Efficient Authentication Protocol for Continuous Monitoring in Medical Sensor Networks

Currently, continuous monitoring on patients with the help of small devices (or sensors), is easy for doctors/nurses to check patients. Due to privacy issues, data collected from devices should be protected. Thus, a lightweight mutual authentication and key agreement protocol is required among doctors/nurses, trusted servers, sensors and patients. In this paper, we provide a secure protocol which could support continuous monitoring on patients. Firstly, user's biometrics will be used to verify users by means of continuous monitoring of physiological data (e.g., ECG signals) in which verification of the patient identity. This could prevent device theft attacks. In addition, dynamic identity is taken to provide user anonymity and mitigate against user traceability. Later, we provide informal and formal security analysis to prove that our protocol can establish a session key between the user and sensor after successfully mutually authentication. Performance analysis proved our scheme to be competitive in comparison to existing schemes relative to the added security benefits it provides.

[1]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[2]  Choong Seon Hong,et al.  Security in wireless sensor networks: issues and challenges , 2006, 2006 8th International Conference Advanced Communication Technology.

[3]  Donghoon Lee,et al.  Security Analysis and Improvements of Two-Factor Mutual Authentication with Key Agreement in Wireless Sensor Networks , 2014, Sensors.

[4]  Chenyu Wang,et al.  An Enhanced Three-Factor User Authentication Scheme Using Elliptic Curve Cryptosystem for Wireless Sensor Networks , 2017, Sensors.

[5]  Jian Wang,et al.  A Continuous Identity Authentication Scheme Based on Physiological and Behavioral Characteristics , 2018, Sensors.

[6]  Xiong Li,et al.  An improved and provably secure three-factor user authentication scheme for wireless sensor networks , 2018, Peer-to-Peer Netw. Appl..

[7]  H. T. Mouftah,et al.  Two-factor mutual authentication with key agreement in wireless sensor networks , 2016, Secur. Commun. Networks.

[8]  Ashok Kumar Das,et al.  A secure and effective biometric‐based user authentication scheme for wireless sensor networks using smart card and fuzzy extractor , 2017, Int. J. Commun. Syst..

[9]  Jongho Moon,et al.  Improving Biometric-Based Authentication Schemes with Smart Card Revocation/Reissue for Wireless Sensor Networks , 2017, Sensors.

[10]  Nai-Wei Lo,et al.  A Lightweight Continuous Authentication Protocol for the Internet of Things , 2018, Sensors.

[11]  Chin-Ling Chen,et al.  Internet of Things (IoT) Based Design of a Secure and Lightweight Body Area Network (BAN) Healthcare System , 2017, Sensors.

[12]  Saru Kumari,et al.  An improved three party authenticated key exchange protocol using hash function and elliptic curve cryptography for mobile-commerce environments , 2017, J. King Saud Univ. Comput. Inf. Sci..

[13]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[14]  Dongho Won,et al.  Secure and Efficient Three-Factor Protocol for Wireless Sensor Networks , 2018, Sensors.

[15]  Chuan-Ming Liu,et al.  Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks , 2015, Sensors.

[16]  Soumik Mondal,et al.  Continuous Authentication in a real world settings , 2015, 2015 Eighth International Conference on Advances in Pattern Recognition (ICAPR).

[17]  Pardeep Kumar,et al.  E-SAP: Efficient-Strong Authentication Protocol for Healthcare Applications Using Wireless Medical Sensor Networks , 2012, Sensors.

[18]  Jongho Moon,et al.  Efficient and Security Enhanced Anonymous Authentication with Key Agreement Scheme in Wireless Sensor Networks , 2017, Sensors.

[19]  YoHan Park,et al.  Three-Factor User Authentication and Key Agreement Using Elliptic Curve Cryptosystem in Wireless Sensor Networks , 2016, Sensors.

[20]  Alessio Vecchio,et al.  Gait-based authentication using a wrist-worn device , 2016, MobiQuitous.

[21]  V. N. Sastry,et al.  Fuzzy Extractor and Elliptic Curve Based Efficient User Authentication Protocol for Wireless Sensor Networks and Internet of Things , 2017, Inf..

[22]  Liping Zhang,et al.  Privacy Protection for E-Health Systems by Means of Dynamic Authentication and Three-Factor Key Agreement , 2018, IEEE Transactions on Industrial Electronics.

[23]  Xuan Zeng,et al.  HeartID: A Multiresolution Convolutional Neural Network for ECG-Based Biometric Human Identification in Smart Health Applications , 2017, IEEE Access.

[24]  Dongho Won,et al.  Security Improvement on Biometric Based Authentication Scheme for Wireless Sensor Networks Using Fuzzy Extraction , 2016, Int. J. Distributed Sens. Networks.