Sourav Kunal,Parth Gandhi,Digvijaysinh Rathod,Ruhul Amin,Sachin Sharma

DOI: https://doi.org/10.4103/jehp.jehp_984_23

2024-03-28

Abstract:Background: Ensuring the security and privacy of patient data is a critical concern in the healthcare industry. The growing utilization of electronic data transmission and storage in medical records has amplified apprehensions about data security. However, due to varying stakeholder interests, not all data can be freely shared, necessitating the development of secure protocols. Materials and methods: This study presents a highly secure protocol that integrates blockchain technology, patient biometric information, and robust cryptographic algorithms (elliptic curve cryptography (ECC) and advanced encryption algorithm (AEC)) to facilitate data encryption and decryption. The protocol encompasses secure login, secure key sharing, and data sharing mechanisms among miners, offering comprehensive security measures. To validate the effectiveness of the proposed protocol, both informal and formal security analyses are conducted. The security protocol description language in Scyther is utilized to evaluate the protocol's resilience against attacks. Results: The culmination of this research is a secure protocol that leverages blockchain technology and ECC for the secure storage and sharing of medical records. The protocol covers all stages, including system setup, user registration, login mechanisms, key exchange between users and blockchain, communication between blockchains, and interaction with other miners, with a steadfast emphasis on security. Furthermore, the protocol's communication and computation costs are assessed, with a comparison to existing blockchain-based schemes. Informal proofs establish the protocol's security against common attacks faced by medical institutions. Formal simulation of the protocol using the Scyther tool provides definitive evidence of its resistance to attacks. Conclusions: As a result, this protocol presents a viable real-time implementation solution for safeguarding patient data within the healthcare domain, representing a significant contribution to data security.

Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Yihao Hu,Chunguang Huang,Hai Cheng

DOI: https://doi.org/10.1016/j.comcom.2024.02.020

IF: 5.047

2024-02-28

Computer Communications

Abstract:Smart healthcare overcomes the limitations of time and space, allowing users to access medical and health services anywhere and anytime, thus improving the quality and efficiency of these services. However, due to its excessive reliance on wireless public networks, smart healthcare faces challenges and issues related to communication security. As a result, authentication and key agreement are critical as the first line of defense for smart healthcare communications. Over the past few years, numerous authentication and key agreement schemes have been proposed by experts and scholars, but most of these schemes are not applicable to practical scenarios due to their lack of security and efficiency. To address these issues, we propose an elliptic curve-based certificateless conditional privacy-preserving authentication and key agreement scheme. This scheme does not require endorsement from a Certificate Authority (CA) and features lightweight and secure properties, making it suitable for resource-limited smart healthcare communication. In addition, the security of the proposed scheme is proven under the random oracle model, and its safety is supplemented using BAN logic. Finally, performance analysis reveals that the proposed scheme not only satisfies security property and can withstand general attacks but also offers certain advantages in communication efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Priya, J. Chandra,Praveen, R.,Nivitha, K.,Sudhakar, T.

DOI: https://doi.org/10.1007/s12083-024-01716-9

IF: 3.488

2024-05-14

Peer-to-Peer Networking and Applications

Abstract:In the field of e-healthcare, smart medical sensors are responsible for consistently collecting, transmitting, and communicating real-time data to support immediate decision-making, both within and between healthcare organizations. Privacy-preserving authentication is required, even when the sensors roam between different networks. Existing authentication protocols rely on centralized authentication servers and pose a number of challenges, including a single point of failure, performance bottlenecks, scalability challenges, and privacy concerns. Hence, a secure mutual authentication mechanism using Blockchain is essential in preventing attacks. In this paper, an Improved Chain Code Blockchain-based Key Agreement Authentication Mechanism (CCBKAAM) using the merits of SM9-based Secure Threshold Ring Signature (SM9-STRS) is proposed for achieving privacy and security. This proposed mechanism uses multiple key generation-based cipher identification algorithms for parameter maintenance. The integrated threshold ring signature prevents the limitations of the single key generation scheme. It uses Chain Codes over the Ethereum network for constructing the blocks during the process of mutual user authentication with trust equity score-based Improved PBFT Voting protocol for reaching consensus during authentication. This authentication protocol adopted blockchain for the objective of storing the identities and associated parameters to support the entities under communication during the process of authentication. The formal and informal verification of the proposed CCBKAAM confirmed its potentiality in resisting most of the possible attacks the IoMT is vulnerable to. The communication and computation overhead during the implementation are determined to be significantly lowered by 32.19% and 28.94%, better than the compared baseline blockchain-based mutual authentication. The performance analysis proved that this proposed CCBKAAM scheme is also potent in minimizing the storage overhead up to maximized level of 35.42%.

computer science, information systems,telecommunications

Wenming Wang,Haiping Huang,Fu Xiao,Qi Li,Lingyan Xue,Jiansheng Jiang

DOI: https://doi.org/10.1016/j.sysarc.2021.102215

IF: 5.836

2021-09-01

Journal of Systems Architecture

Abstract:<p>Smart healthcare plays an important role in contemporary society while its security and privacy issues remain inevitable challenges. Authenticated key agreement (AKA) mechanism, as the foundation of secure communication, has been recognized as an important measure for solving this problem. Most existing AKA protocols utilize cloud-based centralized architecture, data privacy and security can be exposed easily once the centralized authority is attacked. In addition, most past solutions require the online registration center to assist mutual authentication and consume considerable amounts of resources. To address these drawbacks, a computation-transferable authenticated key agreement protocol without an online registration center for smart healthcare is designed. Specifically, the proposed protocol can realize mutual authentication and key agreement without the need for an online registration center, as well as being able to satisfy security and privacy protection requirements. By transferring partial computation tasks to the server, the proposed scheme incurs lower computation and communication overhead on the user side. Moreover, the proposed scheme adopts certificateless public key cryptography, which can solve the problems of certificate management and key escrow. Performance analysis indicates that the proposal reduces 9.9% of the computation overhead on the resource-limited terminal, which is suitable for low-power IoT applications, including smart healthcare.</p>

computer science, software engineering, hardware & architecture

Niranchana Radhakrishnan,Amutha Prabakar Muniyandi

DOI: https://doi.org/10.1155/2022/9273662

2022-02-14

Journal of Healthcare Engineering

Abstract:With the recent tremendous growth in technology, the Internet of Things (IoT) Telecare Medicine Information System (TMIS) is the most widely used medical information system with prominent achievements. Authentication schemes, which use Smart cards, offer the best solution for TMIS applications that in turn provide efficiency and security. Furthermore, authentication schemes that combine passwords and smart cards are considered to be an effective solution for the two-factor authentication scheme. Such schemes contribute to high security along with the public-key cryptosystem. In this research work, a two-factor authentication technique that is both efficient and secure, which makes use of Elliptic Curve Cryptography (ECC) with smart cards, has been proposed. Here, we have used the fundamental assumptions of strong and collision free cryptographic Hash function and Elliptic Curve arithmetic. The proposed authentication technique protects user privacy by allowing registered users to change their passwords without revealing their identity to the server. The proposed authentication scheme has been subjected to formal and informal security investigations. In terms of efficiency and performance, the proposed two-factor authentication technique was compared with the existing relevant two-factor authentication schemes based on ECC. This scheme satisfies the two-factor authentication scheme’s basic security standards.

health care sciences & services

Chandini, A. G.

DOI: https://doi.org/10.1007/s12652-023-04526-8

IF: 3.662

2023-02-26

Journal of Ambient Intelligence and Humanized Computing

Abstract:The last few years have witnessed exponential rise in online digital data for real-time communication, storage, and query-driven processing. It has broadened the horizon for decentralized and ad-hoc digital data used for swift decision making. Nowadays, Electronic healthcare (e-Healthcare) is one of the most demanding industries for telemedicine and Electronic Healthcare Record (EHR) communication purposes. However, ensuring data-security over uncertain channels has remained challenge. To alleviate data-security challenges and enable preserved and immutable data exchange, blockchain technology has been found potential. Despite such significances, most of the existing EHR -oriented blockchain frameworks are developed permissionless with hospital as central unit with almost all access rights. This as a result has demotivated patients due to private data breaches and fake-insurance claims. Considering this limitation developing a patient-centric secure blockchain framework was inevitable. Recently, securing EHR data is a hot research topic and the existing works used varied schemes to enhance the security and privacy of EHR with minimum cost. But the existing studies faces several critical issues like computational complexity, higher processing time, data leakage, sensitive to different attacks, scalability problem etc. The aforementioned issues in the existing studies leads the system as reduced confidentiality and data insecurity. Thus, to overcome such issues, this paper proposes a highly robust pre-transaction signature verification assisted patient-centric multi-stakeholder blockchain model. The proposed blockchain framework focused on multi-stakeholder scalability as well as interoperability aspects while guaranteeing attack-resilience. It was designed over Ethereum armored with blockchain manager (BCM) and smart contract components, where cloud-based interplanetary file system was developed to support decentralized data-storage. It employed a gateway component to perform user's signature verification to thwart away intruders. Once verifying the signature, BCM triggers user's request to the smart contract that verifies user details and allied role, right and access (RRA) policies. In sync with RRA policies for the requesting node, BCM allows user (patients and doctors) to perform data upload, view and sharing. To share the patient data, the proposed method triggers a signature request phase in which the doctor requests intended patient for signature and receiving the signature-acknowledgement it performs unabstracted data view and sharing and alleviates any probability of single-point-failure. The proposed blockchain framework provides a unified solution with improved flexibility, availability, decentralized access, identity management, user authentication, patient centric permissioned control and data security that makes it suitable for real-time purposes.

computer science, information systems,telecommunications, artificial intelligence

Irshad Ahmed Abbasi,Saeed Ullah Jan,Abdulrahman Saad Alqahtani,Adnan Shahid Khan,Fahad Algarni

DOI: https://doi.org/10.1371/journal.pone.0294429

IF: 3.7

2024-01-31

PLoS ONE

Abstract:Cloud computing is vital in various applications, such as healthcare, transportation, governance, and mobile computing. When using a public cloud server, it is mandatory to be secured from all known threats because a minor attacker's disturbance severely threatens the whole system. A public cloud server is posed with numerous threats; an adversary can easily enter the server to access sensitive information, especially for the healthcare industry, which offers services to patients, researchers, labs, and hospitals in a flexible way with minimal operational costs. It is challenging to make it a reliable system and ensure the privacy and security of a cloud-enabled healthcare system. In this regard, numerous security mechanisms have been proposed in past decades. These protocols either suffer from replay attacks, are completed in three to four round trips or have maximum computation, which means the security doesn't balance with performance. Thus, this work uses a fuzzy extractor method to propose a robust security method for a cloud-enabled healthcare system based on Elliptic Curve Cryptography (ECC). The proposed scheme's security analysis has been examined formally with BAN logic, ROM and ProVerif and informally using pragmatic illustration and different attacks' discussions. The proposed security mechanism is analyzed in terms of communication and computation costs. Upon comparing the proposed protocol with prior work, it has been demonstrated that our scheme is 33.91% better in communication costs and 35.39% superior to its competitors in computation costs.

multidisciplinary sciences

S. Satheesh Kumar,Manjula Sanjay Koti

DOI: https://doi.org/10.1007/s13721-021-00329-z

2021-08-12

Network Modeling Analysis in Health Informatics and Bioinformatics

Abstract:In recent decades, broad range of Internet of Things (IoT) technologies are deployed such as machine to machine communication, Internet Technologies (IT), robots, smart devices, and wireless sensor networks. IoT is a spectacular technology in the modern world of IT in which the objects can do data transmission and connect using the intranet or internet networks. Data security and privacy is one of the top most challenging issue where several researchers are showing interest that to especially in healthcare domain. For this reason, a hybrid combination of Elliptic Curve Digital Signature Algorithm (ECDSA), Rivest Cipher 4 (RC4), and Secure Hash Algorithm (SHA-256) is proposed for protecting the reliable data which is transmitted from the IoT based healthcare systems. In the proposed model, the ECDSA is used for improving the RC4 in which the encryption of key is processed by ECDSA for performing the XOR operation in RC4. Furthermore, the security is ensured by transforming the incoming data using the SHA-256 technique. Experimental results show that the proposed model outperforms for 10 MB of data in terms of encryption time that obtained as 631 ms, decryption time is 616 ms, and throughput obtained by the proposed models is 11.71 MB/ms when compared with other existing techniques such as ECC+3DES+SHA-256, RC4+AES+SHA-256, and ECC+RC2+SHA-256.

Iman Ebrahimi,Morteza Nikooghadam

DOI: https://doi.org/10.1007/s11042-024-19330-5

IF: 2.577

2024-05-08

Multimedia Tools and Applications

Abstract:E-healthcare has significantly improved healthcare services and overall health by utilizing digital technologies such as the internet, computers, and mobile devices. However, secure communication channels play a critical role in ensuring the safety and confidentiality of patients' information. Consequently, several user authentication and key agreement protocols have been developed to address this issue. Although numerous proposed protocols are robust against security attacks, researchers have reported vulnerabilities. In this study, we evaluate one such protocol and identify vulnerabilities to insider attacks, server impersonation attacks, and replay attacks. To address these vulnerabilities, we propose a two-factor mutual authentication and key agreement scheme that offers a secure, efficient, and effective solution with low computation cost, enhanced security, and superior performance against diverse security attacks. Our proposed technique guarantees the integrity, confidentiality, and availability of patient information while ensuring the authenticity of users during communication. We conducted thorough comparisons focusing on the practical implementation of ARM microcontrollers to assess computation efficiency. The total estimated execution time of our proposed scheme for registration and authentication phases is approximately 975.8 μs, which is the shortest among all related works. This finding illustrates that our proposed scheme is well-suited for applications in e-health, telemedicine, and healthcare systems.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Zahid Mehmood,Anwar Ghani,Gongliang Chen,Ahmed S. Alghamdi

DOI: https://doi.org/10.1109/ACCESS.2019.2935313

IF: 3.9

2019-01-01

IEEE Access

Abstract:The use of modern technology for the Goodwell of human beings especially in medical science is a hot research area. Telecare Medicine Information System (TMIS) is very popular in health care services in developed countries where a physician can remotely get patients related information. The security of such information is very critical as its misuse can have adverse effects on the patients' life. The information transmitted over a public channel is protected using authentication protocols. For this purpose, various biometrics-based authentication protocols including Omid et al.'s protocol have been proposed. However, in this article, it has been analyzed that Omid et al.'s protocol is susceptible to user impersonation attack and also fails to protect user identity. Hence, to remedy the problems an improved mechanism is needed to secure the three-factor authentication framework for the practical application. Therefore, a robust and efficient biometrics-based authentication and key agreement protocols for E-Health Services has been proposed. Further, it has been shown through formal and informal analysis that the proposed scheme is provably secure.

Trupil Limbasiya,Sanjay K. Sahay,Bharath Sridharan

DOI: https://doi.org/10.48550/arXiv.2110.09654

2021-10-13

Cryptography and Security

Abstract:The usage of different technologies and smart devices helps people to get medical services remotely for multiple benefits. Thus, critical and sensitive data is exchanged between a user and a doctor. When health data is transmitted over a common channel, it becomes essential to preserve various privacy and security properties in the system. Further, the number of users for remote services is increasing day-by-day exponentially, and thus, it is not adequate to deal with all users using the one server due to the verification overhead, server failure, and scalability issues. Thus, researchers proposed various authentication protocols for multi-server architecture, but most of them are vulnerable to different security attacks and require high computational resources during the implementation. To Tackle privacy and security issues using less computational resources, we propose a privacy-preserving mutual authentication and key agreement protocol for a multi-server healthcare system. We discuss the proposed scheme's security analysis and performance results to understand its security strengths and the computational resource requirement, respectively. Further, we do the comparison of security and performance results with recent relevant authentication protocols.

Chen Yulei,Chen Jianhua

DOI: https://doi.org/10.1007/s12083-021-01260-w

IF: 3.488

2021-01-01

Peer-to-Peer Networking and Applications

Abstract:Telecare medicine information system (TMIS) is developing rapidly and widely used with the support of computer, communication and other advanced technologies. It can ensure the health of residents, improve the shortage of medical resources, and has broad development prospects. To protect the privacy and life safety of patients, and prevent sensitive medical data from being accessed or even tampered by unauthorized parties, identity authentication protocol is widely applied in TMIS. In this paper, we propose an anonymous authentication and key agreement scheme using elliptic curve cryptography (ECC), which uses temporary identities to protect the privacy of patients. We use the well-known formal method under the random oracle (RO) model to prove the security of the scheme, and use the traditional heuristic discussion to prove that our scheme can resist all kinds of known attacks. Additionally, the results of security and performance analysis show that our scheme has less computation complexity and communication overhead, and can be well applied to the telecare medicine information system.

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Abhay Kumar Agrahari,Shirshu Varma

DOI: https://doi.org/10.1007/s12083-020-01069-z

2021-03-05

Abstract:Radio Frequency Identification (RFID) is an emerging technology that is used for the unique identification of objects. RFID can be used in different application domains, including Health-care systems, where the safety of patient-sensitive data is a primary concern. Since the RFID technology is used in various medicine sectors, particularly real-time patient monitoring, patient medicine Information, medical emergency, and drug administration system, the use of RFID raises severe security and privacy concerns. In order to cope with these security issues, we propose an Elliptic curve based authentication protocol for RFID. The proposed model uses an implicit certificate concept to secure health-care data. We prove this claim for secure communication using the formal security analysis, i.e., BAN logic, security analysis based on the mathematical model, i.e., ROR model, formal verification using AVISPA tool, and informal security analysis. We review some of the RFID authentication schemes based on ECC in terms of performance and security. Our analysis indicates that the proposed protocol provides mobility, scalability, security, and privacy in the health care environment.

computer science, information systems,telecommunications

Ajay Kumar,Kumar Abhishek,Surbhi Bhatia Khan,Saeed Alzahrani,Mohammed Alojail

DOI: https://doi.org/10.3390/math12193067

IF: 2.4

2024-09-30

Mathematics

Abstract:Healthcare 4.0 is considered the most promising technology for gathering data from humans and strongly couples with a communication system for precise clinical and diagnosis performance. Though sensor-driven devices have largely made our everyday lives easier, these technologies have been suffering from various security challenges. Because of data breaches and privacy issues, this heightens the demand for a comprehensive healthcare solution. Since most healthcare data are sensitive and valuable and transferred mostly via the Internet, the safety and confidentiality of patient data remain an important concern. To face the security challenges in Healthcare 4.0, Web 3.0 and blockchain technology have been increasingly deployed to resolve the security breaches due to their immutability and decentralized properties. In this research article, a Web 3.0 ensemble hybrid chaotic blockchain framework is proposed for effective and secure authentication in the Healthcare 4.0 industry. The proposed framework uses the Infura Web API, Web 3.0, hybrid chaotic keys, Ganache interfaces, and MongoDB. To allow for more secure authentication, an ensemble of scroll and Henon maps is deployed to formulate the high dynamic hashes during the formation of genesis blocks, and all of the data are backed in the proposed model. The complete framework was tested in Ethereum blockchain using Web 3.0, in which Python 3.19 is used as the major programming tool for developing the different interfaces. Formal analysis is carried out with Burrows–Abadi–Needham Logic (BAN) to assess the cybersecurity reliability of the suggested framework, and NIST standard tests are used for a thorough review. Furthermore, the robustness of the proposed blockchain is also measured and compared with the other secured blockchain frameworks. Experimental results demonstrate that the proposed model exhibited more defensive characteristics against multiple attacks and outperformed the other models in terms of complexity and robustness. Finally, the paper gives a panoramic view of integrating Web 3.0 with the blockchain and the inevitable directions of a secured authentication framework for Healthcare 4.0.

mathematics

Ali Shahzad,Wenyu Chen,Momina Shaheen,Yin Zhang,Faizan Ahmad

DOI: https://doi.org/10.1371/journal.pone.0307039

IF: 3.7

2024-09-23

PLoS ONE

Abstract:In modern healthcare, providers increasingly use cloud services to store and share electronic medical records. However, traditional cloud hosting, which depends on intermediaries, poses risks to privacy and security, including inadequate control over access, data auditing, and tracking data origins. Additionally, current schemes face significant limitations such as scalability concerns, high computational overhead, practical implementation challenges, and issues with interoperability and data standardization. Unauthorized data access by cloud providers further exacerbates these concerns. Blockchain technology, known for its secure and decentralized nature, offers a solution by enabling secure data auditing in sharing systems. This research integrates blockchain into healthcare for efficient record management. We proposed a blockchain-based method for secure EHR management and integrated Ciphertext-Policy Attribute-Based Encryption (CP-ABE) for fine-grained access control. The proposed algorithm combines blockchain and smart contracts with a cloud-based healthcare Service Management System (SMS) to ensure secure and accessible EHRs. Smart contracts automate key management, encryption, and decryption processes, enhancing data security and integrity. The blockchain ledger authenticates data transactions, while the cloud provides scalability. The SMS manages access requests, enhancing resource allocation and response times. A dual authentication system confirms patient keys before granting data access, with failed attempts leading to access revocation and incident logging. Our analyses show that this algorithm significantly improves the security and efficiency of health data exchanges. By combining blockchain's decentralized structure with the cloud's scalability, this approach significantly improves EHR security protocols in modern healthcare setting.

Mikail Mohammed Salim,Laurence Tianruo Yang,Jong Hyuk Park

DOI: https://doi.org/10.1109/jbhi.2023.3338851

IF: 7.7

2023-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:Remote Patient Monitoring (RPM) using Electronic Healthcare (E-health) is a growing phenomenon enabling doctors predict patient health such as possible cardiac arrests from identified abnormal arrythmia. Remote Patient Monitoring enables healthcare staff to notify patients with preventive measures to avoid a medical emergency reducing patient stress. However weak authentication security protocols in IoT wearables such as pacemakers, enable cyberattacks to transmit corrupt data, preventing patients from receiving medical care. In this paper we focus on the security of wearable devices for reliable healthcare services and propose a Lightweight Key Agreement (LKA) based authentication scheme for securing Device-to-Device (D2D) communication. A Network Key Manager on the edge builds keys for each device for device validation. Device authentication requests are verified using certificates, reducing network communication costs. E-health empowered mobile devices are store authentication certificates for future seamless device validation. The LKA scheme is evaluated and compared with existing studies and exhibits reduced operation time for key generation operation costs and lower communication costs incurred during the execution of the device authentication protocol compared with other studies. The LKA scheme further exhibits reduced latency when compared with the three existing schemes due to reduced communication costs.

Hailong Yao,Qiao Yan,Xingbing Fu,Zhibin Zhang,Caihui Lan

DOI: https://doi.org/10.1007/s00500-021-06512-8

IF: 3.732

2021-11-26

Soft Computing

Abstract:The E-healthcare system has a complex architecture, diverse business types, and sensitive data security. To meet the secure communication and access control requirements in the user–medical server, user–patient, patient–medical server, and other scenarios in the E-healthcare system, secure and efficient authenticated key agreement and access authorization scheme need to be studied. However, the existing multi-server solutions do not consider the authentication requirements of the Wireless Body Area Network (WBAN) and are not suitable for user–patient, patient–medical server scenarios; most of the existing WBAN authentication schemes are single-server type, which are difficult to meet the requirements of multi-server applications, and the study of user–patient real-time scenarios has not received due attention. This work first reveals the structural flaws and security vulnerabilities of the existing typical schemes and then proposes an authentication and access control architecture suitable for multiple scenarios of the E-healthcare system with separate management and business and designs a novel ECC-based multi-factor remote authentication and access control scheme for E-healthcare using physically unclonable function (PUF) and hash. Security analysis and efficiency analysis show that the new scheme has achieved improved functionality and higher security while maintaining low computational and communication overhead.

computer science, artificial intelligence, interdisciplinary applications

Mishall Al-Zubaidie,Zhongwei Zhang,Ji Zhang

DOI: https://doi.org/10.48550/arXiv.1902.08686

2019-02-23

Abstract:Providing a mechanism to authenticate users in healthcare applications is an essential security requirement to prevent both external and internal attackers from penetrating patients' identities and revealing their health data. Many schemes have been developed to provide authentication mechanisms to ensure that only legitimate users are authorized to connect, but these schemes still suffer from vulnerable security. Various attacks expose patients' data for malicious tampering or destruction. Transferring health-related data and information between users and the health centre makes them exposed to penetration by adversaries as they may move through an insecure channel. In addition, previous mechanisms have suffered from the poor protection of users' authentication information. To ensure the protection of patients' information and data, we propose a scheme that authenticates users based on the information of both the device and the legitimate user. In this paper, we propose a Robust Authentication Model for Healthcare Users (RAMHU) that provides mutual authentication between server and clients. This model utilizes an Elliptic Curve Integrated Encryption Scheme (ECIES) and PHOTON to achieve strong security and a good overall performance. RAMHU relies on multi pseudonyms, physical address, and one-time password mechanisms to authenticate legitimate users. Moreover, extensive informal and formal security analysis with the automated validation of Internet security protocols and applications (AVISPA) tool demonstrates that our model offers a high level of security in repelling a wide variety of possible attacks.

Cryptography and Security