Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Tao Feng,Nicholas DeSalvo,Lei Xu,Xi Zhao,Xi Wang,Weidong Shi

DOI: https://doi.org/10.4108/icst.mobicase.2014.257767

2014-01-01

Abstract:With the rise of Internet connected mobile devices, applications have migrated from PCs to mobile computing platforms. An important aspect, payment processing, faces new security challenges from these developments. Inasmuch, these advancements demand efforts from researchers and industry to meet increasing security needs. Threats can ensue from data loss, theft from lost, stolen, or decommissioned devices, information-stealing malware, and password peeping. We propose a secure framework for sensitive session driven applications which combines biometric-based continuous and implicit tracking of user identities, and TrustZone. This framework is accomplished through monitoring fingerprint authentication logs as well as detecting events when the phone has left the user's hands, all while in TrustZone, a platform for secure computation and storage on mobile devices. This solution leverages multiple onboard sensors as well as the ARM architecture to accomplish these feats. We conducted two user-studies acquiring smartphone users' usage statistics to investigate security and usability needs of our identity-tracking solution. To monitor these subtle gestures in real-world uncontrolled environments, multi-session data collection has been conducted to iteratively improve system performance. The evaluation results have demonstrated the feasibility of this framework as a secure session-based payment system.

Farnaz Farid,Mahmoud Elkhodr,Fariza Sabrina,Farhad Ahamed,Ergun Gide

DOI: https://doi.org/10.3390/s21020552

IF: 3.9

2021-01-14

Sensors

Abstract:This paper proposes a novel identity management framework for Internet of Things (IoT) and cloud computing-based personalized healthcare systems. The proposed framework uses multimodal encrypted biometric traits to perform authentication. It employs a combination of centralized and federated identity access techniques along with biometric based continuous authentication. The framework uses a fusion of electrocardiogram (ECG) and photoplethysmogram (PPG) signals when performing authentication. In addition to relying on the unique identification characteristics of the users’ biometric traits, the security of the framework is empowered by the use of Homomorphic Encryption (HE). The use of HE allows patients’ data to stay encrypted when being processed or analyzed in the cloud. Thus, providing not only a fast and reliable authentication mechanism, but also closing the door to many traditional security attacks. The framework’s performance was evaluated and validated using a machine learning (ML) model that tested the framework using a dataset of 25 users in seating positions. Compared to using just ECG or PPG signals, the results of using the proposed fused-based biometric framework showed that it was successful in identifying and authenticating all 25 users with 100% accuracy. Hence, offering some significant improvements to the overall security and privacy of personalized healthcare systems.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yanyan Li,Mengjun Xie,Jiang Bian

DOI: https://doi.org/10.1109/EMBC.2014.6944620

2014-01-01

Abstract:Electronic consent becomes increasingly popular in the healthcare sector given the many benefits it provides. However, security concerns, e.g., how to verify the identity of a person who is remotely accessing the electronic consent system in a secure and user-friendly manner, also arise along with the popularity of electronic consent. Unfortunately, existing electronic consent systems do not pay sufficient attention to those issues. They mainly rely on conventional password based authentication to verify the identity of an electronic consent user, which is far from being sufficient given that identity theft threat is real and significant in reality. In this paper, we present a security enhanced electronic consent model called USign. USign enhances the identity protection and authentication for electronic consent systems by leveraging handwritten signatures everyone is familiar with and mobile computing technologies that are becoming ubiquitous. We developed a prototype of USign and conducted preliminary evaluation on accuracy and usability of signature verification. Our experimental results show the feasibility of the proposed model.

Hsuan-Yu Chen,Zhen-Yu Wu,Tzer-Long Chen,Yao-Min Huang,Chia-Hui Liu

DOI: https://doi.org/10.3390/s21030713

IF: 3.9

2021-01-21

Sensors

Abstract:With the development of the internet, applications have become complicated, and the relevant technology has diversified. Compared with medical applications, the significance of information technology has been expanding to include clinical auxiliary functions of medical information. This includes electronic medical records, electronic prescriptions, medical information systems, etc. Although research on the data processing structure and format of various related systems is becoming mature, the integration is insufficient. An integrated medical information system with security policy and privacy protection, which combines e-patient records, e-prescriptions, modified smart cards, and fingerprint identification systems, and applies proxy signature and group signature, is proposed in this study. This system effectively applies and saves medical resources—satisfying the mobility of medical records, presenting the function, and security of medicine collection, and avoiding medical conflicts and profiteering to further acquire the maximum effectiveness with the least resources. In this way, this medical information system may be developed into a comprehensive function that eliminates the transmission of manual documents and maintains the safety of patient medical information. It can improve the quality of medical care and indispensable infrastructure for medical management.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jinghao Zhao,Boxiao Ding,Yunqi Guo,Zhaowei Tan,Songwu Lu

DOI: https://doi.org/10.1145/3447993.3483254

2021-01-01

Abstract:The SIM/eSIM card stores critical information for a mobile user to access the 4G/5G network. In this work, we uncover three vulnerabilities of the current SIM practice. We show that the PIN-based access control may expose the in-SIM data to an adversary through both hardware and software. Once exposed, such in-SIM information can be used to reconstruct various keys used for device authentication, data encryption, etc. They thus enable a number of attacks, including traffic eavesdropping, man-in-the-middle attack, impersonation, etc. The fundamental problem is that, the current SIM design does not offer proper authentication and fine-grained access control to hundreds of in-SIM files for various in-card applets and off-card units. We next propose a new solution that offers both authentication and fine-grained access control. Our implementation and evaluation have confirmed the viability of our proposal.

Varun Chandrasekaran,Fareeha Amjad,Ashlesh Sharma,Lakshminarayanan Subramanian

DOI: https://doi.org/10.48550/arXiv.1604.04667

2016-04-16

Abstract:The unique identities of every mobile user (phone number,IMSI) and device (IMEI) are far from secure and are increasingly vulnerable to a variety of network-level threats. The exceedingly high reliance on the weak SIM authentication layer does not present any notion of end-to-end security for mobile users. We propose the design and implementation of Secure Mobile Identities (SMI), a repetitive key-exchange protocol that uses this weak SIM authentication as a foundation to enable mobile users to establish stronger identity authenticity. The security guarantees of SMI are directly reliant on the mobility of users and are further enhanced by external trusted entities providing trusted location signatures (e.g. trusted GPS, NFC synchronization points). In this paper, we demonstrate the efficacy of our protocol using an implementation and analysis across standard mobility models.

Cryptography and Security,Networking and Internet Architecture

tao feng,xi zhao,nicholas desalvo,zhimin gao,xi wang,weidong shi

DOI: https://doi.org/10.1109/THS.2015.7225268

2015-01-01

Abstract:Coinciding with the surge in popularity and adoption of mobile devices and the ever-expanding capabilities of these devices, the amount of sensitive information accessed and stored has increased exponentially. Inasmuch, these advancements have, and continue to demand great efforts from researchers and the industry alike in terms of improving security therein. Existing technologies either conduct user identity verification via a login stage or request authentication every time the user accesses a sensitive app. We propose, in this paper, an IdentityTracker. This framework is dedicated to tracking the user's identity, performing app-level access control management. Continuous and implicit tracking of the user's identity is accomplished through monitoring fingerprint authentication logs as well as detecting events when the phone has left the user's hand. This approach leverages multiple onboard sensors. We conducted two user-studies acquiring smartphone users' usage statistics to investigate security and usability needs of our solution. To monitor these subtle gestures in real-world uncontrolled environments, multi-session data collection has been conducted to iteratively improve system performance. The evaluation results have demonstrated the feasibility of IdentityTracker.

Haotian Chi,Longfei Wu,Xiaojiang Du,Qiang Zeng,Paul Ratazzi

DOI: https://doi.org/10.1109/cns.2018.8433213

2018-05-01

Abstract:To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient’s IMD and a doctor’s programmer is vulnerable since once the doctor’s programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients’ rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme.

Tzu-Wei Lin,Chien-Lung Hsu,Tuan-Vinh Le,Chung-Fu Lu,Bo-Yu Huang

DOI: https://doi.org/10.3390/s21082880

IF: 3.9

2021-04-20

Sensors

Abstract:Healthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users’ health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a multi-functional remote medical service that can help patients in bed in long-distance communication environments. As telemedicine systems work in public networks, privacy preservation issue of sensitive and private transmitted information is important. One of the means of proving a user’s identity are user-controlled single sign-on (UCSSO) authentication scheme, which can establish a secure communication channel using authenticated session keys between the users and servers of telemedicine systems, without threats of eavesdropping, impersonation, etc., and allow patients access to multiple telemedicine services with a pair of identity and password. In this paper, we proposed a smartcard-based user-controlled single sign-on (SC-UCSSO) for telemedicine systems that not only remains above merits but achieves privacy preservation and enhances security and performance compared to previous schemes that were proved with BAN logic and automated validation of internet security protocols and applications (AVISPA).

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Turcu Cristina,Cerlinca Tudor,Cerlinca Marius,Prodan Remus,Turcu Cornel,Gîza Felicia

DOI: https://doi.org/10.48550/arXiv.1503.03884

2015-03-12

Computers and Society

Abstract:Managing health-care records and information is an imperative necessity. Most patient health records are stored in separate systems and there are still huge paper trails of records that health-care providers must keep to comply with different regulations. This paper proposes an RFID-based system, named SIMOPAC, that integrate RFID technology in health care in order to make patient emergency care as efficient and risk-free as possible, by providing doctors with as much information about a patient as quickly as possible. Every hospital could use SIMOPAC with their existing system in order to promote patient safety and optimize hospital workflow. We will concentrate on the RFID technology and how it could be used in emergency care. We describe a general purpose architecture and data model that is designed for collecting ambulatory data from various existing devices and systems, as well as for storing and presenting clinically significant information to the emergency care physician.

Bofan Song,Bingwen Yu,Dan Zhu,Wei Jin,Ying Mu

DOI: https://doi.org/10.1007/978-3-662-47200-2_95

2015-01-01

Abstract:With the rapid penetration of mobile devices into society, potential of using smartphones in healthcare are very exciting. Smartphone based healthcare platforms bringing the advanced laboratory instruments to rural areas, develop-ing countries and in case of emergency. It is foreseeable that the ubiquitous smartphone based platform would generate tremendous data. We need to find better ways to manage and analyze them. Other challenges involving reliability, usability and security are also important issues to take into account. Mobile is the future of healthcare. The way of healthcare will be changed stupendously after mitigate the barriers and limitations.

Marcos A. Simplicio,Leonardo H. Iwaya,Bruno M. Barros,Tereza C. M. B. Carvalho,Mats Naslund

DOI: https://doi.org/10.1109/jbhi.2014.2320444

IF: 7.7

2015-03-01

IEEE Journal of Biomedical and Health Informatics

Abstract:Security is one of the most imperative requirements for the success of systems that deal with highly sensitive data, such as medical information. However, many existing mobile health solutions focused on collecting patients' data at their homes that do not include security among their main requirements. Aiming to tackle this issue, this paper presents SecourHealth, a lightweight security framework focused on highly sensitive data collection applications. SecourHealth provides many security services for both stored and in-transit data, displaying interesting features such as tolerance to lack of connectivity (a common issue when promoting health in remote locations) and the ability to protect data even if the device is lost/stolen or shared by different data collection agents. Together with the system's description and analysis, we also show how SecourHealth can be integrated into a real data collection solution currently deployed in the city of Sao Paulo, Brazil.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Hung-Ming Chen,Jung-Wen Lo,Chang-Kuo Yeh

DOI: https://doi.org/10.1007/s10916-012-9862-y

Abstract:The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient's home. Hence, the control of access to remote medical servers' resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.'s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.'s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

Yawen Xing,Huizhe Lu,Lifei Zhao,Shihua Cao

DOI: https://doi.org/10.1007/s11036-024-02299-8

2024-09-10

Mobile Networks and Applications

Abstract:Mobile Medical information systems MMIS or mHealth applications support personal health and potentially improve the health sector by offering a solution to significant problems faced by the healthcare system. While espousing these Mobile Medical Information Systems, sequestration and security issues arise. Due to advanced computing and different capabilities, data security and confidentiality come major enterprises with continuously expanding mHealth operations. European Union General Data Protection (GDPR) and California Consumer Sequestration Act (CCPA) raise mindfulness; still, they need to address developing a system that meets sequestration and security conditions. This paper deals with research literature to understand current privacy and security issues and possible solutions for patients and providers using mHealth applications. This is the reason for several threats, such as information harvesting, tracking patients, relaying attacks, and denial of service attacks, which affect the confidentiality and integrity of these devices. We discussed the challenges and risks associated with Mobile Medical information systems and emphasized the need to address these concerns for widespread adoption. Mitigation strategies include robust security measures, regulatory compliance, and user awareness. We discussed the impact of privacy and security issues on healthcare, including potential harm to patients and disruptions in system functioning, reviewing laws, conducting a literature review, and assessing mHealth system applications. We emphasize the need for comprehensive security measures and continuous evaluation of security practices in mHealth, which need to be addressed to achieve quality, continuity, and portability of health services. We offer a critical and methodical assessment of the state of the art in mHealth security and privacy and suggest a methodology for creating and executing MMIS that is safe and protects privacy.

computer science, information systems,telecommunications, hardware & architecture

Asim F Choudhri,Arindam R Chatterjee,Ramin Javan,Martin G Radvany,George Shih

DOI: https://doi.org/10.1148/rg.2015140039

Radiographics

Abstract:The end-user of mobile device apps in the practice of clinical radiology should be aware of security measures that prevent unauthorized use of the device, including passcode policies, methods for dealing with failed login attempts, network manager-controllable passcode enforcement, and passcode enforcement for the protection of the mobile device itself. Protection of patient data must be in place that complies with the Health Insurance Portability and Accountability Act and U.S. Federal Information Processing Standards. Device security measures for data protection include methods for locally stored data encryption, hardware encryption, and the ability to locally and remotely clear data from the device. As these devices transfer information over both local wireless networks and public cell phone networks, wireless network security protocols, including wired equivalent privacy and Wi-Fi protected access, are important components in the chain of security. Specific virtual private network protocols, Secure Sockets Layer and related protocols (especially in the setting of hypertext transfer protocols), native apps, virtual desktops, and nonmedical commercial off-the-shelf apps require consideration in the transmission of medical data over both private and public networks. Enterprise security and management of both personal and enterprise mobile devices are discussed. Finally, specific standards for hardware and software platform security, including prevention of hardware tampering, protection from malicious software, and application authentication methods, are vital components in establishing a secure platform for the use of mobile devices in the medical field.

Mishall Al-Zubaidie,Zhongwei Zhang,Ji Zhang

DOI: https://doi.org/10.48550/arXiv.1902.08686

2019-02-23

Abstract:Providing a mechanism to authenticate users in healthcare applications is an essential security requirement to prevent both external and internal attackers from penetrating patients' identities and revealing their health data. Many schemes have been developed to provide authentication mechanisms to ensure that only legitimate users are authorized to connect, but these schemes still suffer from vulnerable security. Various attacks expose patients' data for malicious tampering or destruction. Transferring health-related data and information between users and the health centre makes them exposed to penetration by adversaries as they may move through an insecure channel. In addition, previous mechanisms have suffered from the poor protection of users' authentication information. To ensure the protection of patients' information and data, we propose a scheme that authenticates users based on the information of both the device and the legitimate user. In this paper, we propose a Robust Authentication Model for Healthcare Users (RAMHU) that provides mutual authentication between server and clients. This model utilizes an Elliptic Curve Integrated Encryption Scheme (ECIES) and PHOTON to achieve strong security and a good overall performance. RAMHU relies on multi pseudonyms, physical address, and one-time password mechanisms to authenticate legitimate users. Moreover, extensive informal and formal security analysis with the automated validation of Internet security protocols and applications (AVISPA) tool demonstrates that our model offers a high level of security in repelling a wide variety of possible attacks.

Cryptography and Security

Adebayo Omotosho,Omotanwa Adegbola,Barakat Adelakin,Adeyemi Adelakun,Justice Emuoyibofarhe

DOI: https://doi.org/10.48550/arXiv.1502.01233

2015-02-04

Abstract:Existing approaches to protect the privacy of Electronic Health Records are either insufficient for existing medical laws or they are too restrictive in their usage. For example, smart card-based encryption systems require the patient to be always present to authorize access to medical records. Questionnaires were administered by 50 medical practitioners to identify and categorize different Electronic Health Records attributes. The system was implemented using multi biometrics of patients to access patient record in pre-hospital <a class="link-external link-http" href="http://care.The" rel="external noopener nofollow">this http URL</a> software development tools employed were JAVA and MySQL database. The system provides applicable security when patients records are shared either with other practitioners, employers, organizations or research institutes. The result of the system evaluation shows that the average response time of 6 seconds and 11.1 seconds for fingerprint and iris respectively after ten different simulations. The system protects privacy and confidentiality by limiting the amount of data exposed to <a class="link-external link-http" href="http://users.The" rel="external noopener nofollow">this http URL</a> system also enables emergency medical technicians to gain easy and reliable access to necessary attributes of patients Electronic Health Records while still maintaining the privacy and confidentiality of the data using the patients fingerprint and iris.

Cryptography and Security,Computers and Society

Xuanang Li,Zhiming Zheng,Xiao Zhang

DOI: https://doi.org/10.1109/ngmast.2015.75

2015-01-01

Abstract:Telecare Medicine Information System enables patients to get healthcare services at home expediently and efficiently. Authentication and key agreement protocol suited for TMIS protect patient's privacy via the unsecure network. Recently, numerous protocols have been proposed intend to safeguard the communication between patients and server. However, most of them have high computation overhead and security problems. In this paper, we aim to propose a secure and effective authentication and key agreement protocol using smartcard and password for TMIS. The protocol is based on elliptic curve cryptography. Through security analysis we illustrate that our protocol is secure to resist some known attacks and provide user anonymity. Furthermore, by comparing with other related protocols we show our protocol is superior in security and performance aspects.

A. Saranya,R. Naresh,Santhi Karuppiah,M. Jenifer

DOI: https://doi.org/10.1007/s00500-023-09514-w

IF: 3.732

2024-01-06

Soft Computing

Abstract:Electronic health records (EHRs) storage in mobile cloud environments has changed in recent years, with mobile devices coupled with cloud computing to allow patient-provider medical data transfers. This sophisticated concept allows low-cost, flexible healthcare using EHRs. However, this article implements e-health data privacy and network security. An electronic payment methodology for electronic health systems is being developed in this article to allow patients to connect with a trusted physician quickly by measuring their trust by an algorithm called fuzzy attributes optimization (FAO) was used in the bright yellow sunflower optimization (BYSO) procedure. Finally, an authorization and authentication structure must be developed to ensure that all actions involving the access of payment data are under the control of the user and the physician. Identification, authentication, and authorization may all be accomplished with the help of the Trust Impute Trio Hellman algorithm. A prototype implementation of the suggested approach was used to evaluate its effectiveness in the system. It's interesting to note that, despite the patient's option to hide their identity and establish a temporary one to complete the service, the recommended method does not require the patient to submit their identity on the doctor's website. In terms of secrecy, integrity, nonrepudiation, availability of anonymity, and authentication and authorization, our system has been determined to be much more secure than conventional techniques.

computer science, artificial intelligence, interdisciplinary applications