An End-to-End Authentication Mechanism for Wireless Body Area Networks

Wireless Body Area Network (WBAN) ensures highquality healthcare services by endowing distant and continual monitoring of patients’ health conditions. The security and privacy of the sensitive health-related data transmitted through the WBAN should be preserved to maximize its benefits. In this regard, user authentication is one of the primary mechanisms to protect health data that verifies the identities of entities involved in the communication process. Since WBAN carries crucial health data, every entity engaged in the data transfer process must be authenticated. In literature, an end-to-end user authentication mechanism covering each communicating party is absent. Besides, most of the existing user authentication mechanisms are designed assuming that the patient’s mobile phone is trusted. In reality, a patient’s mobile phone can be stolen or comprised by malware and thus behaves maliciously. Our work addresses these drawbacks and proposes an end-to-end user authentication and session key agreement scheme between sensor nodes and medical experts in a scenario where the patient’s mobile phone is semi-trusted. We present a formal security analysis using BAN logic. Besides, we also provide an informal security analysis of the proposed scheme. Both studies indicate that our method is robust against well-known security attacks. In addition, our scheme achieves comparable computation and communication costs concerning the related existing works. The simulation shows that our method preserves satisfactory network performance.

[1]  Sidi-Mohammed Senouci,et al.  Context-aware anonymous authentication protocols in the internet of things dedicated to e-health applications , 2019, Comput. Networks.

[2]  Marko Hölbl,et al.  A robust and efficient mutual authentication and key agreement scheme with untraceability for WBANs , 2019, Comput. Networks.

[3]  Abdullah M. Almuhaideb,et al.  A Lightweight and Secure Anonymity Preserving Protocol for WBAN , 2020, IEEE Access.

[4]  Khalid Alsubhi,et al.  A Provably Secure and Lightweight Patient-Healthcare Authentication Protocol in Wireless Body Area Networks , 2020, Wireless Personal Communications.

[5]  Satish Chand,et al.  A Lightweight Cloud-Assisted Identity-Based Anonymous Authentication and Key Agreement Protocol for Secure Wireless Body Area Network , 2021, IEEE Systems Journal.

[6]  Xiong Li,et al.  Secure and efficient anonymous authentication scheme for three-tier mobile healthcare systems with wearable sensors , 2018, Telecommun. Syst..

[7]  Wei Xiang,et al.  Internet of Things for Smart Healthcare: Technologies, Challenges, and Opportunities , 2017, IEEE Access.

[8]  George F. Riley,et al.  The ns-3 Network Simulator , 2010, Modeling and Tools for Network Simulation.

[9]  Saleem Iqbal,et al.  An Efficient Lightweight Key Agreement and Authentication Scheme for WBAN , 2020, IEEE Access.

[10]  S. V. Sudha,et al.  A Secure and Lightweight Authentication Protocol for Multiple Layers in Wireless Body Area Network , 2018, Smart Intelligent Computing and Applications.

[11]  Athanasios V. Vasilakos,et al.  A Novel Authentication and Key Agreement Scheme for Implantable Medical Devices Deployment , 2018, IEEE Journal of Biomedical and Health Informatics.

[12]  Umashankar Subramaniam,et al.  EPAW: Efficient Privacy Preserving Anonymous Mutual Authentication Scheme for Wireless Body Area Networks (WBANs) , 2020, IEEE Access.

[13]  Sinem Alturjman,et al.  Context-Sensitive Access in Industrial Internet of Things (IIoT) Healthcare Applications , 2018, IEEE Transactions on Industrial Informatics.

[14]  Ping Wang,et al.  Preserving privacy for free: Efficient and provably secure two-factor authentication scheme with user anonymity , 2015, Inf. Sci..

[15]  Mohamed Hamdi,et al.  Context-aware access control and anonymous authentication in WBAN , 2020, Comput. Secur..

[16]  Wenyong Wang,et al.  A Secure Mutual Batch Authentication Scheme for Patient Data Privacy Preserving in WBAN , 2019, Sensors.

[17]  Fagen Li,et al.  Remote Authentication Schemes for Wireless Body Area Networks Based on the Internet of Things , 2018, IEEE Internet of Things Journal.

[18]  Martín Abadi,et al.  A logic of authentication , 1989, Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences.

[19]  Fatema Tuz Zohra,et al.  A secure and lightweight user authentication mechanism for wireless body area network , 2019, NSysS.

[20]  Dezhong Peng,et al.  Analysis and Improvement of a Mutual Authentication Scheme for Wireless Body Area Networks , 2019, Journal of Medical Systems.

[21]  Xiong Li,et al.  Anonymous mutual authentication and key agreement scheme for wearable sensors in wireless body area networks , 2017, Comput. Networks.