Multi-factor user authentication scheme for IoT-based healthcare services

Due to the tremendous rise of the cloud computing and the Internet of Things (IoT) paradigms, the possibility of remote monitoring of the patients in real time by a remote Medical Professional (MP) has become feasible and patients can enjoy healthcare services at home. To achieve this, the patient’s medical data will need to be stored on the Cloud server. However, patient’s medical data stored on server are highly sensitive and, hence, the Cloud-IoT network becomes open to many attacks. For that reason, it must ensure that patients’ medical data do not get exposed to malicious users. This makes strong user authentication a prerequisite for the successful global deployment of centralized healthcare systems. In this paper, we present an efficient, strong authentication protocol, for the MP to access patient data for healthcare applications based on Cloud-IoT network. The proposed protocol includes: (1) three-factor MP authentication (i.e. password, biometrics and smartcard); (2) mutual authentication between MP and the cloud server; (3) establishes a secure shared session key; and (4) maintains key freshness. Furthermore, the proposed protocol uses only two message exchanges between MP and cloud server, and attains efficiency (i.e. low computation and communication costs). Through the formal analysis using AVISPA web tool, security analysis and performance analysis, we conclude that the proposed protocol is more secure against potential attacks and obtains a trade-off between security and performance cost for healthcare application using Cloud-IoT networks.

[1]  Huilong Duan,et al.  Online Treatment Compliance Checking for Clinical Pathways , 2014, Journal of Medical Systems.

[2]  M. Shamim Hossain,et al.  Cloud-Assisted Speech and Face Recognition Framework for Health Monitoring , 2015, Mobile Networks and Applications.

[3]  Xianghan Zheng,et al.  A secure user authentication protocol for sensor network in data capturing , 2015, Journal of Cloud Computing.

[4]  Huifang Chen,et al.  A User Authentication Scheme Based on Elliptic Curves Cryptography for Wireless Ad Hoc Networks , 2015, Sensors.

[5]  Kambombo Mtonga,et al.  An efficient privacy-preserving authentication scheme with adaptive key evolution in remote health monitoring system , 2014, Peer-to-Peer Networking and Applications.

[6]  Lixiang Li,et al.  An Enhanced Biometric-Based Authentication Scheme for Telecare Medicine Information Systems Using Elliptic Curve Cryptosystem , 2015, Journal of Medical Systems.

[7]  Jian Shen,et al.  A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications , 2018, J. Ambient Intell. Humaniz. Comput..

[8]  Y. M. Huang,et al.  Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks , 2009, IEEE Journal on Selected Areas in Communications.

[9]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[10]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2013, IEEE J. Sel. Areas Commun..

[11]  Wei-Kuan Shih,et al.  An efficient anonymous authentication protocol for mobile pay-TV , 2011, J. Netw. Comput. Appl..

[12]  Fei Hu,et al.  Privacy-Preserving Telecardiology Sensor Networks: Toward a Low-Cost Portable Wireless Hardware/Software Codesign , 2007, IEEE Transactions on Information Technology in Biomedicine.

[13]  Yu-Fang Chung,et al.  Secure user authentication scheme for wireless healthcare sensor networks , 2017, Comput. Electr. Eng..

[14]  Wuu Yang,et al.  An Improved Dynamic User Authentication Scheme for Wireless Sensor Networks , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[15]  Ming Li,et al.  Secure ad hoc trust initialization and key management in wireless body area networks , 2013, TOSN.

[16]  Sana Ullah,et al.  A Hybrid and Secure Priority-Guaranteed MAC Protocol for Wireless Body Area Network , 2014, Int. J. Distributed Sens. Networks.

[17]  Hong Liu,et al.  Modeling of WBAN and Cloud Integration for Secure and Reliable Healthcare , 2013, BODYNETS.

[18]  Sourav Mukhopadhyay,et al.  A Secure and Efficient Chaotic Map-Based Authenticated Key Agreement Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[19]  Djamal Zeghlache,et al.  A Hybrid Authentication and Key Establishment Scheme for WBAN , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[20]  Eun-Jun Yoon,et al.  A New Biometric-based User Authentication Scheme without Using Password for Wireless Sensor Networks , 2011, 2011 IEEE 20th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[21]  Neyire Deniz Sarier Improving the accuracy and storage cost in biometric remote authentication schemes , 2010, J. Netw. Comput. Appl..

[22]  Peng Gong,et al.  A New User Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2013, Int. J. Distributed Sens. Networks.

[23]  Hoh Peter In,et al.  A scheme for data confidentiality in Cloud-assisted Wireless Body Area Networks , 2014, Inf. Sci..

[24]  Gaurav Kumar Tak,et al.  Secure Medical Data Transmission by Using ECC with Mutual Authentication in WSNs , 2015 .

[25]  Sándor Imre,et al.  Elliptic curve cryptography based authentication protocol for small computational capacity RFID systems , 2010, Q2SWinet '10.

[26]  Peilin Hong,et al.  A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks , 2013, J. Netw. Comput. Appl..

[27]  Zinaida Benenson,et al.  Realizing Robust User Authentication in Sensor Networks , 2005 .

[28]  Andrei V. Gurtov,et al.  An Efficient and Adaptive Mutual Authentication Framework for Heterogeneous Wireless Sensor Network-Based Applications , 2014, Sensors.

[29]  Jianfeng Ma,et al.  An novel three-party authenticated key exchange protocol using one-time key , 2013, J. Netw. Comput. Appl..

[30]  Dengguo Feng,et al.  An improved smart card based password authentication scheme with provable security , 2009, Comput. Stand. Interfaces.

[31]  Ming Li,et al.  BANA: Body Area Network Authentication Exploiting Channel Characteristics , 2012, IEEE Journal on Selected Areas in Communications.

[32]  Hannes Hartenstein,et al.  Confidential database-as-a-service approaches: taxonomy and survey , 2014, Journal of Cloud Computing.

[33]  Athanasios V. Vasilakos,et al.  ECG-Cryptography and Authentication in Body Area Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[34]  Morteza Nikooghadam,et al.  Three-Factor Anonymous Authentication and Key Agreement Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[35]  Xin Xu,et al.  A Secure and Efficient Authentication and Key Agreement Scheme Based on ECC for Telecare Medicine Information Systems , 2013, Journal of Medical Systems.

[36]  Djamel Tandjaoui,et al.  An end-to-end secure key management protocol for e-health applications , 2015, Comput. Electr. Eng..

[37]  Sungyoung Lee,et al.  An Efficient Mutual Authentication and Access Control Scheme for Wireless Sensor Networks in Healthcare , 2011, J. Networks.

[38]  Athanasios V. Vasilakos,et al.  QoS-Aware Health Monitoring System Using Cloud-Based WBANs , 2014, Journal of Medical Systems.

[39]  Sheetal Kalra,et al.  A lightweight biometrics based remote user authentication scheme for IoT services , 2017, J. Inf. Secur. Appl..

[40]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[41]  Jiannong Cao,et al.  A dynamic user authentication scheme for wireless sensor networks , 2006, IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (SUTC'06).

[42]  Lan Wang,et al.  Design and implementation of a secure wireless mote-based medical sensor network , 2008, UbiComp.

[43]  Hannu Tenhunen,et al.  End-to-end security scheme for mobility enabled healthcare Internet of Things , 2016, Future Gener. Comput. Syst..

[44]  Sheetal Kalra,et al.  Secure multi‐factor remote user authentication scheme for Internet of Things environments , 2017, Int. J. Commun. Syst..

[45]  Ruhul Amin,et al.  A Secure Three-Factor User Authentication and Key Agreement Protocol for TMIS With User Anonymity , 2015, Journal of Medical Systems.

[46]  Shiping Chen,et al.  A platform for secure monitoring and sharing of generic health data in the Cloud , 2014, Future Gener. Comput. Syst..

[47]  Changjun Jiang,et al.  A biometric-based user authentication for wireless sensor networks , 2010, Wuhan University Journal of Natural Sciences.

[48]  Xuemin Shen,et al.  SPS: Secure personal health information sharing with patient-centric access control in cloud computing , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[49]  Mznah Al-Rodhaan,et al.  An Efficient Biometric Authentication Protocol for Wireless Sensor Networks , 2013, Int. J. Distributed Sens. Networks.

[50]  Cheng-Chi Lee,et al.  An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System , 2017, Sensors.

[51]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[52]  Tanzeem Choudhury,et al.  Activity-aware ECG-based patient authentication for remote health monitoring , 2009, ICMI-MLMI '09.

[53]  Zuowen Tan,et al.  A User Anonymity Preserving Three-Factor Authentication Scheme for Telecare Medicine Information Systems , 2014, Journal of Medical Systems.

[54]  Athanasios V. Vasilakos,et al.  ReTrust: Attack-Resistant and Lightweight Trust Management for Medical Sensor Networks , 2012, IEEE Transactions on Information Technology in Biomedicine.

[55]  Jiao Yu-hua,et al.  An Overview of Perceptual Hashing , 2008 .

[56]  Zhenguo Zhao,et al.  An Efficient Anonymous Authentication Scheme for Wireless Body Area Networks Using Elliptic Curve Cryptosystem , 2014, Journal of Medical Systems.

[57]  Ayan Banerjee,et al.  PSKA: Usable and Secure Key Agreement Scheme for Body Area Networks , 2010, IEEE Transactions on Information Technology in Biomedicine.