Body Area Network Security: A Fuzzy Attribute-Based Signcryption Scheme

Body Area Networks (BANs) are expected to play a major role in the field of patient-health monitoring in the near future. While it is vital to support secure BAN access to address the obvious safety and privacy concerns, it is equally important to maintain the elasticity of such security measures. For example, elasticity is required to ensure that first-aid personnel have access to critical information stored in a BAN in emergent situations. The inherent tradeoff between security and elasticity calls for the design of novel security mechanisms for BANs. In this paper, we develop the Fuzzy Attribute-Based Signcryption (FABSC), a novel security mechanism that makes a proper tradeoff between security and elasticity. FABSC leverages fuzzy Attribute-based encryption to enable data encryption, access control, and digital signature for a patient's medical information in a BAN. It combines digital signatures and encryption, and provides confidentiality, authenticity, unforgeability, and collusion resistance. We theoretically prove that FABSC is efficient and feasible. We also analyze its security level in practical BANs.

[1]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[2]  Massoud Hadian Dehkordi,et al.  An efficient threshold verifiable multi-secret sharing , 2008, Comput. Stand. Interfaces.

[3]  Kevin Fu,et al.  Security and Privacy for Implantable Medical Devices , 2008, IEEE Pervasive Comput..

[4]  Jing-Feng Li,et al.  Secure Monitoring Scheme Based on Identity-Based Threshold Signcryption for Wireless Sensor Networks , 2008, 2008 4th International Conference on Wireless Communications, Networking and Mobile Computing.

[5]  Er-Ping Li,et al.  A Human Body Model for Efficient Numerical Characterization of UWB Signal Propagation in Wireless Body Area Networks , 2011, IEEE Transactions on Biomedical Engineering.

[6]  W. Maisel,et al.  Pacemaker and ICD generator malfunctions: analysis of Food and Drug Administration annual reports. , 2006, JAMA.

[7]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[8]  Julien Penders,et al.  Potential and challenges of body area networks for personal health , 2009, 2009 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[9]  Joonsang Baek,et al.  Efficient online/offline identity-based signature for wireless sensor network , 2010, International Journal of Information Security.

[10]  Gerardo Pelosi,et al.  Computing Tate Pairing on Smartcards , 2005 .

[11]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[12]  Fang Liu,et al.  iPAK: An In-Situ Pairwise Key Bootstrapping Scheme for Wireless Sensor Networks , 2007, IEEE Transactions on Parallel and Distributed Systems.

[13]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[14]  Vipul Gupta,et al.  Energy analysis of public-key cryptography for wireless sensor networks , 2005, Third IEEE International Conference on Pervasive Computing and Communications.

[15]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.

[16]  Xiuzhen Cheng,et al.  From Time Domain to Space Domain: Detecting Replica Attacks in Mobile Ad Hoc Networks , 2010, 2010 Proceedings IEEE INFOCOM.

[17]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[18]  Sheng Zhong,et al.  Body sensor network security: an identity-based cryptography approach , 2008, WiSec '08.

[19]  Fang Liu,et al.  SBK: A Self-Configuring Framework for Bootstrapping Keys in Sensor Networks , 2008, IEEE Transactions on Mobile Computing.

[20]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[21]  Kevin Fu,et al.  Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[22]  Fan Zhang,et al.  OPFKA: Secure and efficient Ordered-Physiological-Feature-based key agreement for wireless Body Area Networks , 2013, 2013 Proceedings IEEE INFOCOM.

[23]  K.K. Venkatasubramanian,et al.  EKG-based key agreement in Body Sensor Networks , 2008, IEEE INFOCOM Workshops 2008.

[24]  Fang Liu,et al.  Insider Attacker Detection in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[25]  K.K. Venkatasubramanian,et al.  Plethysmogram-based secure inter-sensor communication in Body Area Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[26]  Wenjing Lou,et al.  On Broadcast Authentication in Wireless Sensor Networks , 2006, IEEE Transactions on Wireless Communications.

[27]  Fang Liu,et al.  LKE: A Self-Configuring Scheme for Location-Aware Key Establishment in Wireless Sensor Networks , 2008, IEEE Transactions on Wireless Communications.

[28]  Xiaofeng Liao,et al.  Secret Image Sharing Based on Chaotic Map and Chinese Remainder Theorem , 2012, Int. J. Wavelets Multiresolution Inf. Process..

[29]  Wei Cheng,et al.  Routing for Information Leakage Reduction in Multi-channel Multi-hop Ad-Hoc Social Networks , 2012, WASA.

[30]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[31]  Sandeep K. S. Gupta,et al.  Research challenges in wireless networks of biomedical sensors , 2001, MobiCom '01.

[32]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2009, IEEE INFOCOM 2009.

[33]  Carmen C. Y. Poon,et al.  A review on body area networks security for healthcare , 2011 .

[34]  Kyung Sup Kwak,et al.  Security and Privacy Issues in Wireless Sensor Networks for Healthcare Applications , 2010, Journal of Medical Systems.

[35]  Seong Oun Hwang,et al.  An efficient identity-based broadcast signcryption scheme for wireless sensor networks , 2011, International Symposium on Wireless and Pervasive Computing.

[36]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[37]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[38]  Xiaofeng Liao,et al.  Verifiable multi-secret sharing based on LFSR sequences , 2012, Theor. Comput. Sci..

[39]  Josef Bernhard,et al.  Body Area Network BAN – a Key Infrastructure Element for Patient-Centered Medical Applications , 2002, Biomedizinische Technik. Biomedical engineering.

[40]  Martin Wattenberg,et al.  A fuzzy commitment scheme , 1999, CCS '99.

[41]  Sandeep K. S. Gupta,et al.  Biosec: a biometric based approach for securing communication in wireless networks of biosensors implanted in the human body , 2003, 2003 International Conference on Parallel Processing Workshops, 2003. Proceedings..

[42]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[43]  Azzedine Boukerche,et al.  Monitoring patients via a secure and mobile healthcare system , 2010, IEEE Wireless Communications.