Authentication Protocol for Real-Time Wearable Medical Sensor Networks Using Biometrics and Continuous Monitoring

The open nature of wireless medical sensor networks in a public untrusted environment makes them vulnerable to various security threats and puts the security and privacy of patient information at risk. This paper introduces a new ECC based lightweight mutual authentication and key agreement protocol to be used in real-time wireless medical sensor networks between doctors/nurses, trusted servers, sensors and patients. Unlike existing schemes, our scheme uses biometrics on both doctor/nurse and patient sides. It allows the doctor/nurse to login to the system using his/her fingerprint and verifies patient identity by means of continuous monitoring of physiological data (e.g., ECG signals) in which verification of the patient identity is carried out automatically and at set intervals to detect physical theft of the sensor which may be hooked on to a different patient. Our scheme also uses dynamic identity to provide user anonymity and mitigate against user traceability. Security analysis shows that our protocol is resistant to the user, sensor and patient impersonation attacks, physical sensor theft, and so on. Performance analysis proved our scheme to be competitive in comparison to existing schemes relative to the added security benefits it provides.

[1]  Xuan Zeng,et al.  HeartID: A Multiresolution Convolutional Neural Network for ECG-Based Biometric Human Identification in Smart Health Applications , 2017, IEEE Access.

[2]  Nai-Wei Lo,et al.  A Lightweight Continuous Authentication Protocol for the Internet of Things , 2018, Sensors.

[3]  Juan E. Tapiador,et al.  Human Identification Using Compressed ECG Signals , 2015, Journal of Medical Systems.

[4]  Jianhua Chen,et al.  Privacy-Preserving and Efficient Truly Three-Factor Authentication Scheme for Telecare Medical Information Systems , 2018, Journal of Medical Systems.

[5]  Chin-Ling Chen,et al.  Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System , 2017, Sensors.

[6]  Liping Zhang,et al.  Privacy Protection for E-Health Systems by Means of Dynamic Authentication and Three-Factor Key Agreement , 2018, IEEE Transactions on Industrial Electronics.

[7]  YoHan Park,et al.  Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks , 2016, Sensors.

[8]  Jian Wang,et al.  A Continuous Identity Authentication Scheme Based on Physiological and Behavioral Characteristics , 2018, Sensors.

[9]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[10]  Hyunggon Park,et al.  ECG Authentication System Design Based on Signal Analysis in Mobile and Wearable Devices , 2016, IEEE Signal Processing Letters.

[11]  Refet Firat Yazicioglu,et al.  A Configurable and Low-Power Mixed Signal SoC for Portable ECG Monitoring Applications , 2011, IEEE Transactions on Biomedical Circuits and Systems.

[12]  V. N. Sastry,et al.  Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things , 2017, Inf..

[13]  Soumik Mondal,et al.  Continuous Authentication in a real world settings , 2015, 2015 Eighth International Conference on Advances in Pattern Recognition (ICAPR).

[14]  Alessio Vecchio,et al.  Gait-based authentication using a wrist-worn device , 2016, MobiQuitous.

[15]  Jongho Moon,et al.  Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks , 2017, Sensors.

[16]  Chenyu Wang,et al.  An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks , 2017, Sensors.