A secure and lightweight user authentication mechanism for wireless body area network

Wireless Body Area Network (WBAN) is an IoT-based healthcare system which enhances the medical services significantly by enabling remote monitoring of patients' health condition. As WBAN handles sensitive health data, the security and privacy issues should be resolved with upmost priority for the wide acceptance of WBAN. User authentication is used in WBAN to verify the identities of communicating parties and prevent unauthorized access to patients' data. Authentication needs to be performed between sensor nodes and patient's mobile devices and between mobile devices and the application provider. In literature, an end-to-end user authentication mechanism between sensor nodes and medical experts is missing and integration of existing protocols for both communication scenarios is difficult due to their diverse nature. We propose a lightweight user authentication and session-key agreement protocol between sensor nodes and medical experts which addresses both communication patterns. The security analysis depicts that required security properties are preserved.

[1]  Xiong Li,et al.  Secure and efficient anonymous authentication scheme for three-tier mobile healthcare systems with wearable sensors , 2018, Telecommun. Syst..

[2]  Marko Hölbl,et al.  A robust and efficient mutual authentication and key agreement scheme with untraceability for WBANs , 2019, Comput. Networks.

[3]  Eun-Jun Yoon,et al.  Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem , 2010, The Journal of Supercomputing.

[4]  Xiong Li,et al.  Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks , 2017, Comput. Networks.

[5]  S. V. Sudha,et al.  A Secure and Lightweight Authentication Protocol for Multiple Layers in Wireless Body Area Network , 2018, Smart Intelligent Computing and Applications.

[6]  Sidi-Mohammed Senouci,et al.  Context-aware anonymous authentication protocols in the internet of things dedicated to e-health applications , 2019, Comput. Networks.

[7]  Mohamed Ayoub Messous,et al.  Token-Based Lightweight Authentication to Secure IoT Networks , 2019, 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC).

[8]  Fagen Li,et al.  Remote Authentication Schemes for Wireless Body Area Networks Based on the Internet of Things , 2018, IEEE Internet of Things Journal.

[9]  Wenyong Wang,et al.  A Secure Mutual Batch Authentication Scheme for Patient Data Privacy Preserving in WBAN , 2019, Sensors.

[10]  Sinem Alturjman,et al.  Context-Sensitive Access in Industrial Internet of Things (IIoT) Healthcare Applications , 2018, IEEE Transactions on Industrial Informatics.

[11]  Athanasios V. Vasilakos,et al.  A Novel Authentication and Key Agreement Scheme for Implantable Medical Devices Deployment , 2018, IEEE Journal of Biomedical and Health Informatics.

[12]  Wei Xiang,et al.  Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities , 2017, IEEE Access.

[13]  Myung-Hwan Kim,et al.  An Enhanced Anonymous Authentication and Key Exchange Scheme Using Smartcard , 2012, ICISC.

[14]  Dezhong Peng,et al.  Analysis and Improvement of a Mutual Authentication Scheme for Wireless Body Area Networks , 2019, Journal of Medical Systems.

[15]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..