Rong Fan,Ling-di Ping,Jian-Qing Fu,Xue-zeng Pan

DOI: https://doi.org/10.1109/wcsp.2010.5633690

2010-01-01

Abstract:Recently, Wireless Body Area Networks (WBANs) have been an attractive platform for pervasive computing and communication. Since the patient-related data is significance for medical diagnosis and patients' health-care, the security of distributed data storage is critical need for applications. However, the distributed architecture makes it challenging to build a secure and efficient data storage system due to the resource-constrained nature of sensor node. Besides, due to the lack of physical protection, WBANs are vulnerable to attacks when deployed in hostile environments. In order to address the challenges, we propose a novel secure and efficient data storage scheme with dynamic integrity checking in this paper. Based on the policies of multiple secret sharing, we first propose a secure and efficient patient-related data storage and access scheme for WBANs. Furthermore, to dynamically check the integrity of the distributed data shares, we then propose an efficient data integrity verification scheme based on orthonormal vectors. Finally, the security and performance analysis shows that the proposed scheme is secure and practical for WBANs.

Zhaoyang Zhang,Honggang Wang,Athanasios V. Vasilakos,Hua Fang

DOI: https://doi.org/10.1109/titb.2012.2206115

2012-01-01

IEEE Transactions on Information Technology in Biomedicine

Abstract:Wireless body area networks (BANs) have drawn much attention from research community and industry in recent years. Multimedia healthcare services provided by BANs can be available to anyone, anywhere, and anytime seamlessly. A critical issue in BANs is how to preserve the integrity and privacy of a person's medical data over wireless environments in a resource efficient manner. This paper presents a novel key agreement scheme that allows neighboring nodes in BANs to share a common key generated by electrocardiogram (ECG) signals. The improved Jules Sudan (IJS) algorithm is proposed to set up the key agreement for the message authentication. The proposed ECG-IJS key agreement can secure data commnications over BANs in a plug-n-play manner without any key distribution overheads. Both the simulation and experimental results are presented, which demonstrate that the proposed ECG-IJS scheme can achieve better security performance in terms of serval performance metrics such as false acceptance rate (FAR) and false rejection rate (FRR) than other existing approaches. In addition, the power consumption analysis also shows that the proposed ECG-IJS scheme can achieve energy efficiency for BANs.

Tong Li,Yuhui Zheng,Ti Zhou

DOI: https://doi.org/10.1155/2017/4167549

IF: 1.968

2017-01-01

Security and Communication Networks

Abstract:Wireless body area networks (WBANs) are widely used in telemedicine, which can be utilized for real-time patients monitoring and home health-care. The sensor nodes in WBANs collect the client’s physiological data and transmit it to the medical center. However, the clients’ personal information is sensitive and there are many security threats in the extra-body communication. Therefore, the security and privacy of client’s physiological data need to be ensured. Many authentication protocols for WBANs have been proposed in recent years. However, the existing protocols fail to consider the key update phase. In this paper, we propose an efficient authenticated key agreement scheme for WBANs and add the key update phase to enhance the security of the proposed scheme. In addition, session keys are generated during the registration phase and kept secretly, thus reducing computation cost in the authentication phase. The performance analysis demonstrates that our scheme is more efficient than the currently popular related schemes.

Chunqiang Hu,Fan Zhang,Xiuzhen Cheng,Xiaofeng Liao,Dechang Chen

DOI: https://doi.org/10.1145/2463183.2463191

2013-01-01

Abstract:Wireless Body Area Networks (BANs) are expected to play a crucial role in patient-health monitoring in the near future. Establishing secure communications between BAN sensors and external users is key to addressing the prevalent security and privacy concerns. In this paper, we propose the primitive functions to implement a secret-sharing based Ciphertext-Policy Attribute-Based Encryption (CP_ABE) scheme, which encrypts the data based on an access structure specified by the data source. We also design two protocols to securely retrieve the sensitive patient data from a BAN and instruct the sensors in a BAN. Our analysis indicates that the proposed scheme is feasible, can provide message authenticity, and can counter possible major attacks such as collusion attacks and battery-draining attacks.

Jawaid Iqbal,Nizamuddin,Noor Ul Amin,Arif Iqbal Umar

DOI: https://doi.org/10.1109/ncia.2013.6725334

2013-01-01

Abstract:Wireless Body Area Network (WBAN) has become imperative due to rapid advancement in medical technology. However, WBAN faces different security issues due to open air communication of information. In this paper, we have proposed a lightweight smart crypto solution using authenticated key exchange coupled with cluster head formation and selection for the security of WBAN. Our proposed solution logically combines cluster head selection with key agreement that fulfills the security requirement of wireless body area network, efficient in term of resource utilization.

Jun Zhou,Zhenfu Cao,Xiaolei Dong

DOI: https://doi.org/10.4108/icst.bodynets.2013.253731

2013-01-01

Abstract:Wireless body area networks (WBANs) have been widely adopted to efficiently monitor patients' realtime health condition for medical treatment and emergency handling. Key agreement with the properties of plug-n-play and transparency for WBANs is indispensably required to establish the secure communication channels among body sensors. Existing works mainly focus on exploiting the technique of fuzzy vault to allow body sensors deployed on the same human body can securely establish a pairwise key at a high probability, where the authentic extracted biometric characteristics and the chaff points are indistinguishable from the adversaries' view except a brute attack. However, it simultaneously brings about a large body of additional overhead for dealing with the redundancy. In this paper, a secure and efficient biometric based deterministic key agreement for WBANs is proposed by exploiting the overlap between the biometric characteristics collected by body sensors. The pairwise keys for WBANs can be definitely negotiated by the interactions between body sensors embedded in the same human body. The security depends on the underlying one way trapdoor function rather than the coffer/vault size. Extensive simulations and comparisons illustrate the efficiency and practicability of our proposed construction BDK and the advantages over the state-of-the-art with stronger resilience, less storage, computational and communication overhead.

Chunqiang Hu,Xiuzhen Cheng,Fan Zhang,Dengyuan Wu,Xiaofeng Liao,Dechang Chen

DOI: https://doi.org/10.1109/infcom.2013.6567031

2013-01-01

Abstract:Body Area Networks (BANs) are expected to play a major role in patient health monitoring in the near future. Providing an efficient key agreement with the prosperities of plug-n-play and transparency to support secure inter-sensor communications is critical especially during the stages of network initialization and reconfiguration. In this paper, we present a novel key agreement scheme termed Ordered-Physiological-Feature-based Key Agreement (OPFKA), which allows two sensors belonging to the same BAN to agree on a symmetric cryptographic key generated from the overlapping physiological signal features, thus avoiding the pre-distribution of keying materials among the sensors embedded in the same human body. The secret features computed from the same physiological signal at different parts of the body by different sensors exhibit some overlap but they are not completely identical. To overcome this challenge, we detail a computationally efficient protocol to securely transfer the secret features of one sensor to another such that two sensors can easily identify the overlapping ones. This protocol possesses many nice features such as the resistance against brute force attacks. Experimental results indicate that OPFKA is secure, efficient, and feasible. Compared with the state-of-the-art PSKA protocol, OPFKA achieves a higher level of security at a lower computational overhead.

Xiong Li,Maged Hamada Ibrahim,Saru Kumari,Arun Kumar Sangaiah,Vidushi Gupta,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.comnet.2017.03.013

IF: 5.493

2017-01-01

Computer Networks

Abstract:Wireless body area networks (WBANs) are used to collect and exchange vital and sensitive information about the physical conditions of patients. Due to the openness and mobility of such networks, even without knowing the context of the exchanged data or linking traffic to the identities of involved sensors, criminals are able to gain useful information about the severe conditions of patients and carry effective undetectable physical attacks. Therefore, confidentiality and mutual authentication services are essential for WBANs, and the transmission must be anonymous and unlinkable as well. Given the limitations of the resources available for these sensors, a lightweight anonymous mutual authentication and key agreement scheme for centralized two-hop WBANs is proposed in this paper, which allows sensor nodes attached to the patient’s body to authenticate with the local server/hub node and establish a session key in an anonymous and unlinkable manner. The security of our scheme is proved by rigorous formal proof using BAN logic and also through informal analysis. Besides, the security of our scheme is evaluated by using the Automated Validation of Internet Security Protocols and Applications (AVISPA) as well. Finally, we compare our proposed scheme with other related schemes and the comparison results show that our scheme outperforms previously related schemes.

Jingwei Liu,Zonghua Zhang,Xiaofeng Chen,Kyung Sup Kwak

DOI: https://doi.org/10.1109/tpds.2013.145

IF: 5.3

2014-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Wireless body area network (WBAN) has been recognized as one of the promising wireless sensor technologies for improving healthcare service, thanks to its capability of seamlessly and continuously exchanging medical information in real time. However, the lack of a clear in-depth defense line in such a new networking paradigm would make its potential users worry about the leakage of their private information, especially to those unauthenticated or even malicious adversaries. In this paper, we present a pair of efficient and light-weight authentication protocols to enable remote WBAN users to anonymously enjoy healthcare service. In particular, our authentication protocols are rooted with a novel certificateless signature (CLS) scheme, which is computational, efficient, and provably secure against existential forgery on adaptively chosen message attack in the random oracle model. Also, our designs ensure that application or service providers have no privilege to disclose the real identities of users. Even the network manager, which serves as private key generator in the authentication protocols, is prevented from impersonating legitimate users. The performance of our designs is evaluated through both theoretic analysis and experimental simulations, and the comparative studies demonstrate that they outperform the existing schemes in terms of better trade-off between desirable security properties and computational overhead, nicely meeting the needs of WBANs.

Jingwei Liu,Zonghua Zhang,Xiaofeng Chen,Kyung Sup Kwak

DOI: https://doi.org/10.1109/tpds.2013.145

IF: 5.3

2014-02-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Wireless body area network (WBAN) has been recognized as one of the promising wireless sensor technologies for improving healthcare service, thanks to its capability of seamlessly and continuously exchanging medical information in real time. However, the lack of a clear in-depth defense line in such a new networking paradigm would make its potential users worry about the leakage of their private information, especially to those unauthenticated or even malicious adversaries. In this paper, we present a pair of efficient and light-weight authentication protocols to enable remote WBAN users to anonymously enjoy healthcare service. In particular, our authentication protocols are rooted with a novel certificateless signature (CLS) scheme, which is computational, efficient, and provably secure against existential forgery on adaptively chosen message attack in the random oracle model. Also, our designs ensure that application or service providers have no privilege to disclose the real identities of users. Even the network manager, which serves as private key generator in the authentication protocols, is prevented from impersonating legitimate users. The performance of our designs is evaluated through both theoretic analysis and experimental simulations, and the comparative studies demonstrate that they outperform the existing schemes in terms of better trade-off between desirable security properties and computational overhead, nicely meeting the needs of WBANs.

computer science, theory & methods,engineering, electrical & electronic

Chunqiang Hu,Hongjuan Li,Yan Huo,Tao Xiang,Xiaofeng Liao

DOI: https://doi.org/10.1109/tmscs.2016.2525997

2016-01-01

IEEE Transactions on Multi-Scale Computing Systems

Abstract:Wireless Body Area Networks (WBANs) are expected to play a major role in the field of patient-health monitoring in the near future, which gains tremendous attention amongst researchers in recent years. One of the challenges is to establish a secure communication architecture between sensors and users, whilst addressing the prevalent security and privacy concerns. In this paper, we propose a communication architecture for BANs, and design a scheme to secure the data communications between implanted/wearable sensors and the data sink/data consumers (doctors or nurse) by employing Ciphertext-Policy Attribute Based Encryption (CP_ABE) [1] and signature to store the data in ciphertext format at the data sink, hence ensuring data security. Our scheme achieves a role-based access control by employing an access control tree defined by the attributes of the data. We also design two protocols to securely retrieve the sensitive data from a BAN and instruct the sensors in a BAN. We analyze the proposed scheme, and argue that it provides message authenticity and collusion resistance, and is efficient and feasible. We also evaluate its performance in terms of energy consumption and communication/computation overhead.

Aftab Ali,Farrukh Aslam Khan

DOI: https://doi.org/10.1007/s10916-015-0272-9

IF: 4.92

2015-08-18

Journal of Medical Systems

Abstract:Advances in wearable and implantable biosensors have enabled the applicability and usability of wireless body area networks (WBANs). A WBAN allows biosensors to collect and communicate human physiological data using wireless communication. The communication security of the collected data in WBAN is a major concern. Because of the dependability of cryptographic schemes for key management, these have become an important aspect of this security. However, the extremely constrained nature of biosensors has made designing key management schemes a challenging task. For this reason, many lightweight key management schemes have been proposed to overcome these constraints. In this article, we present a review of the state of the art of these solutions. We classify the WBAN schemes into three classes and evaluate them based on adequate metrics for key management in WBAN.

health care sciences & services,medical informatics

Mosarrat Jahan,Fatema Tuz Zohra,Md. Kamal Parvez,Upama Kabir,Abdul Mohaimen Al Radi,Shaily Kabir

DOI: https://doi.org/10.1016/j.smhl.2023.100413

2021-11-11

Abstract:Wireless Body Area Network (WBAN) ensures high-quality healthcare services by endowing distant and continual monitoring of patients' health conditions. The security and privacy of the sensitive health-related data transmitted through the WBAN should be preserved to maximize its benefits. In this regard, user authentication is one of the primary mechanisms to protect health data that verifies the identities of entities involved in the communication process. Since WBAN carries crucial health data, every entity engaged in the data transfer process must be authenticated. In literature, an end-to-end user authentication mechanism covering each communicating party is absent. Besides, most of the existing user authentication mechanisms are designed assuming that the patient's mobile phone is trusted. In reality, a patient's mobile phone can be stolen or comprised by malware and thus behaves maliciously. Our work addresses these drawbacks and proposes an end-to-end user authentication and session key agreement scheme between sensor nodes and medical experts in a scenario where the patient's mobile phone is semi-trusted. We present a formal security analysis using BAN logic. Besides, we also provide an informal security analysis of the proposed scheme. Both studies indicate that our method is robust against well-known security attacks. In addition, our scheme achieves comparable computation and communication costs concerning the related existing works. The simulation shows that our method preserves satisfactory network performance.

Cryptography and Security

Fagen Li,Jiaojiao Hong

DOI: https://doi.org/10.1109/jsen.2016.2554625

IF: 4.3

2016-01-01

IEEE Sensors Journal

Abstract:Wireless body area networks (WBANs) are expected to act as an important role in monitoring the health information and creating a highly reliable ubiquitous healthcare system. Since the data collected by the WBANs are used to diagnose and treat, only authorized users can access these data. Therefore, it is important to design an access control scheme that can authorize, authenticate, and revoke a user to access the WBANs. In this paper, we first give an efficient certificateless signcryption scheme and then design an access control scheme for the WBANs using the given signcryption. Our scheme achieves confidentiality, integrity, authentication, non-repudiation, public verifiability, and ciphertext authenticity. Compared with existing three access control schemes using signcryption, our scheme has the least computational cost and energy consumption for the controller. In addition, our scheme has neither key escrow nor public key certificates, since it is based on certificateless cryptography.

Mengxia Shuai,Bin Liu,Nenghai Yu,Ling Xiong,Changhui Wang

DOI: https://doi.org/10.1016/j.jisa.2020.102499

IF: 4.96

2020-01-01

Journal of Information Security and Applications

Abstract:As a significant part of electronic health, wireless body area networks (WBANs) have greatly improved the quality and efficiency of healthcare. With the help of WBANs, comprehensive and uninterrupted health monitoring becomes possible, and the user can enjoy the medical services provided by application providers with no limitations on space and time. Since the physiological data of user are transmitted on the public channels, it is essential to protect user’s privacy and ensure secure communications in WBANs. In the past few years, several authentication schemes were proposed to solve the security issues of transferring data in WBANs. However, most of these schemes are not efficient and secure enough. As a step towards this direction, in this paper, we propose an efficient and privacy-preserving authentication scheme for WBANs using elliptic curve cryptography (ECC). In the proposed scheme, the method of certificateless authentication based on identity-based cryptography is adopted, which makes it suitable for multi-server architecture without online third party participation. Security analysis and comparisons with five related authentication schemes demonstrate that the proposed privacy-preserving authentication scheme can not only provide the desired security features, but also reduce the computation cost effectively.

Jiaojiao Hong,Bo Liu,Qianyuan Sun,Fagen Li

DOI: https://doi.org/10.1007/s11276-017-1597-8

IF: 2.701

2019-01-01

Wireless Networks

Abstract:The wireless body area networks (WBANs) is a practical application model of Internet of things. It can be used in many scenarios, especially for e-healthcare. The medical data of patients is collected by sensors and transmitted using wireless communication techniques. Different users can access the patient’s data with different privileges. Access control is a crucial problem in WBANs. In this paper, we design a new security mechanism named combined public-key scheme in the case of attribute-based (CP-ABES) to address the user access control in WBANs. Our scheme combines encryption and digital signatures. It uses ciphertext-policy attribute-based encryption to achieve data confidentially, access control, and ciphertext-policy attribute-based signature to realize the identity authentication. The access policy used in our scheme is threshold. Based on this feature, the length of ciphertext and signature of our scheme is constant. Our scheme provides confidentiality, unforgeability, signer privacy and collusion resistance. We prove the efficiency of our scheme theoretically and analyze the security level and energy consumption of our scheme.

Mana Al Reshan,Hang Liu,Chunqiang Hu,Jiguo Yu

DOI: https://doi.org/10.1109/access.2019.2921822

IF: 3.9

2019-01-01

IEEE Access

Abstract:A body area network (BAN) consists of wireless sensors and actuators deployed on a patient's body for real-time health monitoring and personalized medical care. It is essential and challenging to secure wireless communications in a BAN to protect the patient's privacy while also allowing the authorized healthcare practitioners (e.g., emergency room doctors and nurses) to easily communicate with and configure the BAN devices transparent to the patient or even when the patient loses consciousness. With the existing schemes, the devices are based on a pre-installed secret password or a physiological signal feature to authenticate each other and to agree upon a cryptographic key for secure communications. The former requires a patient's input to access and configure the BAN, and the latter is not sufficiently reliable or secure due to signal dynamics. This motivates us to design a new key agreement scheme in this paper, called multi-biometric and physiological signal-based key agreement (MBPSKA), to achieve more secure and reliable authentication and communication session establishment between the BAN devices while providing flexibility to authorized personnel to access, control, and adjust the BAN without patient involvement. The proposed scheme exploits both the reliable biometric traits and the time-variant physiological signal features of a patient along with the efficient fuzzy crypto-algorithms and key distribution protocols. The devices use multiple biometric and physiological features for mutual authentication and cryptographic key protection. We analyze the security characteristics of MBPSKA, including its capabilities against various attacks. Our evaluation results using the real-world datasets demonstrate that MBPSKA outperforms the existing physiological signal-based key agreement schemes in terms of security, authentication reliability, and accuracy.

Saba Marandi,Farokhlagha Moazami,Amir Malekinezhad

DOI: https://doi.org/10.1007/s12083-024-01686-y

IF: 3.488

2024-05-24

Peer-to-Peer Networking and Applications

Abstract:In the medical field, a wearable body area network is a wireless network in which wearable sensors are implemented in or on patients' bodies to gather their sensitive health information and send it to the medical servers accordingly. These multi-functional sensors provide all users with optimized and convenient services, such as homecare monitoring of people's health conditions. Ensuring the privacy of users' information during its transfer between users and medical personnel necessitates a secure wireless environment. Mobility and insecure communication channels introduce a substantial threat from unauthorized entities, jeopardizing the privacy of the transferred information within this network. To mitigate this risk, researchers have proposed various authentication and key agreement schemes, aiming to enhance the safety of the communication channel and preserve user privacy. Additionally, the wearable body area network comprises resource-constrained devices, emphasizing the need for lightweight protocols to guarantee the transmitted information's authenticity, confidentiality, and integrity. Ankur Gupta and his colleagues recently proposed a mutual authentication and key agreement protocol and proved its security against well-known attacks. However, after in-depth analysis, we discovered that their proposed protocol is vulnerable to sensor node impersonation and sensor node capture attacks. In this paper, we propose a new lightweight mutual authentication and key agreement scheme in WBAN based on basic symmetric cryptosystems (Exclusive OR and Hash functions) to overcome the security weaknesses in Gupta's protocol and provide indispensable security for communicating data. Unlike Gupta's protocol, our proposed scheme is safe in the CK-adversary threat model. The security of the presented scheme is evaluated using BAN-Logic, the AVISPA tool, and the Real or Random (ROR) model. Overall, the performance comparison of the proposed protocol with the existing related protocols depicts that our new scheme is more efficient than others in terms of communication and computational complexities.

computer science, information systems,telecommunications

Lin Yao,Bing Liu,Guowei Wu,Kai Yao,Jia Wang

DOI: https://doi.org/10.1155/2011/282986

IF: 1.938

2011-01-01

International Journal of Distributed Sensor Networks

Abstract:Current advances in semiconductor technology have made it possible to implant a network of biosensors inside the human body for health monitoring. In the context of a body area network (BAN), the confidentiality and integrity of the sensitive health information is particularly important. In this paper, we present an ECG (electrocardiogram)-signal-based key establishment protocol to secure the communication between every sensor and the control unit before the physiological data are transferred to external networks for remote analysis or diagnosis. The uniqueness of ECG signal guarantees that our protocol can provide long, random, distinctive and temporal variant keys. Biometric Encryption technique is applied to achieve the mutual authentication and derive a non-linkable session key between every sensor and the control unit. The correctness of the proposed key establishment protocol is formally verified based on SVO logic. Security analysis shows that our protocol can guarantee data confidentiality, authenticity and integrity. Performance analysis shows that it is a lightweight protocol.

Liping Xie,Weichao Wang,Xinghua Shi,Tuanfa Qin

DOI: https://doi.org/10.1109/icc.2017.7996735

2017-01-01

Abstract:Medical sensors are usually attached to or implanted inside patient body. Since sensing results of Body Area Networks (BAN) can directly impact the control of medical equipment, the authenticity and integrity of sensing data is essential for safety of patients. Restricted by the limited resources available to BAN sensors, researchers have referred to Physical Unclonable Function of the nodes to achieve authentication. Existing approaches focus on the authentication between control unit and sensors. Mutual authentication among body sensors has not been carefully studied. In this paper, we propose to design a lightweight mutual authentication mechanism for BAN sensors with physical unclonable functions (PUF). Using control unit as a middle point, a pair of body sensors can establish shared secrets so that authenticity of exchanged data can be protected. The proposed approach does not require sensors to conduct any encryption operations, which suits the restricted resources available to BAN nodes. The analysis shows that the proposed approach has very low overhead and does not introduce new vulnerabilities into the system.