Ming Li,Shucheng Yu,Joshua. D. Guttman,Wenjing Lou,Kui Ren

DOI: https://doi.org/10.1145/2422966.2422975

2013-01-01

ACM Transactions on Sensor Networks

Abstract:The body area network (BAN) is a key enabling technology in e-healthcare. An important security issue is to establish initial trust relationships among the BAN devices before they are actually deployed and generate necessary shared secret keys to protect the subsequent wireless communications. Due to the ad hoc nature of the BAN and the extreme resource constraints of sensor devices, providing secure as well as efficient and user-friendly trust initialization is a challenging task. Traditional solutions for wireless sensor networks mostly depend on key predistribution, which is unsuitable for a BAN in many ways. In this article, we propose group device pairing (GDP), a user-aided multi-party authenticated key agreement protocol. Through GDP, a group of sensor devices that have no pre-shared secrets establish initial trust by generating various shared secret keys out of an unauthenticated channel. Devices authenticate themselves to each other with the aid of a human user who performs visual verifications. The GDP supports fast batch deployment, addition and revocation of sensor devices, does not rely on any additional hardware device, and is mostly based on symmetric key cryptography. We formally prove the security of the proposed protocols, and we implement GDP on a sensor network testbed and report performance evaluation results.

Zhaoyang Zhang,Honggang Wang,Athanasios V. Vasilakos,Hua Fang

DOI: https://doi.org/10.1109/titb.2012.2206115

2012-01-01

IEEE Transactions on Information Technology in Biomedicine

Abstract:Wireless body area networks (BANs) have drawn much attention from research community and industry in recent years. Multimedia healthcare services provided by BANs can be available to anyone, anywhere, and anytime seamlessly. A critical issue in BANs is how to preserve the integrity and privacy of a person's medical data over wireless environments in a resource efficient manner. This paper presents a novel key agreement scheme that allows neighboring nodes in BANs to share a common key generated by electrocardiogram (ECG) signals. The improved Jules Sudan (IJS) algorithm is proposed to set up the key agreement for the message authentication. The proposed ECG-IJS key agreement can secure data commnications over BANs in a plug-n-play manner without any key distribution overheads. Both the simulation and experimental results are presented, which demonstrate that the proposed ECG-IJS scheme can achieve better security performance in terms of serval performance metrics such as false acceptance rate (FAR) and false rejection rate (FRR) than other existing approaches. In addition, the power consumption analysis also shows that the proposed ECG-IJS scheme can achieve energy efficiency for BANs.

Rong Fan,Ling-di Ping,Jian-Qing Fu,Xue-zeng Pan

DOI: https://doi.org/10.1109/wcsp.2010.5633690

2010-01-01

Abstract:Recently, Wireless Body Area Networks (WBANs) have been an attractive platform for pervasive computing and communication. Since the patient-related data is significance for medical diagnosis and patients' health-care, the security of distributed data storage is critical need for applications. However, the distributed architecture makes it challenging to build a secure and efficient data storage system due to the resource-constrained nature of sensor node. Besides, due to the lack of physical protection, WBANs are vulnerable to attacks when deployed in hostile environments. In order to address the challenges, we propose a novel secure and efficient data storage scheme with dynamic integrity checking in this paper. Based on the policies of multiple secret sharing, we first propose a secure and efficient patient-related data storage and access scheme for WBANs. Furthermore, to dynamically check the integrity of the distributed data shares, we then propose an efficient data integrity verification scheme based on orthonormal vectors. Finally, the security and performance analysis shows that the proposed scheme is secure and practical for WBANs.

Liping Xie,Weichao Wang,Xinghua Shi,Tuanfa Qin

DOI: https://doi.org/10.1109/icc.2017.7996735

2017-01-01

Abstract:Medical sensors are usually attached to or implanted inside patient body. Since sensing results of Body Area Networks (BAN) can directly impact the control of medical equipment, the authenticity and integrity of sensing data is essential for safety of patients. Restricted by the limited resources available to BAN sensors, researchers have referred to Physical Unclonable Function of the nodes to achieve authentication. Existing approaches focus on the authentication between control unit and sensors. Mutual authentication among body sensors has not been carefully studied. In this paper, we propose to design a lightweight mutual authentication mechanism for BAN sensors with physical unclonable functions (PUF). Using control unit as a middle point, a pair of body sensors can establish shared secrets so that authenticity of exchanged data can be protected. The proposed approach does not require sensors to conduct any encryption operations, which suits the restricted resources available to BAN nodes. The analysis shows that the proposed approach has very low overhead and does not introduce new vulnerabilities into the system.

Chunqiang Hu,Fan Zhang,Xiuzhen Cheng,Xiaofeng Liao,Dechang Chen

DOI: https://doi.org/10.1145/2463183.2463191

2013-01-01

Abstract:Wireless Body Area Networks (BANs) are expected to play a crucial role in patient-health monitoring in the near future. Establishing secure communications between BAN sensors and external users is key to addressing the prevalent security and privacy concerns. In this paper, we propose the primitive functions to implement a secret-sharing based Ciphertext-Policy Attribute-Based Encryption (CP_ABE) scheme, which encrypts the data based on an access structure specified by the data source. We also design two protocols to securely retrieve the sensitive patient data from a BAN and instruct the sensors in a BAN. Our analysis indicates that the proposed scheme is feasible, can provide message authenticity, and can counter possible major attacks such as collusion attacks and battery-draining attacks.

Chunqiang Hu,Xiuzhen Cheng,Fan Zhang,Dengyuan Wu,Xiaofeng Liao,Dechang Chen

DOI: https://doi.org/10.1109/infcom.2013.6567031

2013-01-01

Abstract:Body Area Networks (BANs) are expected to play a major role in patient health monitoring in the near future. Providing an efficient key agreement with the prosperities of plug-n-play and transparency to support secure inter-sensor communications is critical especially during the stages of network initialization and reconfiguration. In this paper, we present a novel key agreement scheme termed Ordered-Physiological-Feature-based Key Agreement (OPFKA), which allows two sensors belonging to the same BAN to agree on a symmetric cryptographic key generated from the overlapping physiological signal features, thus avoiding the pre-distribution of keying materials among the sensors embedded in the same human body. The secret features computed from the same physiological signal at different parts of the body by different sensors exhibit some overlap but they are not completely identical. To overcome this challenge, we detail a computationally efficient protocol to securely transfer the secret features of one sensor to another such that two sensors can easily identify the overlapping ones. This protocol possesses many nice features such as the resistance against brute force attacks. Experimental results indicate that OPFKA is secure, efficient, and feasible. Compared with the state-of-the-art PSKA protocol, OPFKA achieves a higher level of security at a lower computational overhead.

Wenjuan Tang,Kuan Zhang,Ju Ren,Yaoxue Zhang,Xuemin Shen

DOI: https://doi.org/10.1109/TMC.2018.2848644

IF: 6.075

2019-01-01

IEEE Transactions on Mobile Computing

Abstract:In Body Area Networks (BANs), bio-sensors can collect personal health information and cooperate with each other to provide intelligent health care services for medical users. Since personal health information is highly privacy-sensitive, the flourish of BANs still faces critical security challenges, especially secure communication between bio-sensors. In this paper, we propose a flexible and efficient authenticated key agreement scheme (PBAKA) to provide secure communication for BANs. Specifically, we employ a control unit (e.g., smart phone) to launch authentication based on physiological features collected from BANs, and integrate bilinear pairings to negotiate session keys for bio-sensors. Since physiological features can be collected from various kinds of bio-sensors in real time, PBAKA is flexible for adding new bio-sensors without pre-distributed keys. Meanwhile, PBAKA is computationally efficient by offloading authentication burden from resource-limited bio-sensors to the control unit. Security analysis demonstrates that PBAKA is provably secure under the decisional bilinear Diffie-Hellman assumption. Extensive experimental results validate efficient communication, computation and energy consumption of our scheme when compared with several existing solutions.

Zhaoyang Zhang,Honggang Wang,Athanasios V. Vasilakos,Hua Fang

DOI: https://doi.org/10.4108/icst.bodynets.2013.253689

2013-01-01

Abstract:Wireless Body Area Networks (WBANs) are the core of components of future m-Health system and is playing a crucial role in healthcare applications. A key requirement for such applications is secure communications between body sensors. This paper presents a novel key agreement scheme which allows wireless body sensors in WBANs to share a common key generated using wireless channel information. Unlike traditional biometric based security approach, the proposed key agreement does not need extra hardware, which can secure data communications in a plug-n-play manner. Our experimental results show that the proposed scheme is feasible for WBANs.

Lin Yao,Bing Liu,Guowei Wu,Kai Yao,Jia Wang

DOI: https://doi.org/10.1155/2011/282986

IF: 1.938

2011-01-01

International Journal of Distributed Sensor Networks

Abstract:Current advances in semiconductor technology have made it possible to implant a network of biosensors inside the human body for health monitoring. In the context of a body area network (BAN), the confidentiality and integrity of the sensitive health information is particularly important. In this paper, we present an ECG (electrocardiogram)-signal-based key establishment protocol to secure the communication between every sensor and the control unit before the physiological data are transferred to external networks for remote analysis or diagnosis. The uniqueness of ECG signal guarantees that our protocol can provide long, random, distinctive and temporal variant keys. Biometric Encryption technique is applied to achieve the mutual authentication and derive a non-linkable session key between every sensor and the control unit. The correctness of the proposed key establishment protocol is formally verified based on SVO logic. Security analysis shows that our protocol can guarantee data confidentiality, authenticity and integrity. Performance analysis shows that it is a lightweight protocol.

Mana Al Reshan,Hang Liu,Chunqiang Hu,Jiguo Yu

DOI: https://doi.org/10.1109/access.2019.2921822

IF: 3.9

2019-01-01

IEEE Access

Abstract:A body area network (BAN) consists of wireless sensors and actuators deployed on a patient's body for real-time health monitoring and personalized medical care. It is essential and challenging to secure wireless communications in a BAN to protect the patient's privacy while also allowing the authorized healthcare practitioners (e.g., emergency room doctors and nurses) to easily communicate with and configure the BAN devices transparent to the patient or even when the patient loses consciousness. With the existing schemes, the devices are based on a pre-installed secret password or a physiological signal feature to authenticate each other and to agree upon a cryptographic key for secure communications. The former requires a patient's input to access and configure the BAN, and the latter is not sufficiently reliable or secure due to signal dynamics. This motivates us to design a new key agreement scheme in this paper, called multi-biometric and physiological signal-based key agreement (MBPSKA), to achieve more secure and reliable authentication and communication session establishment between the BAN devices while providing flexibility to authorized personnel to access, control, and adjust the BAN without patient involvement. The proposed scheme exploits both the reliable biometric traits and the time-variant physiological signal features of a patient along with the efficient fuzzy crypto-algorithms and key distribution protocols. The devices use multiple biometric and physiological features for mutual authentication and cryptographic key protection. We analyze the security characteristics of MBPSKA, including its capabilities against various attacks. Our evaluation results using the real-world datasets demonstrate that MBPSKA outperforms the existing physiological signal-based key agreement schemes in terms of security, authentication reliability, and accuracy.

Junchao Wang,Kaining Han,Anastasios Alexandridis,Zeljko Zilic,Yu Pang,Wei Wu,Sadia Din,Gwanggil Jeon

DOI: https://doi.org/10.1016/j.comnet.2018.07.005

IF: 5.493

2018-01-01

Computer Networks

Abstract:The growth of Body Area Networks (BANs) has caused significant academic and industrial research attention, as the concept of BANs provides a feasible solution for real-time health condition monitoring. Meanwhile, Vehicle Area Networks (VANs) support communications in smart vehicles and intelligent traffic systems. In practical situations, the two areas overlap in multiple circumstances and their combination could offer a variety of services that benefit from their complementary nature. The rapid development of BAN and VAN requires advanced security techniques to protect communications since both BANs and VANs are transmitting increasingly mission-critical and private data. Therefore, a novel security scheme consisting of enhanced authentication and encryption solutions, which is dedicated in the overlapping area of VAN and BAN, is proposed in this paper. The key aspects of the security scheme were implemented and evaluated in a Field-Programmable Gate Array (FPGA). The evaluation results illustrate that the proposed security scheme has the advantages of low power consumption, low latency, and low resource utilization.

Xiong Li,Maged Hamada Ibrahim,Saru Kumari,Arun Kumar Sangaiah,Vidushi Gupta,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.comnet.2017.03.013

IF: 5.493

2017-01-01

Computer Networks

Abstract:Wireless body area networks (WBANs) are used to collect and exchange vital and sensitive information about the physical conditions of patients. Due to the openness and mobility of such networks, even without knowing the context of the exchanged data or linking traffic to the identities of involved sensors, criminals are able to gain useful information about the severe conditions of patients and carry effective undetectable physical attacks. Therefore, confidentiality and mutual authentication services are essential for WBANs, and the transmission must be anonymous and unlinkable as well. Given the limitations of the resources available for these sensors, a lightweight anonymous mutual authentication and key agreement scheme for centralized two-hop WBANs is proposed in this paper, which allows sensor nodes attached to the patient’s body to authenticate with the local server/hub node and establish a session key in an anonymous and unlinkable manner. The security of our scheme is proved by rigorous formal proof using BAN logic and also through informal analysis. Besides, the security of our scheme is evaluated by using the Automated Validation of Internet Security Protocols and Applications (AVISPA) as well. Finally, we compare our proposed scheme with other related schemes and the comparison results show that our scheme outperforms previously related schemes.

Jun Zhou,Zhenfu Cao,Xiaolei Dong

DOI: https://doi.org/10.4108/icst.bodynets.2013.253731

2013-01-01

Abstract:Wireless body area networks (WBANs) have been widely adopted to efficiently monitor patients' realtime health condition for medical treatment and emergency handling. Key agreement with the properties of plug-n-play and transparency for WBANs is indispensably required to establish the secure communication channels among body sensors. Existing works mainly focus on exploiting the technique of fuzzy vault to allow body sensors deployed on the same human body can securely establish a pairwise key at a high probability, where the authentic extracted biometric characteristics and the chaff points are indistinguishable from the adversaries' view except a brute attack. However, it simultaneously brings about a large body of additional overhead for dealing with the redundancy. In this paper, a secure and efficient biometric based deterministic key agreement for WBANs is proposed by exploiting the overlap between the biometric characteristics collected by body sensors. The pairwise keys for WBANs can be definitely negotiated by the interactions between body sensors embedded in the same human body. The security depends on the underlying one way trapdoor function rather than the coffer/vault size. Extensive simulations and comparisons illustrate the efficiency and practicability of our proposed construction BDK and the advantages over the state-of-the-art with stronger resilience, less storage, computational and communication overhead.

Chunqiang Hu,Hongjuan Li,Yan Huo,Tao Xiang,Xiaofeng Liao

DOI: https://doi.org/10.1109/tmscs.2016.2525997

2016-01-01

IEEE Transactions on Multi-Scale Computing Systems

Abstract:Wireless Body Area Networks (WBANs) are expected to play a major role in the field of patient-health monitoring in the near future, which gains tremendous attention amongst researchers in recent years. One of the challenges is to establish a secure communication architecture between sensors and users, whilst addressing the prevalent security and privacy concerns. In this paper, we propose a communication architecture for BANs, and design a scheme to secure the data communications between implanted/wearable sensors and the data sink/data consumers (doctors or nurse) by employing Ciphertext-Policy Attribute Based Encryption (CP_ABE) [1] and signature to store the data in ciphertext format at the data sink, hence ensuring data security. Our scheme achieves a role-based access control by employing an access control tree defined by the attributes of the data. We also design two protocols to securely retrieve the sensitive data from a BAN and instruct the sensors in a BAN. We analyze the proposed scheme, and argue that it provides message authenticity and collusion resistance, and is efficient and feasible. We also evaluate its performance in terms of energy consumption and communication/computation overhead.

Xinyu Yang,Cong Zhao,Shusen Yang,Xinwen Fu,Julie Mccann

DOI: https://doi.org/10.1109/ICC.2015.7249494

2015-01-01

Abstract:Security plays a vital role in promoting the practicality of Wireless Body Sensor Networks (BSNs), which provides a promising solution to precise human physiological status monitoring. A fundamental security issue in BSN is key management, including establishment and maintenance of the key system. However, current BSN key management solutions are either designed for specific phases of a BSN's life-time or restricted to strong assumptions such as homogeneous BSN composition, pre-deployed key materials, and existing secure path, which limits their applications in real-world BSNs. In this paper, we develop the Systematic Key Management (SKM) for practical BSNs, where basic human interactions are conducted for non-predeployed secure BSN initialization, and authenticated key agreement is achieved using lightweight non-pairing certificateless public key cryptography. We construct a BSN prototype consisting of self-designed motes and Android phones to evaluate the real-world performance of SKM. Through extensive simulations and test-bed experiments, we demonstrate that our lightweight SKM scheme manages to provide high security guarantee while outperforming state-of-the-art approaches in terms of both computation and storage efficiency.

Tong Li,Yuhui Zheng,Ti Zhou

DOI: https://doi.org/10.1155/2017/4167549

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:Wireless body area networks (WBANs) are widely used in telemedicine, which can be utilized for real-time patients monitoring and home health-care. The sensor nodes in WBANs collect the client’s physiological data and transmit it to the medical center. However, the clients’ personal information is sensitive and there are many security threats in the extra-body communication. Therefore, the security and privacy of client’s physiological data need to be ensured. Many authentication protocols for WBANs have been proposed in recent years. However, the existing protocols fail to consider the key update phase. In this paper, we propose an efficient authenticated key agreement scheme for WBANs and add the key update phase to enhance the security of the proposed scheme. In addition, session keys are generated during the registration phase and kept secretly, thus reducing computation cost in the authentication phase. The performance analysis demonstrates that our scheme is more efficient than the currently popular related schemes.

Mosarrat Jahan,Fatema Tuz Zohra,Md. Kamal Parvez,Upama Kabir,Abdul Mohaimen Al Radi,Shaily Kabir

DOI: https://doi.org/10.1016/j.smhl.2023.100413

2021-11-11

Abstract:Wireless Body Area Network (WBAN) ensures high-quality healthcare services by endowing distant and continual monitoring of patients' health conditions. The security and privacy of the sensitive health-related data transmitted through the WBAN should be preserved to maximize its benefits. In this regard, user authentication is one of the primary mechanisms to protect health data that verifies the identities of entities involved in the communication process. Since WBAN carries crucial health data, every entity engaged in the data transfer process must be authenticated. In literature, an end-to-end user authentication mechanism covering each communicating party is absent. Besides, most of the existing user authentication mechanisms are designed assuming that the patient's mobile phone is trusted. In reality, a patient's mobile phone can be stolen or comprised by malware and thus behaves maliciously. Our work addresses these drawbacks and proposes an end-to-end user authentication and session key agreement scheme between sensor nodes and medical experts in a scenario where the patient's mobile phone is semi-trusted. We present a formal security analysis using BAN logic. Besides, we also provide an informal security analysis of the proposed scheme. Both studies indicate that our method is robust against well-known security attacks. In addition, our scheme achieves comparable computation and communication costs concerning the related existing works. The simulation shows that our method preserves satisfactory network performance.

Cryptography and Security

Liping Xie,Weichao Wang,Tuanfa Qin

DOI: https://doi.org/10.1109/chase.2016.29

2016-01-01

Abstract:In the past few years mobile healthcare has attracted a lot of attention from both industry and academia. Medical sensors are usually attached to or implanted inside patient body. Since sensing results of BAN can directly impact the control of medical equipment, the authenticity and integrity of sensing data is essential for safety of patients. Existing research focuses on differentiating on-body sensors from off-the-body impersonators with the help from a control unit. In this paper, we propose to exploit wireless channel characteristics to detect on-body impersonators in BAN networks. Depending on whether or not the sensors have line-of-sight connections with the off-the-body control unit, their communication channels demonstrate different properties. For an attacker who demonstrates similar channel characteristics as the victim, a user-configurable challenge-response mechanism is designed to expose the conflicting information submitted by the two nodes. Our simulation results show that with a small increase in communication and computation overhead, we can effectively detect the on-body impersonators.

Aftab Ali,Farrukh Aslam Khan

DOI: https://doi.org/10.1007/s10916-015-0272-9

IF: 4.92

2015-08-18

Journal of Medical Systems

Abstract:Advances in wearable and implantable biosensors have enabled the applicability and usability of wireless body area networks (WBANs). A WBAN allows biosensors to collect and communicate human physiological data using wireless communication. The communication security of the collected data in WBAN is a major concern. Because of the dependability of cryptographic schemes for key management, these have become an important aspect of this security. However, the extremely constrained nature of biosensors has made designing key management schemes a challenging task. For this reason, many lightweight key management schemes have been proposed to overcome these constraints. In this article, we present a review of the state of the art of these solutions. We classify the WBAN schemes into three classes and evaluate them based on adequate metrics for key management in WBAN.

health care sciences & services,medical informatics

Jun Zhou,Zhenfu Cao,Xiaolei Dong,Naixue Xiong,Athanasios V. Vasilakos

DOI: https://doi.org/10.1016/j.ins.2014.09.003

IF: 8.1

2015-01-01

Information Sciences

Abstract:Cloud-assisted wireless body area networks (WBANs) significantly facilitate efficient patient treatment of high quality, unfortunately in the meanwhile greatly challenge the patient’s data confidentiality and privacy. The existing work mainly focused on the traditional scenario where patients securely stay indoors. In this paper, we consider a more practical situation of cloud-assisted WBANs in m-healthcare social networks where patients traverse among blocks outdoors and WBANs are more vulnerable to sophisticated attacks including even node compromise attack. To solve the problem, a secure and privacy-preserving key management scheme resilient to both time-based and location-based mobile attacks is proposed by the cooperation of the mobile patients in the same social group for both hierarchical and distributed environment. It also protects patient’s identity privacy, sensor deployment privacy and location privacy by exploiting the blinding technique and embedding human body’s symmetric structure into Blom’s symmetric key mechanism with modified proactive secret sharing. Especially, the computationally-intensive privacy-preserving key material updating is outsourced to the cloud server and the unchanged pairwise keys after key material updating dramatically saves the resources for energy-constrained WBANs. Finally, the security analysis and simulation results show our scheme far outperforms the previous ones in terms of resisting mobile attacks and storage, computation and communication overhead.