Kai Fan,Wei Wang,Yue Wang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/glocom.2016.7841663

2016-01-01

Abstract:Researchers and engineers have paid more attention to cloud-based application systems, whose features are virtualization and services provisioning. Fortunately the technology can be just right to healthcare. Meanwhile, security has also become more challenging. Although many cloud-based RFID authentication protocols have been proposed, some of them only improve the function and performance without considering security and privacy, and most of them are heavyweight. It is not appropriate in the field of healthcare, because improving the trustworthiness of anonymous virtual computing services should be the primary consideration. So we propose a lightweight privacy protection authentication scheme which can be applied in the cloud environment, in the scheme, service providers could be anonymous or unknown to the application consumer. Assuming many hospitals build a cloud platform together, the information of patient and his physician will be stored anonymously in the cloud. Patient can go to a doctor in any one hospital with a unique RFID tag. Reader may be fixed or mobile; Readers read tags and upload collected data to the cloud for further processing in real time. Compared with some traditional schemes, our scheme is lightweight, cost-efficient, elastic scalability, real-time, and easy to against synchronization attack.

Fan Wu,Lili Xu,Saru Kumari,Xiong Li,Ashok Kumar Das,Jian Shen

DOI: https://doi.org/10.1007/s12652-017-0485-5

IF: 3.662

2017-01-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:As an important part of Internet of Things, Radio Frequency Identification (RFID) system employs low-cost RFID tag to communicate with everything containing animate and inanimate objects. This technology is widely used in the e-healthcare applications. However, the malicious communication environment makes people more and more worried. In order to overcome the hazards in the network, RFID authentication schemes for e-healthcare have been proposed by researchers. But since the computation ability of the tag is relatively weak, it is necessary to put forward a lightweight and secure scheme for medical systems. Moreover, cloud is widely accepted by people and used in many kinds of systems. So we propose a novel and lightweight RFID authentication scheme with cloud for e-healthcare applications. We use an enhanced formal security model to prove the security of our scheme. In this model the channel between the server and the reader is considered to be insecure and informal analysis is used to prove the security of the proposed scheme. Through the formal and informal analysis, our scheme not only resists the common attacks, but also keeps mutual authentication, information integrity, forward untraceability and backward untraceability. Moreover, both the tag and the reader can reach the anonymity. Our scheme is only hash-based and suitable to realize various security requirements. Compared to recent schemes of the same sort, it is more applicable in e-healthcare.

Kai Fan,Qi Luo,Kuan Zhang,Yintang Yang

DOI: https://doi.org/10.1016/j.ins.2019.08.006

2017-01-01

Abstract:Radio Frequency Identification (RFID) makes it a supporting technology for the Internet of things (IoT). While RFID has been widely used and developed rapidly, its security and privacy issues cannot be ignored. With the development of cloud computing, cloud based RFID system has become a new solution. Protecting the security of RFID system in cloud environment is particularly important. Not verifying the tag or reader when reading message will have serious consequences, which may suffer many secure issues, such as intercept, modifying, replaying, DoS and synchronization. This paper puts forward an efficient and reliable RFID security authentication scheme in cloud environment. The protocol combines the logic encryption operation with timestamp, which can resist DoS attacks and anti-synchronization attacks. The proposed protocol not only can well solve the RFID security and privacy issues, but also can use the powerful cloud computing capabilities to process data.

Xingmiao Wang,Kai Fan,Kan Yang,Xiaochun Cheng,Qingkuan Dong,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.comcom.2022.01.014

IF: 5.047

2022-03-01

Computer Communications

Abstract:The widespread application of Radio Frequency Identification (RFID) technology in smart living, especially in smart healthcare, has greatly facilitated patient management, reduced the labour cost of medical services, and provided patients with better medical services. However, improper use of RFID tags is highly likely to threaten the safety and privacy of hospitals and even patients, which may not only cause physical and mental harm to patients but also damage the reputation of hospitals. Medical monitoring system based on RFID technology plays a significant role in guaranteeing the security of medical records as well as the privacy of patients. Nevertheless, due to the resource constraint of RFID tags/readers, it is also challenging to design an efficient and effective authentication protocol for RFID medical monitoring system. Aiming to reduce the resource overhead and meet security requirements of the RFID system, in this paper, we propose an ultra-lightweight RFID security authentication protocol utilizing a cloud server named CRUSAP, which is based on Bit-Crossing XOR rearrangement operations that can effectively resist forgery attacks, replay attacks, desynchronization attacks, and denial of service attacks while certifying the cloud server. The formal logic of BAN proves the safety and feasibility of the protocol. Additionally, the security analysis and experimental results show that the proposed authentication protocol can realize higher security goals at a lower cost and is more suitable for scaling to large-scale authentication.

computer science, information systems,telecommunications,engineering, electrical & electronic

Feng Zhu,Peng Li,He Xu,Ruchuan Wang

DOI: https://doi.org/10.3390/s20174846

IF: 3.9

2020-08-27

Sensors

Abstract:The Internet of Things (IoT) has been integrated into legacy healthcare systems for the purpose of improving healthcare processes. As one of the key technologies of IoT, radio frequency identification (RFID) technology has been applied to offer services like patient monitoring, drug administration, and medical asset tracking. However, people have concerns about the security and privacy of RFID-based healthcare systems, which require a proper solution. To solve the problem, recently in 2019, Fan et al. proposed a lightweight RFID authentication scheme in the IEEE Network. They claimed that their scheme can resist various attacks in RFID systems with low implementation cost, and thus is suitable for RFID-based healthcare systems. In this article, our contributions mainly consist of two parts. First, we analyze the security of Fan et al.’s scheme and find out its security vulnerabilities. Second, we propose a novel lightweight authentication scheme to overcome these security weaknesses. The security analysis shows that our scheme can satisfy the necessary security requirements. Besides, the performance evaluation demonstrates that our scheme is of low cost. Thus, our scheme is well-suited for practical RFID-based healthcare systems.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Kai Fan,Wei Jiang,Qi Luo,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.jfranklin.2019.02.023

IF: 4.246

2019-01-01

Journal of the Franklin Institute

Abstract:With the continuous development of comprehensive technologies in various fields, the cyber-physical systems has been successfully applied in many fields in a large scale. The privacy and security issues in the system have gradually become the focus of attention. This article focuses on privacy protection issues in the area of Internet of Vehicles (IoV). IoV has developed rapidly and come into public consciousness quickly. Radio Frequency Identification (RFID) technology is a safe and reliable sensor data processing system, which is widely used in IoV. However, RFID system often suffers some risks of privacy disclosure. For example the owners are reluctant to disclose their private information such as their precise location information to the public network. Faced with those security risks, it is of great importance for the RFID system applied to IoV to protect private information. In this paper, we propose a cloud-based mutual authentication protocol aiming at ensuring efficient privacy preserving in IoV system, which enables people the efficiently and intelligently travel mode while protecting their privacy from divulging. Moreover, that the anonymity of tag is implemented not only protects the privacy data of the owners, but also prevents the malicious tracking from outside attackers. As to the proposed scheme, the proof based on BAN logic indicates it is of logic security. Security analysis and performance evaluation show that the scheme can be a good security solution for IoV with the feature of good safety and reliability.

Kai Fan,Chen Zhang,Kan Yang,Hui Li,Yintang Yang

DOI: https://doi.org/10.3390/app8122506

2018-01-01

Abstract:The Internet of Things (IoT) aims to achieve the interconnection of all devices in our lives. Due to the complex network environment, the IoT with mobile devices often faces many security problems, such as privacy leakages and identity forgery attacks. As a developing technology in mobile IoT, near field communication (NFC) is widely used in electronic payments and identity authentications. The current NFC studies mainly focus on payment technology, but there are a few studies on privacy protection and the lightweight requirements in the mobile IoT authentication protocol. We focus on the lightweight privacy protection authentication technology in mobile IoT. In the paper, we summarize the clustering model in mobile IoT networks and propose a lightweight authentication protocol. A security analysis shows that the protocol can resist many security threats, such as privacy leakages, identity forgeries, and replay attacks. The simulation also shows that the protocol is lightweight, with the utilization of look-up-tables (LUTs) and registers in our protocol being less than 0.5%. Our work can provide a secure and lightweight mobile authentication serve in the NFC-based mobile IoT network such as smart home and office attendance.

Kai Fan,Shanshan Zhu,Kuan Zhang,Hui Li,Yintang Yang

DOI: https://doi.org/10.1109/mnet.2019.1800225

IF: 10.294

2019-01-01

IEEE Network

Abstract:Cloud-based RFID provides a new solution for the smart healthcare environment, and cloudbased RFID healthcare systems have many advantages over traditional healthcare systems, such as efficient medical assets management and medical information sharing. However, in the cloudbased RFID healthcare system, the untrusted cloud server manages private medical information, and these private data are transmitted on the public wireless channel, which exposes them to a high risk of leakage. Furthermore, attacks on the system may lead to serious consequences. Assuming a tag is implanted in an artificial organ and doctors use readers to monitor and control it, an attacker's tampering with these data may pose a risk to the life of this patient Thus, privacy and security issues need to be considered in the cloud-based RFID healthcare environment. In this article, we propose a lightweight authentication scheme based on quadratic reSIDuals and pseudo random number generator to guarantee the security of the cloud-based RFID healthcare system. It ensures data privacy and is resistant to typical attacks in mobile communication. Compared to other RFID authentication schemes, the proposed scheme provides strong security with fewer resources, thereby achieving a compromise between costs and security requirements of the smart healthcare system.

Junbin Kang,Kai Fan,Kuan Zhang,Xiaochun Cheng,Hui Li,Yintang Yang

DOI: https://doi.org/10.1016/j.comcom.2020.12.004

IF: 5.047

2021-02-01

Computer Communications

Abstract:<p>As an application of IoT technology in the healthcare industry, IoMT has higher security requirements than IoT while improving medical efficiency and reducing medical costs. How to ensure the safety of IoMT is a challenging task. In the implementation of IoMT, Radio-Frequency Identification (RFID) is a key technology for establishing an identity authentication system, which can efficiently identify medical equipment and patients. Designing a safe and efficient RFID authentication protocol will help protect user privacy, enhance the security of the IoMT system and improve the efficiency of medical staff to detect and manage patients. Most of the existing RFID authentication protocols can only authenticate one tag in each authentication session, which is called a per-tag protocol. In medical scenarios that need to efficiently authenticate a mass of tags at short notice, the use of traditional per-tag protocols is inefficient and may delay the treatment of patients. To solve the problem that the per-tag protocols are not applicable in some medical scenarios, we designed a low-cost batch authentication protocol which can accurately identify each illegal tag and reduce the overhead of authentication data transmission. We use the solution of homogeneous linear equations as a key to encrypt the authentication data of the tag to further reduce the cost of the tag. The protocol proposed in this paper is capable of batch certification of tags, with strong security and low tag cost. After security analysis and performance analysis, our scheme can be well applied to IoMT.</p>

computer science, information systems,telecommunications,engineering, electrical & electronic

Wei Xie,Chen Zhang,Quan Zhang,Chaojing Tang

DOI: https://doi.org/10.48550/arxiv.1301.6837

2013-01-01

Abstract:Along with the development of internet of things and pervasive computing, researchers are increasingly focusing on server-less RFID authentication and searching protocols, which utilize mobile RFID readers. However, revealing privacy of mobile reader holders is a widely neglected problem in current research. This paper concentrates on preserving privacy of mobile reader holders in server-less RFID authentication and searching protocols. We propose a detailed requirement as a principle for future protocol designs, and a scheme to enhance most current protocols. We apply our scheme to two classical protocols. The comparisons between the original and our enhanced protocols show that our scheme is secure and effective.

Zongwei Luo,Terry Chan,Jenny S. Li,Edward Wong,William Cheung,Victor Ng,Wilton Fok

DOI: https://doi.org/10.1109/icebe.2006.49

2006-01-01

Abstract:Radio frequency identification (RFID) technology is expected to become a critical and ubiquitous infrastructure technology of logistics and supply chain management (SCM) related processes and services. Low-cost has been the key to RFID adoption in many logistics/SCM applications. However, the deployment of such tags may create new threats to user privacy due to the powerful track and trace capabilities of the tags, in addition to tag/reader manufacturing challenges. As a result, some security mechanisms must be imposed on the RFID tags for addressing the privacy problems. This paper provides detailed discussion on our proposal of a lightweight RFID security protocol. It examines the features and issues through experimental analysis pertinent to efficiency and scalability to meet the requirements of the proposed security protocol in metering and payment e-commerce applications

Haradhan Ghosh,Pramod Kumar Maurya,Satya Bagchi

DOI: https://doi.org/10.1007/s11277-024-11616-z

IF: 2.017

2024-10-20

Wireless Personal Communications

Abstract:A cutting-edge idea known as the Internet of Things (IoT) connects different physical items with the online environment. IoT technology is expanding quickly and will soon have an important encounter on how we live our everyday lives. IoT applications use radio frequency identification (RFID) to automatically identify the linked devices. RFID-enabled technologies are becoming more common nowadays for protecting privacy in a variety of industries, including the smart grid, smart cities, and smart education. Healthcare is one of the prominent applications of RFID technology. Patients can receive quick and convenient care at home due to RFID-enabled healthcare solutions. However, there are instances of technology forgery, putting patients' medical information in danger. Utilizing an authentication protocol is extensively regarded as the most efficient way for RFID-enabled healthcare systems to prevent malicious attacks and the misuse of resources. Very recently, Shariq and Singh proposed a lightweight RFID-enabled protocol for healthcare using the properties of vector space. This article presents evidence that Shariq and Singh's protocol has some wrong steps and is also liable to tag anonymity and impersonation attacks. Moreover, we proposed a secured authentication protocol to overcome the flaws of Shariq and Singh's protocol using vector addition, scalar multiplication, and dot products. We analyze the formal security utilizing BAN logic and Scyther simulation tools. The proposed protocol performs better than related protocols regarding costs associated with computation, transmission, storage, and security measures.

telecommunications

Yan Wang,Feng Shu,Xuemei Lei,Xuehui Wang,Rongen Dong,Qiankun Cheng

DOI: https://doi.org/10.1109/cbd63341.2023.00021

2023-01-01

Abstract:In this paper, a new protocol is proposed to improve the security of mobile RFID smart medical system based on three existing RFID security authentication protocols. Through security analysis, BAN logic analysis and Scyther tool test, it is shown that the proposal protocol can effectively resist many typical attacks that RFID system is vulnerable to, such as location privacy leakage, impersonation attack and desynchronization attack. In addition, the time cost of tag, reader and server is 0.042 ms, 0.084 ms and 0.042 ms respectively in the process of protocol mutual authentication. The storage cost of the tag is 96 bits, and the communication cost of the protocol is 864 bits. Therefore, the results of security and performance analysis show that the protocol is low cost and high security, and can meet to the EPC C1G2 standard.

Manmeet Mahinderjit Singh,Xue Li,Zhanhuai Li

DOI: https://doi.org/10.1504/IJRFITA.2011.043738

2011-01-01

Abstract:Radio frequency identification-enabled supply chain systems are in an open system environment, where different organisations have different business workflows and operate on different standards and protocols. This supply-chain environment can only be effective if the partners can trust each other and be collaborative. However, Radio Frequency Identification (RFID) involves growing privacy and security concerns in part because humans cannot sense the radio frequency radiation used to read tags and the tags themselves maintain no history of past readings. Counterfeiting in the form of cloned or fraudulent RFID tags is a consequence of a lack of security measures and trust among the partners when RFID technology is used to automate their business transactions. This paper discusses the ways in which privacy and security protection can be maintained in an open-loop RFID supply chain. A cost-based detection of counterfeit tags using different classifiers is presented. © 2011 Inderscience Enterprises Ltd.

Kai Fan,Junbin Kang,Shanshan Zhu,Hui Li,Yintang Yang

DOI: https://doi.org/10.3390/s19010152

IF: 3.9

2019-01-01

Sensors

Abstract:Radio frequency identification (RFID) is a kind of non-contact automatic identification technology. The Internet of Vehicles (IoV) is a derivative of the Internet of Things (IoT), and RFID technology has become one of the key technologies of IoV. Due to the open wireless communication environment in RFID system, the RFID system is easy to be exposed to various malicious attacks, which may result in privacy disclosure. The provision of privacy protection for users is a prerequisite for the wide acceptance of the IoV. In this paper, we discuss the privacy problem of the RFID system in the IoV and present a lightweight RFID authentication scheme based on permutation matrix encryption, which can resist some typical attacks and ensure the user’s personal privacy and location privacy. The fast certification speed of the scheme and the low cost of the tag is in line with the high-speed certification requirement in the Internet of vehicles. In this thesis, the specific application scenarios of the proposed RFID authentication scheme in the IoV is also discussed.

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Mutaz Elradi S. Saeed,Qun-Ying Liu,Guiyun Tian,Bin Gao,Fagen Li

DOI: https://doi.org/10.1109/jiot.2018.2876133

IF: 10.6

2018-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) is a new technology which offers enormous applications that make people's lives more convenient and enhances cities' development. In particular, smart healthcare applications in IoT have been receiving increasing attention for industrial and academic research. However, due to the sensitiveness of medical information, security and privacy issues in IoT healthcare systems are very important. Designing an efficient secure scheme with less computation time and energy consumption is a critical challenge in IoT healthcare systems. In this paper, a lightweight online/offline certificateless signature (L-OOCLS) is proposed, then a heterogeneous remote anonymous authentication protocol (HRAAP) is designed to enable remote wireless body area networks (WBANs) users to anonymously enjoy healthcare service based on the IoT applications. The proposed L-OOCLS scheme is proven secure in random oracle model and the proposed HRAAP can resist various types of attacks. Compared with the existing relevant schemes, the proposed HRAAP achieves less computation overhead as well as less power consumption on WBANs client. In addition, to nicely meet the application in the IoT, an application scenario is given.

Yang Yang,Xianghan Zheng,Chunming Tang

DOI: https://doi.org/10.1016/j.jnca.2016.11.017

IF: 7.574

2017-07-01

Journal of Network and Computer Applications

Abstract:Internet of Things (IoT) connects various kinds of sensors and smart devices using the internet to collect data. The adoption of IoT in medical care field will bring great convenient to both doctors and patients for effective illness monitoring and diagnosis. Due to the high value of medical data and the openness character of health IoT, the protection of data confidentiality is of crucial importance. In this paper, we propose a novel distributed secure data management with keyword search system for health IoT. Since the patients are usually managed by diverse medical institutions, the proposed system enables distributed access control of protected health information (PHI) among different medical domains. On the other hand, the accumulation of electronic health records (EHR) makes effective data retrieval a challenge task. Our scheme could provide efficient keyword search function on cross-domain PHI. For the resource limited devices in health IoT, it is an essential requirement to design lightweight algorithms in the secure data management system. The proposed system realizes lightweight data encryption, lightweight keyword trapdoor generation and lightweight data recovery, which leaves very few computations to user&#x27;s terminal. The security of this system is reduced to the decisional bilinear Diffie-Hellman (DBDH) assumption. The comparison analysis is made between this scheme and other existing systems. The extensive experiments on both laptop and smart phone platforms show that the proposed scheme has greatly improved the computation efficiency and requires much less communication cost.

computer science, interdisciplinary applications, software engineering, hardware & architecture

Xi Luo,Lihua Yin,Chao Li,Chonghua Wang,Fuyang Fang,Chunsheng Zhu,Zhihong Tian

DOI: https://doi.org/10.1109/access.2020.2978525

IF: 3.9

2020-01-01

IEEE Access

Abstract:While Internet-of-Things (IoT) significantly facilitates the convenience of people's daily life, the lack of security practice raises the risk of privacy-sensitive user data leakage. Securing data transmission among IoT devices is therefore a critical capability of IoT environments such as Intelligent Connected Vehicles, Smart Home, Intelligent City and so forth. However, cryptographic communication scheme is challenged by the limited resource of low-cost IoT devices, even negligible extra CPU usage of battery-powered sensors would result in dramatical decrease of the battery life. In this paper, to minimize the resource consumption, we propose a communication protocol involving only the symmetric key-based scheme, which provides ultra-lightweight yet effective encryptions to protect the data transmissions. Symmetric keys generated in this protocol are delegated based on a chaotic system, i.e., Logistic Map, to resist against the key reset and device capture attacks. We semantically model such protocol and analyze the security properties. Moreover, the resource consumption is also evaluated to guarantee runtime efficacy.