A Uniqueness-and-Anonymity-Preserving Remote User Authentication Scheme for Connected Health Care

Connected health care provides new opportunities for improving financial and clinical performance. Many connected health care applications such as telecare medicine information system, personally controlled health records system, and patient monitoring have been proposed. Correct and quality care is the goal of connected heath care, and user authentication can ensure the legality of patients. After reviewing authentication schemes for connected health care applications, we find that many of them cannot protect patient privacy such that others can trace users/patients by the transmitted data. And the verification tokens used by these authentication schemes to authenticate users or servers are only password, smart card and RFID tag. Actually, these verification tokens are not unique and easy to copy. On the other hand, biometric characteristics, such as iris, face, voiceprint, fingerprint and so on, are unique, easy to be verified, and hard to be copied. In this paper, a biometrics-based user authentication scheme will be proposed to ensure uniqueness and anonymity at the same time. With the proposed scheme, only the legal user/patient himself/herself can access the remote server, and no one can trace him/her according to transmitted data.

[1]  Chu-Hsing Lin,et al.  A flexible biometrics remote user authentication scheme , 2004, Comput. Stand. Interfaces.

[2]  Hung-Yu Chien,et al.  Two RFID-based Solutions to Enhance Inpatient Medication Safety , 2011, Journal of Medical Systems.

[3]  Kee-Young Yoo,et al.  ID-based password authentication scheme using smart cards and fingerprints , 2003, OPSR.

[4]  Andrew Beng Jin Teoh,et al.  Biohashing: two factor authentication featuring fingerprint data and tokenised random number , 2004, Pattern Recognit..

[5]  Chun-Ta Li,et al.  An efficient biometrics-based remote user authentication scheme using smart cards , 2010, J. Netw. Comput. Appl..

[6]  Zhang Rui,et al.  A More Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of medical systems.

[7]  Chun-I Fan,et al.  Robust remote authentication scheme with smart cards , 2005, Comput. Secur..

[8]  Chin-Ling Chen,et al.  Using RFID Yoking Proof Protocol to Enhance Inpatient Medication Safety , 2012, Journal of Medical Systems.

[9]  Chin-Laung Lei,et al.  A Simple and Efficient Key Exchange Scheme Against the Smart Card Loss Problem , 2007, EUC Workshops.

[10]  Yu-Fang Chung,et al.  A Secure Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[11]  Michael Scott,et al.  Cryptanalysis of an ID-based password authentication scheme using smart cards and fingerprints , 2004, OPSR.

[12]  Adam Duffy,et al.  A Biometric Identity Based Signature Scheme , 2007, Int. J. Netw. Secur..

[13]  Jian Wang,et al.  Strong Authentication Scheme for Telecare Medicine Information Systems , 2011, Journal of Medical Systems.

[14]  Anil K. Jain,et al.  Biometric template transformation: a security analysis , 2010, Electronic Imaging.

[15]  Chin-Chen Chang,et al.  Remarks on fingerprint-based remote user authentication scheme using smart cards , 2004, OPSR.

[16]  Loris Nanni,et al.  An improved BioHashing for human authentication , 2007, Pattern Recognit..

[17]  Chin-Chen Chang,et al.  A secure one-time password authentication scheme using smart cards without limiting login times , 2004, OPSR.

[18]  Wenfen Liu,et al.  An Improved Authentication Scheme for Telecare Medicine Information Systems , 2012, Journal of Medical Systems.

[19]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[20]  Dong Hoon Lee,et al.  A Privacy-Strengthened Scheme for E-Healthcare Monitoring System , 2012, Journal of Medical Systems.

[21]  Min-Shiang Hwang,et al.  A new remote user authentication scheme using smart cards , 2000, IEEE Trans. Consumer Electron..

[22]  J. K. Lee,et al.  Fingerprint-based remote user authentication scheme using smart cards , 2002 .

[23]  Andrew Beng Jin Teoh,et al.  Random Multispace Quantization as an Analytic Mechanism for BioHashing of Biometric and Random Identity Inputs , 2006, IEEE Transactions on Pattern Analysis and Machine Intelligence.

[24]  HanCheng Hsiang,et al.  A Robust Authentication Protocol for Multi-Server Architecture without Smart Cards , 2013 .

[25]  Anil K. Jain,et al.  Biometric Template Security , 2008, EURASIP J. Adv. Signal Process..