be evaluated by on the sensor’s countingability and differentiating the dielectric characteristics of syn-thetic micro-beads. The distinct signal responses of differentbead sizes and counts in concentrations can be used to makeup the characters in the authentication strings. The unique au-thentication strings compose of different bead sizes and con-centrations can be used to identify specific test results from theusers. The authentication string alphabet size corresponds to thedifferent bead sizes and concentrations this solution can differ-entiate. The alphabet size determines the strength and therefore,the effectiveness of the passwords. Here we assess the strengthof the authentication strings according to the current acquiredresults. In this study, we show that the sensor can identify mdifferent bead sizes in the microfluidic channel. Furthermore,for each bead size, the sensor can differentiateN concentrations.Therefore, the number of total possible S combination of theauthentication strings using synthetic micro-size beads is

S ¼ Nm

therefore, the number of entropy bits Ebit in the authenticationstring is

Ebit ¼ log2 Sð Þ

Fig. 7. Cluster of impedance response of synthetic beads and blood cells.There is a distinct impedance response between the 3 μm group, 7 μmgroup, and the blood cells. Within the group of 3 μm and 7 μm, there is aslight variation in impedance response. The inset figure shows a slightlyhigher impedance response for the larger beads of the 3 μm beads.Likewise, in the 7 μm group, the beads with larger diameter haveslightly higher impedance response. The slight variation of signalresponses in the 3 μm and 7 μm groups demonstrates the sensitivity ofthe sensor.

Fig. 8. Verification of bead concentrations of 7.8 μm beads usingMultisizerTM 3 Coulter Counter. The predetermined beads concentrationis measured using the biosensor in microfluidic channel. Theconcentration is verified again using the MultisizerTM 3 CoulterCounter. The bar at each data point shows the standard error of themicrofluidic channel to the measurement of Coulter Counter.

Biomed Microdevices (2018) 20: 63 Page 7 of 9 63

In this work, we evaluate the bit entropy of the authentica-tion string using the evaluation of the data measurement of 3μm and 7 μm synthetic beads, and the conjecture of the mea-surement of the 4 μm, 5 μm, and 6 μm synthetic beads(Cheung et al. 2005). In our experiment, we successfully iden-tified 3 μm and 7 μm beads. Furthermore, the result from Fig.7 shows that the response of the sensor can recognize the smallchange in beads diameters. Despite the large overlap of signalresponse, the result shows the sensitivity if the sensornonetheless. The results presented by Cheung et al. (2005)shows the impedance sensor can potentially distinctively sep-arate the response of 4 μm, 5 μm, 6 μm, and blood cells.These data suggest that we can, at the very least, use the beadsizes of 3 μm, 4μm, 5 μm, 6 μm, and 7μmbeads to create theauthentication strings.

Additionally, Fig. 8 shows that we can differentiate multi-ple concentrations of a single bead size. In a 0.4 μL test solu-tion, we can detect as low as 11 beads. The standard errorsindicate the granularity of the concentrations of the beads inthe concentration strings. The standard error of the measure-ment is 2.64 beads. The next distinguishable bead count has amean value of 20 beads. By conjecture, we can create theauthentication strings with 3 μm, 4 μm, 5 μm, 6 μm, and 7μmwith the concentrations varying from a bead count of 10 to160 for 0.4 μL with an increment of 10 beads.

To create an authentication strings with 5 different beadsizes and 16 different concentrations we can arbitrarily selectthe concentration in the range for each bead size in the string.The authentication strings can consist of one to five differentbead sizes. Therefore, the concentration of one or more beadsin the string can be zero. In this case, there are 17 concentra-tions of 5 bead sizes to select for the authentication strings(equivalent to a 17-character long password with 5 differentpossible character values or vice versa). To simplify the case,we count the range of concentrations from zero to 150 beadcounts for 0.4 μL of sample. The total number of all possiblecombinations of authentication strings would be 165 − 1,where the subtraction of one accounts for the case where allthe concentration of beads in the string is zero. In terms ofpassword strength, the authentication string would have 20bits of information entropy for the authentication strings.

5 Conclusions

In this paper, we presented a domain specific authenticationscheme for PoC medical diagnostic devices. This authentica-tion scheme is embedded in the diagnostic procedure and canserve as a convenient alternative to on-screen input credentialsfrom the users. We have evaluated the biosensor’s ability toidentify and differentiate unique authentication strings formedfrom known concentrations of synthetic micro-size beads. We

evaluated a small sample of bead sizes and concentrations.The results show that the combination of beads sizes andconcentrations can create a large number of unique authenti-cation strings which can be used to identify the associatedmedical diagnostic results at remote storage servers. Byexpanding the number of bead sizes and the concentrationsin the sample, we can increase the scale of the usage and thestrength of the authentication strings.While we focused in thispaper on a scheme which is applicable to impedancecytometers for cell counting, we emphasize however, that thisscheme is applicable to a wide array of biosensor diagnosticdevices

Acknowledgements The devices were fabricated in the MicroelectronicResearch Laboratory (MERL) in the School of Engineering at RutgersUniversity.

References

A. Adams, M.A. Sasse, Users are not the enemy. Communications of theACM 42(12), 40–46 (1999)

P. Balakrishnan, M. Dunne, N. Kumarasamy, S. Crowe, G.Subbulakshmi, A.K. Ganesh, A.J. Cecelia, P. Roth, K.H. Mayer,S.P. Thyagarajan, S. Solomon, An inexpensive, simple, and manualmethod of CD4 T-cell quantitation in HIV-infected individuals foruse in developing countries. JAIDS J Acquir Immune Defic Syndr36(5), 1006–1010 (2004)

J. Bonneau, C. Herley, P.C. Van Oorschot, F. Stajano, The quest to replacepasswords: A framework for comparative evaluation of web authen-tication schemes. Technical report, University of Cambridge,Computer Laboratory, 2012

X. Cheng, D. Irimia, M. Dixon, K. Sekine, U. Demirci, L. Zamir, R.G.Tompkins, W. Rodriguez, M. Toner, A microfluidic device for prac-tical label-free CD4+ T-cell counting of HIV-infected subjects. Labon a Chip 7(2), 170–178 (2007a)

X. Cheng, D. Irimia, J.C. Meredith Dixon, U.D. Ziperstein, R.G. LeeZamir, M.T. Tompkins, R. William, Rodriguez. A microchip ap-proach for practical label-free CD4+ T-cell counting of HIV-infected subjects in resource-poor settings. JAIDS J AcquirImmune Defic Syndr 45(3), 257–261 (2007b)

K. Cheung, S. Gawad, P. Renaud, Impedance spectroscopy flow cytom-etry: On-chip label-free cell differentiation.Cytometry Part A 65((2),124–132 (2005)

Dawit Wolday, B Hailu, Mulu Girma, E Hailu, E Sanders, and AFontanet. Low CD4+ T-cell count and high HIV viral load precedethe development of tuberculosis disease in a cohort of HIV-positiveEthiopians. Int J Tuberc Lung Dis 7(2), 110–116 (2003)

K. Dheda, A. Lalvani, R.F. Miller, G. Scott, H. Booth, M.A. Johnson, A.Zumla, G.A.W. Rook, Performance of a T-cell-based diagnostic testfor tuberculosis infection in HIV-infected individuals is independentof CD4 cell count. Aids 19(17), 2038–2041 (2005)

F. Ellis McKenzie, W.A. Prudhomme, A.J. Magill, J. Russ Forney, B.Permpanich, C. Lucas, R.A. Gasser, C. Wongsrichanalai, Whiteblood cell counts and malaria. J Infect Dis 192(2), 323–330 (2005)

Dinei Florencio and Cormac Herley. A large-scale study of web passwordhabits. Proceedings of the 16th international conference on WorldWide Web, pages 657–666. ACM, 2007.

J.F. Fries, C. Everett Koop, C.E. Beadle, P.P. Cooper, M.J. England, R.F.Greaves, J.J. Sokolov, D. Wright, Reducing health care costs by

63 Page 8 of 9 Biomed Microdevices (2018) 20: 63

reducing the need and demand for medical services. N Engl J Med329(5), 321–325 (1993)

F.T. Grampp, R.H. Morris, The unix system: Unix operating system se-curity. AT&T Bell Labs Tech J 63(8), 1649–1672 (1984)

B. Greve, R. Kelsch, K. Spaniol, H.T. Eich, M. Götte, Flow cytometry incancer stem cell analysis and separation. Cytometry Part A 81((4),284–293 (2012)

A. Jain, L. Hong, S. Pankanti, Biometric identification. Commun ACM43(2), 90–98 (2000)

B.E. Jones, S.M.M. Young, D. Antoniskis, P.T. Davidson, F. Kramer, P.F.Barnes, Relationship of the manifestations of tuberculosis to CD4cell counts in patients with human immunodeficiency virus infec-tion. Am J Respir Crit Care Med 148(5), 1292–1297 (1993)

B.E. Jones, M.M. Oo, E.K. Taikwel, D. Qian, A. Kumar, E.R. Maslow,P.F. Barnes, CD4 cell counts in human immunodeficiencyvirusnegative patients with tuberculosis. Clin Infect Dis 24(5),988–991 (1997)

T. Le, G. Salles-Loustau, L. Najafizadeh, M. Javanmard, S. Zonouz,Secure point-of-care medical diagnostics via trusted sensing andcyto-coded passwords. In 46th Annual IEEE/IFIP InternationalConference on Dependable Systems and Networks (DSN),Toulouse, France, 2016, pp. 583–594

S. Lee, V. Oncescu, M. Mancuso, S. Mehta, D. Erickson, A smartphoneplatform for the quantification of vitamin D levels. Lab on a Chip14(8), 1437–1442 (2014)

Xiyuan Liu, Tung-Yi Lin, and Peter B Lillehoj. Smartphones for cell andbiomolecular detection. Ann Biomed Eng, 42(11):2205–2217, 2014.

C. Logan, M. Givens, J.T. Ives, M. Delaney, M.J. Lochhead, Robert TSchooley, and Constance A Benson. Performance evaluation of the

MBio Diagnostics point-of-care CD4 counter. J Immunol Methods387(1), 107–113 (2013)

M. Mancuso, E. Cesarman, D. Erickson, Detection of Kaposi’s sarcomaassociated herpesvirus nucleic acids using a smart-phone accessory.Lab on a Chip 14(19), 3809–3816 (2014)

D.J. Martin, J.G.M. Sim, G.J. Sole, L. Rymer, S. Shalekoff, A.B.N. VanNiekerk, P. Becker, C.N. Weilbach, J. Iwanik, K. Keddy, G.B.Miller, B. Ozbay, A. Ryan, T. Viscovic, M. Woolf, CD4+ lympho-cyte count in African patients co-infectedwith HIVand tuberculosis.JAIDS J Acquir Immune Defic Syndr 8(4), 386–391 (1995)

R. Morris, K. Thompson, Password security: A case history. CommunACM 22(11), 594–597 (1979)

F.C. Olivier Lazcka, F. Xavier Munoz, Pathogen detection: A perspectiveof traditional methods and biosensors. Biosensors andBioelectronics 22(7), 1205–1217 (2007)

W. Tang, D. Tang, Z. Ni, N. Xiang, H. Yi, Microfluidic impedancecytometer with inertial focusing and liquid electrodes for high-throughput cell counting and discrimination. Anal Chem 89(5),3154–3161 (2017)

V. Velusamy, K. Arshak, O. Korostynska, K. Oliwa, C. Adley, An over-view of foodborne pathogen detection: in the perspective of biosen-sors. Biotechnol Adv 28(2), 232–254 (2010)

R.S. Wallis, M. Pai, D. Menzies, T. Mark Doherty, G. Walzl, M.D.Perkins, A. Zumla, Biomarkers and diagnostics for tuberculosis:progress, needs, and translation into practice. The Lancet375(9729), 1920–1937 (2010)

Y. Xia, G.M. Whitesides, Soft lithography. Annu Rev Mater Sci 28(1),153–184 (1998)

Biomed Microdevices (2018) 20: 63 Page 9 of 9 63