Light-Weight and Robust Security-Aware D2D-Assist Data Transmission Protocol for Mobile-Health Systems

With the rapid advancement of technology, healthcare systems have been quickly transformed into a pervasive environment, where both challenges and opportunities abound. On the one hand, the proliferation of smart phones and advances in medical sensors and devices have driven the emergence of wireless body area networks for remote patient monitoring, also known as mobile-health (M-health), thereby providing a reliable and cost effective way to improving efficiency and quality of health care. On the other hand, the advances of M-health systems also generate extensive medical data, which could crowd today’s cellular networks. Device-to-device (D2D) communications have been proposed to address this challenge, but unfortunately, security threats are also emerging because of the open nature of D2D communications between medical sensors and highly privacy-sensitive nature of medical data. Even, more disconcerting is healthcare systems that have many characteristics that make them more vulnerable to privacy attacks than in other applications. In this paper, we propose a light-weight and robust security-aware D2D-assist data transmission protocol for M-health systems by using a certificateless generalized signcryption (CLGSC) technique. Specifically, we first propose a new efficient CLGSC scheme, which can adaptively work as one of the three cryptographic primitives: signcryption, signature, or encryption, but within one single algorithm. The scheme is proved to be secure, simultaneously achieving confidentiality and unforgeability. Based on the proposed CLGSC algorithm, we further design a D2D-assist data transmission protocol for M-health systems with security properties, including data confidentiality and integrity, mutual authentication, contextual privacy, anonymity, unlinkability, and forward security. Performance analysis demonstrates that the proposed protocol can achieve the design objectives and outperform existing schemes in terms of computational and communication overhead.

[1]  Kyung Sup Kwak,et al.  Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks , 2014, IEEE Transactions on Parallel and Distributed Systems.

[2]  Mustaque Ahamad,et al.  Augmenting security and accountability within the eHealth Exchange , 2014, IBM J. Res. Dev..

[3]  J. Gialelis,et al.  Imposing holistic privacy and data security on person centric ehealth monitoring infrastructures , 2010, The 12th IEEE International Conference on e-Health Networking, Applications and Services.

[4]  Hu Xiong,et al.  Cost-Effective Scalable and Anonymous Certificateless Remote Authentication Protocol , 2014, IEEE Transactions on Information Forensics and Security.

[5]  Rose Qingyang Hu,et al.  Enable device-to-device communications underlaying cellular networks: challenges and research aspects , 2014, IEEE Communications Magazine.

[6]  Hsiao-Hwa Chen,et al.  Energy-Spectrum Efficiency Tradeoff for Video Streaming over Mobile Ad Hoc Networks , 2013, IEEE Journal on Selected Areas in Communications.

[7]  Jacques Stern,et al.  Security Arguments for Digital Signatures and Blind Signatures , 2015, Journal of Cryptology.

[8]  Mani Krishna,et al.  SPOC : A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency , 2012 .

[9]  J. Martin Leo Manickam,et al.  Secure Communication over BSN Using Modified Feather Light Weight Block (MFLB) Cipher Encryption , 2015, J. Softw..

[10]  Bo Yang,et al.  Provably secure and efficient leakage-resilient certificateless signcryption scheme without bilinear pairing , 2016, Discret. Appl. Math..

[11]  Xuemin Shen,et al.  SPS: Secure personal health information sharing with patient-centric access control in cloud computing , 2013, 2013 IEEE Global Communications Conference (GLOBECOM).

[12]  Christof Paar,et al.  Understanding Cryptography: A Textbook for Students and Practitioners , 2009 .

[13]  Suhasini V. Sabnis,et al.  Opportunities and challenges: Security in ehealth , 2012, Bell Labs Technical Journal.

[14]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[15]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[16]  Athanasios V. Vasilakos,et al.  Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks † , 2016, Sensors.

[17]  Soufiene Djahel,et al.  Toward energy-efficient and trustworthy eHealth monitoring system , 2015, China Communications.

[18]  Caixue Zhou,et al.  Provable certificateless generalized signcryption scheme , 2014, Des. Codes Cryptogr..

[19]  Zhiguang Qin,et al.  Revocable and Scalable Certificateless Remote Authentication Protocol With Anonymity for Wireless Body Area Networks , 2015, IEEE Transactions on Information Forensics and Security.

[20]  Aiqing Zhang,et al.  SeDS: Secure Data Sharing Strategy for D2D Communication in LTE-Advanced Networks , 2016, IEEE Transactions on Vehicular Technology.

[21]  Xiaodong Lin,et al.  Sage: a strong privacy-preserving scheme against global eavesdropping for ehealth systems , 2009, IEEE Journal on Selected Areas in Communications.

[22]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[23]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[24]  Zezhong Zhang,et al.  Cryptanalysis and improvement of a certificateless signcryption scheme without bilinear pairing , 2014, Frontiers of Computer Science.

[25]  Qing Liu,et al.  A differential privacy protection scheme for sensitive big data in body sensor networks , 2016, Ann. des Télécommunications.

[26]  H. T. Mouftah,et al.  Cryptographic security models for eHealth P2P database management systems network , 2011, 2011 Ninth Annual International Conference on Privacy, Security and Trust.

[27]  Sunder Lal,et al.  An efficient identity based generalized signcryption scheme , 2011, Theor. Comput. Sci..

[28]  Xiaohui Liang,et al.  Enabling pervasive healthcare through continuous remote health monitoring , 2012, IEEE Wireless Communications.

[29]  Félix Gómez Mármol,et al.  Identity Management--In Privacy We Trust: Bridging the Trust Gap in eHealth Environments , 2013, IEEE Security & Privacy.

[30]  Yuguang Fang,et al.  A Privacy-Preserving Attribute-Based Authentication System for Mobile Health Networks , 2014, IEEE Transactions on Mobile Computing.

[31]  Wenbao Han,et al.  Certificateless generalized signcryption , 2010, IACR Cryptol. ePrint Arch..