An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare

Wireless sensor networks (WSNs) will play an active role in the 21th Century Healthcare IT to reduce the healthcare cost and improve the quality of care. The protection of data confidentiality and patient privacy are the most critical requirements for the ubiquitous use of WSNs in healthcare environments. This requires a secure and lightweight user authentication and access control. Symmetric key - based access control is not suitable for WSNs in healthcare due to dynamic network topology, mobility, and stringent resource constraints. In this paper, we propose a secure, lightweight public key - based security scheme, Mutual Authentication and Access Control based on Elliptic curve cryptography (MAACE). MAACE is a mutual authentication protocol where a healthcare professional can authenticate to an accessed node (a PDA or medical sensor) and vice versa. This is to ensure that medical data is not exposed to an unauthorized person. On the other hand, it ensures that medical data sent to healthcare professionals did not originate from a malicious node. MAACE is more scalable and requires less memory compared to symmetric key-based schemes. Furthermore, it is much more lightweight than other public key-based schemes. Security analysis and performance evaluation results are presented and compared to existing schemes to show advantages of the proposed scheme.

[1]  Frank Stajano,et al.  Towards a Security Policy for Ubiquitous Healthcare Systems (Position Paper) , 2006, ICUCT.

[2]  Yunghsiang Sam Han,et al.  A key predistribution scheme for sensor networks using deployment knowledge , 2006, IEEE Transactions on Dependable and Secure Computing.

[3]  R. Jafari,et al.  Platform Design for Health-Care Monitoring Applications , 2007, 2007 Joint Workshop on High Confidence Medical Devices, Software, and Systems and Medical Device Plug-and-Play Interoperability (HCMDSS-MDPnP 2007).

[4]  Heejo Lee,et al.  An Energy-Efficient Secure Routing and Key Management Scheme for Mobile Sinks in Wireless Sensor Networks Using Deployment Knowledge , 2008, Sensors.

[5]  R. Nanda,et al.  Comparison of maxillary and mandibular growth. , 2004, American journal of orthodontics and dentofacial orthopedics : official publication of the American Association of Orthodontists, its constituent societies, and the American Board of Orthodontics.

[6]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[7]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[8]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[9]  Theo Ungerer,et al.  SecSens - Security Architecture for Wireless Sensor Networks , 2009, 2009 Third International Conference on Sensor Technologies and Applications.

[10]  Joel J. P. C. Rodrigues,et al.  Improved robust user authentication scheme for wireless sensor networks , 2009, 2009 Fifth International Conference on Wireless Communication and Sensor Networks (WCSN).

[11]  Jesús Favela,et al.  Sensor Networks, Wearable Computing, and Healthcare Applications , 2007, IEEE Pervasive Computing.

[12]  Heejo Lee,et al.  An energy-efficient access control scheme for wireless sensor networks based on elliptic curve cryptography , 2009, Journal of Communications and Networks.

[13]  H. S. Ng,et al.  Security issues of wireless sensor networks in healthcare applications , 2006 .

[14]  Alex Biryukov,et al.  Cryptanalysis of SAFER++ , 2003, CRYPTO.

[15]  Julian M Goldman "Joint Workshop on High Confidence Medical Devices, Software, and Systems (HCMDSS) and Medical Device Plug-and-Play (MD PnP) Interoperability" , 2008 .

[16]  Sungyoung Lee,et al.  Public key cryptography-based security scheme for wireless sensor networks in healthcare , 2010, ICUIMC '10.

[17]  Hans Eberle,et al.  Comparing Elliptic Curve Cryptography and RSA on 8-bit CPUs , 2004, CHES.

[18]  David A. Wagner,et al.  TinySec: a link layer security architecture for wireless sensor networks , 2004, SenSys '04.

[19]  Azzedine Boukerche,et al.  A secure mobile healthcare system using trust-based multicast scheme , 2009, IEEE Journal on Selected Areas in Communications.

[20]  Matt Welsh,et al.  Sensor networks for emergency response: challenges and opportunities , 2004, IEEE Pervasive Computing.

[21]  Dong-Ho Kim,et al.  Mobile Collaboration Framework for u-Healthcare Agent Services and Its Application Using PDAs , 2007, KES-AMSTA.

[22]  Boleslaw K. Szymanski,et al.  SENSE: A SENSOR NETWORK SIMULATOR , 2004 .

[23]  Andreas Zankl,et al.  Growth charts for nose length, nasal protrusion, and philtrum length from birth to 97 years. , 2002, American journal of medical genetics.

[24]  Y. M. Huang,et al.  Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks , 2009, IEEE Journal on Selected Areas in Communications.

[25]  S. K. Nanda,et al.  Differential growth of the female face in the anteroposterior dimension. , 1992, The Angle orthodontist.

[26]  Ramon Martí,et al.  Network and Application Security in Mobile e-Health Applications , 2004, ICOIN.

[27]  Kenneth P. Birman,et al.  Advances in Pervasive Computing and Networking , 2004 .

[28]  Howon Kim,et al.  Implementation of TinyHash based on Hash Algorithm for Sensor Network , 2007 .

[29]  Branko Kovacevic,et al.  Secure Mobile Health Systems: Principles and Solutions , 2006 .

[30]  Yuan-Ting Zhang,et al.  Physiological Signal Based Entity Authentication for Body Area Sensor Networks and Mobile Healthcare Systems , 2005, 2005 IEEE Engineering in Medicine and Biology 27th Annual Conference.

[31]  Rajiv Chakravorty,et al.  A programmable service architecture for mobile medical care , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[32]  Bo Sheng,et al.  Elliptic curve cryptography-based access control in sensor networks , 2006, Int. J. Secur. Networks.

[33]  R S Nanda,et al.  Growth changes in the nasal profile from 7 to 18 years of age. , 1988, American journal of orthodontics and dentofacial orthopedics : official publication of the American Association of Orthodontists, its constituent societies, and the American Board of Orthodontics.

[34]  Arjen K. Lenstra,et al.  On the Security of 1024-bit RSA and 160-bit Elliptic Curve Cryptography , 2009, IACR Cryptol. ePrint Arch..

[35]  Tibor Juhas The use of elliptic curves in cryptography , 2007 .

[36]  Heejo Lee,et al.  SCODE: A Secure Coordination-Based Data Dissemination to Mobile Sinks in Sensor Networks , 2009, IEICE Trans. Commun..