E-SAS : Enhanced Secure Authentication System for Healthcare Applications using Wireless Medical Sensor Networks

One of the fields where wireless sensor networks are being widely applied is the area body sensor networks for healthcare applications. As healthcare applications manage private data of patients, the security becomes one of the most critical requirements to consider. In this aspect, there have been several researches delivering security mechanisms for healthcare services. However, Yoo analyzed several of those approaches and observed that they includes serious security flaws: the scheme proposed for Khan and Kumari presents vulnerabilities to data leakage, man in the middle attack, password guessing attack, and manages insecure keys, while Shin et al.’s scheme includes vulnerabilities to data leakage, password guessing attack, replay attack, and manages insecure keys. To overcome the mentioned security issues, this work proposes an enhanced secure user authentication system for health applications. The presented scheme solves the identified security flaws and excels in terms of performance and efficiency. Key-Words: Sensor network, healthcare service, user authentication, two factor authentication, wireless body area network, cryptanalysis, BAN logic, IoT.

[1]  Dongwon Jeong,et al.  Formal Verification of Bundle Authentication Mechanism in Osgi Service Platform: Ban Logic , 2006, Int. J. Softw. Eng. Knowl. Eng..

[2]  John Anderson,et al.  Wireless sensor networks for habitat monitoring , 2002, WSNA '02.

[3]  Matt Welsh,et al.  Fidelity and yield in a volcano monitoring sensor network , 2006, OSDI '06.

[4]  Juho Kim,et al.  A Security-Performance-Balanced User Authentication Scheme for Wireless Sensor Networks , 2012, Int. J. Distributed Sens. Networks.

[5]  Wenyao Xu,et al.  A Configurable Energy-Efficient Compressed Sensing Architecture With Its Application on Body Sensor Networks , 2016, IEEE Transactions on Industrial Informatics.

[6]  Muhammad Khurram Khan,et al.  An Improved User Authentication Protocol for Healthcare Services via Wireless Medical Sensor Networks , 2014, Int. J. Distributed Sens. Networks.

[7]  N. Xu A Survey of Sensor Network Applications , 2002 .

[8]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[9]  Juho Kim,et al.  Confidential information protection system for mobile devices , 2012, Secur. Commun. Networks.

[10]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[11]  Ya-ling Zhang,et al.  An Authentication Protocol for RFID Tag and Its Simulation , 2011, J. Networks.

[12]  Hyunsung Kim,et al.  Authentication Protocol for Healthcare Services over Wireless Body Area Networks , .

[13]  Aleksandar Milenkovic,et al.  System architecture of a wireless body area sensor network for ubiquitous health monitoring , 2005 .

[14]  Sang Guun Yoo,et al.  Cryptanalysis of Several Authentication Schemes for Healthcare Applications Using Wireless Medical Sensor Networks , 2016, ICNCC '16.

[15]  Juho Kim,et al.  SERA: a secure energy reliability aware data gathering for sensor networks , 2014, 2010 International Conference on Information Science and Applications.

[16]  Paul C. Kocher,et al.  Differential Power Analysis , 1999, CRYPTO.

[17]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[18]  Wei-Bin Lee,et al.  An efficient and secure multi-server authentication scheme with key agreement , 2012, J. Syst. Softw..

[19]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).