SAKE: scalable authenticated key exchange for mobile e-health networks

Mobile e-Health Network MHN is an emerging cloud-aided networking application across the entire range of functions involved in e-Health systems. It is important to establish secure channels between users because the data transmitted in MHNs are private, for example, personal electronic healthcare records. It is of great significance to employ key management mechanism and encrypt the data before transmitting in MHNs. However, secure key management is challenging in MHNs because of its highly dynamic and large-scale nature. In this paper, we first model MHNs and formalize a hierarchical network architecture mirroring the administrative hierarchy and dynamic autonomy in MHNs in the real world. We next present a virtual MHN architecture with only three levels yet suitable to realistic MHNs with arbitrary hierarchical levels. By exploiting the virtual architecture, we propose an efficient authenticated key exchange framework to secure MHNs. We realize a scalable authenticated key exchange scheme with a dedicated variant of a recent hierarchical identity-based signature and the well-known Diffie-Hellman key exchange protocol. Theoretical analyses and experimental results show that scalable authenticated key exchange is secure and scalable and hence is practical to secure MHNs. Copyright © 2015 John Wiley & Sons, Ltd.

[1]  Hamid Sharif,et al.  Secure Stochastic ECG Signals Based on Gaussian Mixture Model for $e$-Healthcare Systems , 2011, IEEE Systems Journal.

[2]  Sheng Zhong,et al.  Body sensor network security: an identity-based cryptography approach , 2008, WiSec '08.

[3]  Willy Susilo,et al.  Securing electronic health records with broadcast encryption schemes , 2006, Int. J. Electron. Heal..

[4]  Wei-Bin Lee,et al.  A round- and computation-efficient three-party authenticated key exchange protocol , 2008, J. Syst. Softw..

[5]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[6]  Yuguang Fang,et al.  Cross-Domain Data Sharing in Distributed Electronic Health Record Systems , 2010, IEEE Transactions on Parallel and Distributed Systems.

[7]  Mooi Choo Chuah,et al.  Social closeness based clone attack detection for mobile healthcare system , 2012, 2012 IEEE 9th International Conference on Mobile Ad-Hoc and Sensor Systems (MASS 2012).

[8]  Romano Fantacci,et al.  Body Area Networking: Technology and Applications , 2009, IEEE J. Sel. Areas Commun..

[9]  Carmen C. Y. Poon,et al.  A novel biometrics method to secure wireless body area sensor networks for telemedicine and m-health , 2006, IEEE Communications Magazine.

[10]  Dan Wang,et al.  High Quality Sensor Placement for SHM Systems: Refocusing on Application Demands , 2010, 2010 Proceedings IEEE INFOCOM.

[11]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[12]  Guomin Yang,et al.  A robust smart card-based anonymous user authentication protocol for wireless communications , 2014, Secur. Commun. Networks.

[13]  Ruzena Bajcsy,et al.  Robust Medical Data Delivery for Wireless Pervasive Healthcare , 2009, 2009 Eighth IEEE International Conference on Dependable, Autonomic and Secure Computing.

[14]  Josep Domingo-Ferrer,et al.  Bridging Broadcast Encryption and Group Key Agreement , 2011, ASIACRYPT.

[15]  Cem Ersoy,et al.  Wireless sensor networks for healthcare: A survey , 2010, Comput. Networks.

[16]  K.K. Venkatasubramanian,et al.  Plethysmogram-based secure inter-sensor communication in Body Area Networks , 2008, MILCOM 2008 - 2008 IEEE Military Communications Conference.

[17]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[18]  Yuguang Fang,et al.  PAAS: A Privacy-Preserving Attribute-Based Authentication System for eHealth Networks , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.

[19]  Ming Li,et al.  Authorized Private Keyword Search over Encrypted Data in Cloud Computing , 2011, 2011 31st International Conference on Distributed Computing Systems.

[20]  Min Zhao,et al.  Exploring Region of Interest (ROI) to Support Quality of Service in Unreliable Wireless Electronic Healthcare Communications , 2012, Int. J. Heal. Inf. Syst. Informatics.

[21]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[22]  Xiaodong Lin,et al.  Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems , 2009, IEEE Journal on Selected Areas in Communications.

[23]  Zhoujun Li,et al.  New construction of affiliation-hiding authenticated group key agreement , 2013, Secur. Commun. Networks.

[24]  Chenyang Lu,et al.  Cyber-Physical Codesign of Distributed Structural Health Monitoring with Wireless Sensor Networks , 2014, IEEE Trans. Parallel Distributed Syst..

[25]  Ye Li,et al.  Biometrics based novel key distribution solution for body sensor networks , 2009, 2009 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[26]  Yuan-Ting Zhang,et al.  A Novel Biometrics Based Security Solution for Body Sensor Networks , 2009, 2009 2nd International Conference on Biomedical Engineering and Informatics.

[27]  Sheng Zhong,et al.  Emergency Access Authorization for Personally Controlled Online Health Care Data , 2012, Journal of Medical Systems.

[28]  Reihaneh Safavi-Naini,et al.  Privacy preserving EHR system using attribute-based infrastructure , 2010, CCSW '10.

[29]  Naixue Xiong,et al.  Comparative analysis of quality of service and memory usage for adaptive failure detectors in healthcare systems , 2009, IEEE Journal on Selected Areas in Communications.

[30]  Ahmad-Reza Sadeghi,et al.  Securing the e-health cloud , 2010, IHI.

[31]  Xiaohui Liang,et al.  ESPAC: Enabling Security and Patient-centric Access Control for eHealth in cloud computing , 2011, Int. J. Secur. Networks.

[32]  Yuguang Fang,et al.  HCPP: Cryptography Based Secure EHR System for Patient Privacy and Emergency Healthcare , 2011, 2011 31st International Conference on Distributed Computing Systems.

[33]  Xiaohui Liang,et al.  HealthShare: Achieving secure and privacy-preserving health information sharing through health social networks , 2012, Comput. Commun..

[34]  Xiaohui Liang,et al.  A Secure Handshake Scheme with Symptoms-Matching for mHealthcare Social Network , 2011, Mob. Networks Appl..

[35]  Xin Yang,et al.  cTrust: Trust Aggregation in Cyclic Mobile Ad Hoc Networks , 2010, Euro-Par.

[36]  Xiaohui Liang Privacy-preserving Wireless Data Transmission for e-Healthcare Applications , 2011 .

[37]  Naixue Xiong,et al.  Comparative Analysis of Quality of Service and Memory Usage for Adaptive Failure Detectors in Healthcare Systems Naixue Xiong, MIEEE, Athanasios V. Vasilakos, MIEEE, Laurence T. Yang, MIEEE, Lingyang Song, MIEEE, Yi Pan, SMIEEE, Rajgopal Kannan, MIEEE, and Yingshu Li, MIEEE , 2009 .

[38]  R.T.Subhalakshmi,et al.  Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute-Based Encryption , 2016 .

[39]  Josep Domingo-Ferrer,et al.  Fast transmission to remote cooperative groups: A new key management paradigm , 2013, IEEE/ACM Transactions on Networking.

[40]  Yuguang Fang,et al.  Privacy and emergency response in e-healthcare leveraging wireless body sensor networks , 2010, IEEE Wireless Communications.

[41]  Dawu Gu,et al.  Security analysis and enhancement for three-party password-based authenticated key exchange protocol , 2012, Secur. Commun. Networks.

[42]  Bruce R. Schatz,et al.  Research challenges in measuring data for population health to enable predictive modeling for improving healthcare , 2012, SIGHIT Rec..

[43]  W. Lou,et al.  Authorized Private Keyword Search over Encrypted Personal Health Records in Cloud Computing , 2010 .

[44]  Kaushik R. Chowdhury,et al.  Transforming healthcare and medical telemetry through cognitive radio networks , 2012, IEEE Wireless Communications.

[45]  Yi Mu,et al.  A secure mobility support scheme for 6LoWPAN wireless sensor networks , 2014, Secur. Commun. Networks.

[46]  Hossam S. Hassanein,et al.  Ubiquitous Health Monitoring Using Mobile Web Services , 2012, ANT/MobiWIS.

[47]  Pan Hui,et al.  vNurse: Using virtualisation on mobile phones for remote health monitoring , 2011, 2011 IEEE 13th International Conference on e-Health Networking, Applications and Services.