Yanyan Li,Mengjun Xie,Jiang Bian

DOI: https://doi.org/10.1109/EMBC.2014.6944620

2014-01-01

Abstract:Electronic consent becomes increasingly popular in the healthcare sector given the many benefits it provides. However, security concerns, e.g., how to verify the identity of a person who is remotely accessing the electronic consent system in a secure and user-friendly manner, also arise along with the popularity of electronic consent. Unfortunately, existing electronic consent systems do not pay sufficient attention to those issues. They mainly rely on conventional password based authentication to verify the identity of an electronic consent user, which is far from being sufficient given that identity theft threat is real and significant in reality. In this paper, we present a security enhanced electronic consent model called USign. USign enhances the identity protection and authentication for electronic consent systems by leveraging handwritten signatures everyone is familiar with and mobile computing technologies that are becoming ubiquitous. We developed a prototype of USign and conducted preliminary evaluation on accuracy and usability of signature verification. Our experimental results show the feasibility of the proposed model.

Y Lei,DR Chen,ZD Jiang

DOI: https://doi.org/10.1109/aina.2004.1283860

2004-01-01

Abstract:With the explosion of the mobile communication market, more and more handheld devices act as clients in the Internet. People use these devices to purchase books, play games, receive emails, etc. For protecting privacies, such applications should integrate digital signature schemes. Since handheld devices have poor computational capabilities and limited battery life, traditional computation intensive digital signature protocols that are based on asymmetric cryptographic algorithms are not suitable for mobile devices. In this paper we propose a Server Based Signature (SBS) scheme for mobile devices. Besides achieving the same security level of the traditional digital signature protocols, the SBS scheme also: 1) reduces the computation complexity on the mobile devices; 2) reduces the communication consumption between signer and verifier Application results show that our scheme is very useful for mobile communication systems.

Zhengxing Huang,Xudong Lu,Huilong Duan,Haomin Li

DOI: https://doi.org/10.1109/icbbe.2007.300

2007-01-01

Abstract:One of the key technologies in electronic medical record (EMR) is electronic signature which allows healthcare practitioners to sign off on electronic healthcare records. In order to implement electronic signature in clinical environment, two main factors should be considered: how to preserve the electronic signature data and the related contextual information in the EMR documents; how to introduce the tasks of EMR document electronic signature and validation into routing clinical workflow without disarranging well accepted working processes. This paper presents an enhanced CDA structure which extends HL7's CDA with the signature data presentation based on XML Digital Signature standard. In addition, the optimized workflow of clinical document with electronic signature has been designed. The enhanced CDA and related workflow has been used in the EMR system and implemented in the actual clinical environment. The result shows it can well solve the above problems and satisfy the applicable demands.

Yuanchao Shu,Yu Gu,Jiming Chen

DOI: https://doi.org/10.1109/MASS.2012.6502522

2012-01-01

Abstract:Access card authentication is critical and essential for many modern access control systems, which have been widely deployed in various government, commercial and residential environments. However, due to the static identification information exchange among the access cards and access control clients, it is very challenging to fight against access control system breaches due to reasons such as loss, stolen or unauthorized duplications of the access cards. Although advanced biometric authentication methods such as fingerprint and iris identification can further identify the user who is requesting authorization, they incur high system costs and access privileges can not be transferred among trusted users. In this work, we introduce a sensory-data-enhanced authentication for access control systems. By combining sensory-data obtained from onboard sensors on the access cards as well as the original encoded identification information, we are able to effectively tackle the problems such as access card loss and stolen. Our solution is backward-compatible with existing access control systems and significantly increases the key spaces for authentication. We theoretically demonstrate the potential key space increases with simple sensor data and empirically demonstrate simple rotations can increase key space by more than 30, 000 times with an authentication accuracy of 95%. We performed extensive simulations under various environment settings and implemented our design on WISP to experimentally verify the system performance.

Yuanchao Shu,Yu (Jason) Gu,Jiming Chen

DOI: https://doi.org/10.1109/tpds.2013.153

IF: 5.3

2014-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Access card authentication is critical and essential for many modern access control systems, which have been widely deployed in various government, commercial, and residential environments. However, due to the static identification information exchange among the access cards and access control clients, it is very challenging to fight against access control system breaches due to reasons such as loss, stolen or unauthorized duplications of the access cards. Although advanced biometric authentication methods such as fingerprint and iris identification can further identify the user who is requesting authorization, they incur high system costs and access privileges cannot be transferred among trusted users. In this work, we introduce a dynamic authentication with sensory information for the access control systems. By combining sensory information obtained from onboard sensors on the access cards as well as the original encoded identification information, we are able to effectively tackle the problems such as access card loss, stolen, and duplication. Our solution is backward-compatible with existing access control systems and significantly increases the key spaces for authentication. We theoretically demonstrate the potential key space increases with sensory information of different sensors and empirically demonstrate simple rotations can increase key space by more than 1,000,000 times with an authentication accuracy of 90 percent. We performed extensive simulations under various environment settings and implemented our design on WISP to experimentally verify the system performance.

Mengqi Chen,Jiawei Lin,Yongpan Zou,Kaishun Wu

DOI: https://doi.org/10.3390/s22239343

2022-11-30

Abstract:Handwritten signatures are widely used for identity authorization. However, verifying handwritten signatures is cumbersome in practice due to the dependency on extra drawing tools such as a digitizer, and because the false acceptance of a forged signature can cause damage to property. Therefore, exploring a way to balance the security and user experiment of handwritten signatures is critical. In this paper, we propose a handheld signature verification scheme called SilentSign, which leverages acoustic sensors (i.e., microphone and speaker) in mobile devices. Compared to the previous online signature verification system, it provides handy and safe paper-based signature verification services. The prime notion is to utilize the acoustic signals that are bounced back via a pen tip to depict a user's signing pattern. We designed the signal modulation stratagem carefully to guarantee high performance, developed a distance measurement algorithm based on phase shift, and trained a verification model. In comparison with the traditional signature verification scheme, SilentSign allows users to sign more conveniently as well as invisibly. To evaluate SilentSign in various settings, we conducted comprehensive experiments with 35 participants. Our results reveal that SilentSign can attain 98.2% AUC and 1.25% EER. We note that a shorter conference version of this paper was presented in Percom (2019). Our initial conference paper did not finish the complete experiment. This manuscript has been revised and provided additional experiments to the conference proceedings; for example, by including System Robustness, Computational Overhead, etc.

Mengjun Xie,Umit Topaloglu,Thomas Powell,Chao Peng,Jiang Bian

DOI: https://doi.org/10.1109/bibm.2013.6732600

2013-01-01

Abstract:Secure and convenient user identity management is particularly important to the success of EMR, EHR, and PHR systems. Unfortunately, widely-used identity management mechanisms that solely rely on username/password are inadequate to meet the strong security and privacy requirements for protecting sensitive user information and medical data. Two-factor authentication approaches that are more convenient and user friendly than existing solutions have been given top priority in the healthcare sector where the majority of healthcare practitioners and patients are not tech-savvy. In this paper, we present a smartphone-based identity management framework-SIM-to enhance the security and usability of user identity management in healthcare information systems. SIM leverages the popularity and computational power of smartphone. Within the SIM framework, a person employs a smartphone to centrally store and manage her identity credentials and authenticates herself to healthcare applications using two-factor authentication without typing any identity credentials. Moreover, SIM provides patients with a patient-controlled authorization mechanism to help patients manage the accesses to their PHRs in a secure and convenient manner. Using an existing EMR system-Arkansas Trauma Image Repository-as an example, we demonstrate that SIM can be applied to a real-world healthcare information system to enhance its protection of user credentials and sensitive information.

Run Zhao,Dong Wang,Qian Zhang,Xueyi Jin,Ke Liu

DOI: https://doi.org/10.1145/3488544

2021-01-01

Abstract:Handwritten signature verification techniques, which can facilitate user authentication and enable secure information exchange, are still important in property safety. However, on-line automatic handwritten signature verification usually requires dynamic handwritten patterns captured by a special device, such as a sensor-instrumented pen, a tablet or a smartwatch on the dominant hand. This paper presents SonarSign, an on-line handwritten signature verification system based on inaudible acoustic signals. The key insight is to use acoustic signals to capture the dynamic handwritten signature patterns for verification. Particularly, SonarSign exploits the built-in speakers and microphones of smartphones to transmit a specially designed training sequence and record the corresponding echo for channel impulse response (CIR) estimation, respectively. Based on the sensitivity of CIR to the tiny surrounding environment changes including handwritten signature actions, SonarSign designs an attentional multi-modal Siamese network for end-to-end signatures verification. First, multi-modal CIR streams are fused to extract representative signature pattern features from spatio-temporal dimensions. Then an attentional Siamese network is elaborated to verify whether the given two signatures are from the same signatory. Extensive experiments in real-world scenarios show that SonarSign can achieve accurate and robust signatures verification with an AUC (Area Under ROC (Receiver Operating Characteristic) Curve) of 98.02% and an EER (Equal Error Rate) of 5.79% for unseen users.

Yorick Last,Jorrit Geels,Hanna Schraffenberger

DOI: https://doi.org/10.1145/3613905.3650977

2024-10-09

Abstract:Documents are largely stored and shared digitally. Yet, digital documents are still commonly signed using (copies of) handwritten signatures, which are sensitive to fraud. Though secure, cryptography-based signature solutions exist, they are hardly used due to usability issues. This paper proposes to use digital identity wallets for securely and intuitively signing digital documents with verified personal data. Using expert feedback, we implemented this vision in an interactive prototype. The prototype was assessed in a moderated usability test (N = 15) and a subsequent unmoderated remote usability test (N = 99). While participants generally expressed satisfaction with the system, they also misunderstood how to interpret the signature information displayed by the prototype. Specifically, signed documents were also trusted when the document was signed with irrelevant personal data of the signer. We conclude that such unwarranted trust forms a threat to usable digital signatures and requires attention by the usable security community.

Human-Computer Interaction

Mengjun Xie,Yanyan Li,Kenji Yoshigoe,Remzi Seker,Jiang Bian

DOI: https://doi.org/10.1109/hase.2015.41

2015-01-01

Abstract:Frequent outbreak of password database leaks and server breaches in recent years manifests the aggravated security problems of web authentication using only password. Two-factor authentication, despite being more secure and strongly promoted, has not been widely applied to web authentication. Leveraging the unprecedented popularity of both personal mobile devices (e.g., Smartphones) and barcode scans through camera, we explore a new horizon in the design space of two-factor authentication. In this paper, we present CamAuth, a web authentication scheme that exploits pervasive mobile devices and digital cameras to counter various password attacks including man-in-the-middle and phishing attacks. In CamAuth, a mobile device is used as the second authentication factor to vouch for the identity of a use who is performing a web login from a PC. The device communicates directly with the PC through the secure visible light communication channels, which incurs no cellular cost and is immune to radio frequency attacks. CamAuth employs public-key cryptography to ensure the security of authentication process. We implemented a prototype system of CamAuth that consists of an Android application, a Chrome browser extension, and a Java-based web server. Our evaluation results indicate that CamAuth is a viable scheme for enhancing the security of web authentication.

Yonghua Zhan,Yang Yang,Bixia Yi,Renjie He,Rui Shi,Xianghan Zheng

DOI: https://doi.org/10.1016/j.comcom.2024.107935

IF: 5.047

2024-09-13

Computer Communications

Abstract:With the widespread use of mobile communication and smart devices in the medical field, mobile healthcare has gained significant attention due to its ability to overcome geographical limitations and provide more efficient and high-quality medical services. In mobile healthcare, various instruments and wearable device data are collected, encrypted, and uploaded to the cloud, accessible to medical professionals, researchers, and insurance companies, among others. However, ensuring the security and privacy of healthcare data in the context of mobile networks has been a highly challenging issue.Certificateless signature schemes allow patients to conceal their respective privacy information for different sharing needs. Nevertheless, existing mobile healthcare data protection solutions suffer from costly certificate management and the inability to restrict signature verifiers. This paper proposes a certificateless designated verifier sanitizable signature for mobile healthcare scenarios, aiming to enhance the security and privacy of mobile healthcare data. This scheme enables the sanitization of sensitive data without the need for certificate management and allows for the specification of signature verifiers. This ensures the confidentiality of medical data, protects patient privacy, and prevents unauthorized access to healthcare data.Through security analysis and experimental comparisons, it is demonstrated that the proposed scheme is both efficient and effectively ensures data security and user privacy. Therefore, it is well-suited for privacy protection in mobile healthcare data.

computer science, information systems,telecommunications,engineering, electrical & electronic

Saptarshi Purkayastha,Shreya Goyal,Bolu Oluwalade,Tyler Phillips,Huanmei Wu,Xukai Zou

DOI: https://doi.org/10.48550/arXiv.2102.11849

2021-02-23

Cryptography and Security

Abstract:We conducted a survey of 67 graduate students enrolled in the Privacy and Security in Healthcare course at Indiana University Purdue University Indianapolis. This was done to measure user preference and their understanding of usability and security of three different Electronic Health Records authentication methods: single authentication method (username and password), Single sign-on with Central Authentication Service (CAS) authentication method, and a bio-capsule facial authentication method. This research aims to explore the relationship between security and usability, and measure the effect of perceived security on usability in these three aforementioned authentication methods. We developed a formative-formative Partial Least Square Structural Equation Modeling (PLS-SEM) model to measure the relationship between the latent variables of Usability, and Security. The measurement model was developed using five observed variables (measures). - Efficiency and Effectiveness, Satisfaction, Preference, Concerns, and Confidence. The results obtained highlight the importance and impact of these measures on the latent variables and the relationship among the latent variables. From the PLS-SEM analysis, it was found that security has a positive impact on usability for Single sign-on and bio-capsule facial authentication methods. We conclude that the facial authentication method was the most secure and usable among the three authentication methods. Further, descriptive analysis was done to draw out the interesting findings from the survey regarding the observed variables.

Fernando Alonso-Fernandez,Julian Fierrez-Aguilar,Javier Ortega-Garcia,Joaquin Gonzalez-Rodriguez

DOI: https://doi.org/10.1109/MAES.2007.351725

2023-01-11

Abstract:Low-cost portable devices capable of capturing signature signals are being increasingly used. Additionally, the social and legal acceptance of the written signature for authentication purposes is opening a range of new applications. We describe a highly versatile and scalable prototype for Web-based secure access using signature verification. The proposed architecture can be easily extended to work with different kinds of sensors and large-scale databases. Several remarks are also given on security and privacy of network-based signature verification.

Cryptography and Security,Computer Vision and Pattern Recognition,Signal Processing

Mingda Han,Huanqi Yang,Tao Ni,Di Duan,Mengzhe Ruan,Yongliang Chen,Jia Zhang,Weitao Xu

DOI: https://doi.org/10.1145/3605945

2023-06-24

ACM Transactions on Sensor Networks

Abstract:Handwritten signature verification has become one of the most important document authentication methods that are widely used in the financial, legal, and administrative sectors. Compared to offline methods based on static signature images, online handwritten signature verification methods are more reliable because of the temporary dynamic information (e.g., signing velocity, writing force, stroke order) that alleviates the risk of being forged. However, most existing online handwritten signature verification solutions are reliant on specific signing devices (e.g., customized pens or writing pads) and require extensive data collection during the registration phase, resulting in poor adaptability and applicability for new users. In this paper, we propose mmSign, a millimeter wave (mmWave)-based online handwritten signature verification system, which enables accurate sensing of the user’s hand movements when signing through the superior sensing capability of mmWave. mmSign extracts the time-velocity feature maps from the captured mmWave signals by the carefully designed signal processing algorithms, and then exploits a transformer-based verification model for signature verification. In addition, a novel meta-learning strategy with proposed task generation and data augmentation methods is introduced in mmSign to teach the verification model to learn effectively with limited samples, allowing our model to quickly adapt to new users. Extensive experiments show that mmSign is a robust, efficient, and secure handwritten signature verification system, achieving 84.07%, 87.31%, 91.12%, and 96.54% verification accuracy when 1, 3, 5, and 10 labeled signatures are available, respectively, while being resistant to common forgery attacks.

computer science, information systems,telecommunications

Tzu-Wei Lin,Chien-Lung Hsu,Tuan-Vinh Le,Chung-Fu Lu,Bo-Yu Huang

DOI: https://doi.org/10.3390/s21082880

IF: 3.9

2021-04-20

Sensors

Abstract:Healthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users’ health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a multi-functional remote medical service that can help patients in bed in long-distance communication environments. As telemedicine systems work in public networks, privacy preservation issue of sensitive and private transmitted information is important. One of the means of proving a user’s identity are user-controlled single sign-on (UCSSO) authentication scheme, which can establish a secure communication channel using authenticated session keys between the users and servers of telemedicine systems, without threats of eavesdropping, impersonation, etc., and allow patients access to multiple telemedicine services with a pair of identity and password. In this paper, we proposed a smartcard-based user-controlled single sign-on (SC-UCSSO) for telemedicine systems that not only remains above merits but achieves privacy preservation and enhances security and performance compared to previous schemes that were proved with BAN logic and automated validation of internet security protocols and applications (AVISPA).

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Haotian Chi,Longfei Wu,Xiaojiang Du,Qiang Zeng,Paul Ratazzi

DOI: https://doi.org/10.1109/cns.2018.8433213

2018-05-01

Abstract:To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient’s IMD and a doctor’s programmer is vulnerable since once the doctor’s programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients’ rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme.

By Zheng,Mx Mu,Xc Qian

2002-01-01

Abstract:Biometric authentication has become a popular research topic because feature forgery is a very difficult task. We describe a method for verification of on-line Chinese signatures using multi-state Hidden Markov Model(HMM). We obtain signals of pen position, speed and pressure through a digital tablet, and verify the authenticity of the signature using a multi-state Hidden Markov Model (HMM), performance of our signature verification system improves significantly. Our initial results are very promising: the current version has error rate of 6%.

P. Sarveswarasarma,T. Sathulakjan,V. J. V. Godfrey,Thanuja D. Ambegoda

2024-05-18

Abstract:This paper presents a novel approach to the digital signing of electronic documents through the use of a camera-based interaction system, single-finger tracking for sign recognition, and multi commands executing hand gestures. The proposed solution, referred to as "Air Signature," involves writing the signature in front of the camera, rather than relying on traditional methods such as mouse drawing or physically signing on paper and showing it to a web camera. The goal is to develop a state-of-the-art method for detecting and tracking gestures and objects in real-time. The proposed methods include applying existing gesture recognition and object tracking systems, improving accuracy through smoothing and line drawing, and maintaining continuity during fast finger movements. An evaluation of the fingertip detection, sketching, and overall signing process is performed to assess the effectiveness of the proposed solution. The secondary objective of this research is to develop a model that can effectively recognize the unique signature of a user. This type of signature can be verified by neural cores that analyze the movement, speed, and stroke pixels of the signing in real time. The neural cores use machine learning algorithms to match air signatures to the individual's stored signatures, providing a secure and efficient method of verification. Our proposed System does not require sensors or any hardware other than the camera.

Computer Vision and Pattern Recognition,Human-Computer Interaction

Shunrong Jiang,Xiaoyan Zhu

2017-01-01

Abstract:The emergence of social networks has not just changed how people communicate and share information with one another. It has the power to fundamentally change healthcare in ways that are just beginning to be discovered. The healthcare industry is changing with incredible speed, and one of the major contributors to this change is the dramatic upsurge in healthcare communication brought on by MHSNs .Mobile Healthcare Social Network can bring incredible value by segmenting, analyzing and curating online healthcare discussions to answer patients unique questions and needs. Despite the benefits afforded by MHSNs, there are many security and privacy issues. In this paper, we present a new framework for the handshake scheme in MHSNs, which is based on hierarchical identity-based encryption. The secure handshake scheme is an encryption mechanism (RSA), which can provide secure communication in MHSNs based on patients identity and symptoms, irrespective of the healthcare-center the patient belongs to. We then construct an efficient handshake scheme in the form of a mobile app which takes into account other important features which would play a crucial role before establishing communication channel amongst several patients. For example, using the proposed scheme, two patients registered with different healthcare centers can achieve mutual authentication based on the date and period when patients received diagnosis .Our next two factors of consideration would be patient’s age and gender and accordingly generation of session key will take place, which would result in secure handshake.

Zhenyang Guo,Jin Cao,Xiaomeng Bai,Ang Li,Ben Niu,Hui Li

DOI: https://doi.org/10.1109/jsen.2023.3315523

IF: 4.3

2023-01-01

IEEE Sensors Journal

Abstract:Information security and user comfort are the games that smartphone manufacturers have always had to face. The explicit authentication methods, including password, fingerprint recognition, and face recognition, have become the most popular ways to unlock smartphones. However, these methods also incur some troubles in users’ daily lives and even suffer from security problems like shoulder surfing attacks and password reuse attacks. Unlike the explicit authentication methods, the implicit authentication methods employ the user’s behavior, posture, etc., to confirm who the user is. The "Smart Lock (SL)," as a new implicit authentication introduced by the biggest smartphone system manufacturer, Google, has effectively increased user comfort while ensuring user information security. However, we found that the SL is not secure enough, where anyone wearing a smart device can be authenticated. In this paper, based on the "Trusted Devices (DEVICE)" approach in SL, we design a band with sensors commonly found on smart wearables and two authentication models to improve the security of SL scenarios. We use our designed band to collect data in order to evaluate our models. The experimental results show that our designed band is universal. Our authentication model for power-constrained devices such as wearables has 97.01% accuracy and a power overhead of 0.0195mAh per time. The designed authentication model for smartphones has an accuracy of 99.67% and power consumption of 0.83mAh per time. Therefore, our scheme can meet the implicit authentication for different security requirements in different scenarios.

engineering, electrical & electronic,instruments & instrumentation,physics, applied