research-article

An efficient mutual authentication and privacy prevention scheme for e-healthcare monitoring

Author:

Prerna MohitAuthors Info & Claims

Volume 63, Issue C

https://doi.org/10.1016/j.jisa.2021.102992

Published: 01 December 2021 Publication History

Abstract

The progressive development in online healthcare monitoring may facilitate better service for recovered patients from some pandemic diseases like the novel Covid-19 and even in well-known diseases such as cancer, heart attack, and many more. This paper brings a mutual authentication protocol for the e-healthcare monitoring system using the telecare medical information system with body sensors. This scheme comes with a secure platform for communication by using three phases: patient data upload phase, treatment phase, and report delivery phase. The patient’s medical information is susceptible and must be protected from any modification. The two security issues (secure communication and privacy of patient information) are essential for the transmission over the public channel. The proposed protocol uses mobile characteristics that allow the recovered patients to use medical facilities effectively. The well-known traditional informal security analysis like the Man-in-the-middle attack, patient anonymity, doctor anonymity, and many more are validated to judge the security aspect of the proposed protocol. In addition, the widely accepted formal security analysis (both Burrows–Abadi–Needham (BAN) logic and Real-or-Random Model (ROR)) are investigated for the session-key security. Finally, the proposed e-healthcare monitoring protocol provides an efficient characteristic in terms of communication, computation, and storage cost compared to existing literature.

References

[1]

Li C.-T., Shih D.-H., Wang C.-C., Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems, Comput Methods Programs Biomed 157 (2018) 191–203.

Digital Library

[2]

Kumar V., Ahmad M., Kumari A., A secure elliptic curve cryptography based mutual authentication protocol for cloud-assisted TMIS, Telemat Inform 38 (2019) 100–117.

[3]

Chandrakar P., Sinha S., Ali R., Cloud-based authenticated protocol for healthcare monitoring system, J Ambient Intell Humaniz Comput (2019) 1–17.

[4]

Kumari A., Kumar V., Abbasi M.Y., Kumari S., Chaudhary P., Chen C.-M., CSEF: Cloud-based secure and efficient framework for smart medical system using ECC, IEEE Access 8 (2020) 107838–107852.

[5]

Karthigaiveni M., Indrani B., An efficient two-factor authentication scheme with key agreement for IoT based E-health care application using smart card, J Ambient Intell Humaniz Comput (2019) 1–12.

[6]

Savitha V., Karthikeyan N., Karthik S., Sabitha R., A distributed key authentication and OKM-ANFIS scheme based breast cancer prediction system in the IoT environment, J Ambient Intell Humaniz Comput (2020) 1–13.

[7]

Sahoo S.S., Mohanty S., Majhi B., A secure three factor based authentication scheme for health care systems using IoT enabled devices, J Ambient Intell Humaniz Comput (2020) 1–16.

[8]

Jiang Q., Ma J., Yang C., Ma X., Shen J., Chaudhry S.A., Efficient end-to-end authentication protocol for wearable health monitoring systems, Comput Electr Eng 63 (2017) 182–195.

Digital Library

[9]

Srinivas J., Das A.K., Kumar N., Rodrigues J., Cloud centric authentication for wearable healthcare monitoring system, IEEE Trans Dependable Secure Comput (2018).

[10]

Ali R., Pal A.K., Kumari S., Sangaiah A.K., Li X., Wu F., An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring, J Ambient Intell Humaniz Comput (2018) 1–22.

[11]

Chatterjee K., An improved authentication protocol for wireless body sensor networks applied in healthcare applications, Wirel Pers Commun (2019) 1–19.

[12]

Alzahrani B.A., Irshad A., Albeshri A., Alsubhi K., A provably secure and lightweight patient-healthcare authentication protocol in Wireless Body Area networks, Wirel Pers Commun (2020) 1–23.

[13]

Li X., Peng J., Obaidat M.S., Wu F., Khan M.K., Chen C., A secure three-factor user authentication protocol with forward secrecy for wireless medical sensor network systems, IEEE Syst J 14 (1) (2019) 39–50.

[14]

Selvam L., Renjit J.A., On developing dynamic and efficient cryptosystem for safeguarding healthcare data in public clouds, J Ambient Intell Humaniz Comput (2020).

[15]

Kaufman L.M., Can public-cloud security meet its unique challenges?, IEEE Secur Privacy 8 (4) (2010) 55–57.

[16]

Saheb T., Izadi L., Paradigm of IoT big data analytics in healthcare industry: a review of scientific literature and mapping of research trends, Telemat Inform (2019).

[17]

Shen J., Liu D., Liu Q., Sun X., Zhang Y., Secure authentication in cloud big data with hierarchical attribute authorization structure, IEEE Trans Big Data (2017).

[18]

Nikou S., Agahari W., Keijzer-Broers W., de Reuver M., Digital healthcare technology adoption by elderly people: A capability approach model, Telemat Inform (2019).

[19]

Peris-Lopez P., Hernandez-Castro J.C., Estevez-Tapiador J.M., Ribagorda A., Emap: An efficient mutual-authentication protocol for low-cost rfid tags, in: OTM Confederated International Conferences “on the Move To Meaningful Internet Systems”, Springer, 2006, pp. 352–361.

[20]

Das A.K., A secure and efficient user anonymity-preserving three-factor authentication protocol for large-scale distributed wireless sensor networks, Wirel Pers Commun 82 (3) (2015) 1377–1404.

Digital Library

[21]

Alkhater N., Walters R., Wills G., An empirical study of factors influencing cloud adoption among private sector organisations, Telemat Inform 35 (1) (2018) 38–54.

[22]

Akbarzadeh A., Bayat M., Zahednejad B., Payandeh A., Aref M.R., A lightweight hierarchical authentication scheme for internet of things, J Ambient Intell Humaniz Comput 10 (7) (2019) 2607–2619.

[23]

Mohit P., Amin R., Biswas G., Design of authentication protocol for wireless sensor network-based smart vehicular system, Veh Commun 9 (2017) 64–71.

Digital Library

[24]

Kumar V., Ahmad M., Mishra D., Kumari S., Khan M.K., RSEAP: RFID based secure and efficient authentication protocol for vehicular cloud computing, Veh Commun 22 (2020).

Digital Library

[25]

Wu Z.-Y., Lee Y.-C., Lai F., Lee H.-C., Chung Y., A secure authentication scheme for telecare medicine information systems, J Med Syst 36 (3) (2012) 1529–1535.

[26]

Debiao H., Jianhua C., Rui Z., A more secure authentication scheme for telecare medicine information systems, J Med Syst 36 (3) (2012) 1989–1995.

[27]

Wei J., Hu X., Liu W., An improved authentication scheme for telecare medicine information systems, J Med Syst 36 (6) (2012) 3597–3604.

[28]

Khan M.K., Kumari S., An authentication scheme for secure access to healthcare services, J Med Syst 37 (4) (2013) 9954.

Digital Library

[29]

Amin R., Biswas G., A secure three-factor user authentication and key agreement protocol for tmis with user anonymity, J Med Syst 39 (8) (2015) 78.

[30]

Mishra D., Mukhopadhyay S., Chaturvedi A., Kumari S., Khan M.K., Cryptanalysis and improvement of Yan et al.’s biometric-based authentication scheme for telecare medicine information systems, J Med Syst 38 (6) (2014) 24.

[31]

Wazid M., Das A.K., Kumari S., Li X., Wu F., Design of an efficient and provably secure anonymity preserving three-factor user authentication and key agreement scheme for TMIS, Secur Commun Netw 9 (13) (2016) 1983–2001.

[32]

Li X., Peng J., Kumari S., Wu F., Karuppiah M., Choo K.-K.R., An enhanced 1-round authentication protocol for wireless body area networks with user anonymity, Comput Electr Eng 61 (2017) 238–249.

Digital Library

[33]

Sowjanya K., Dasgupta M., Ray S., An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems, Int J Inf Secur 19 (1) (2020) 129–146.

[34]

Liu J., Zhang L., Sun R., 1-RAAP: An efficient 1-round anonymous authentication protocol for wireless body area networks, Sensors 16 (5) (2016) 728.

[35]

Chandrakar P., Om H., A secure and robust anonymous three-factor remote user authentication scheme for multi-server environment using ECC, Comput Commun 110 (2017) 26–34.

[36]

Ali R., Pal A.K., Three-factor-based confidentiality-preserving remote user authentication scheme in multi-server environment, Arab J Sci Eng 42 (8) (2017) 3655–3672.

[37]

Li X., Niu J., Karuppiah M., Kumari S., Wu F., Secure and efficient two-factor user authentication scheme with user anonymity for network based e-health care applications, J Med Syst 40 (12) (2016) 268.

[38]

Shen J., Gui Z., Ji S., Shen J., Tan H., Tang Y., Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks, J Netw Comput Appl 106 (2018) 117–123.

[39]

Amin R., Islam S.H., Biswas G., Khan M.K., Kumar N., A robust and anonymous patient monitoring system using wireless medical sensor networks, Future Gener Comput Syst 80 (2018) 483–495.

[40]

Ever Y.K., Secure-anonymous user authentication scheme for e-healthcare application using wireless medical sensor networks, IEEE Syst J 13 (1) (2018) 456–467.

[41]

Qi M., Chen J., Anonymous biometrics-based authentication with key agreement scheme for multi-server environment using ECC, Multimedia Tools Appl 78 (19) (2019) 27553–27568.

[42]

Kasyoka P., Kimwele M., Mbandu Angolo S., Certificateless pairing-free authentication scheme for wireless body area network in healthcare management system, J Med Eng Technol 44 (1) (2020) 12–19.

[43]

Chen C.-L., Yang T.-T., Shih T.-F., A secure medical data exchange protocol based on cloud environment, J Med Syst 38 (9) (2014) 1–12.

[44]

Chen C.-L., Yang T.-T., Chiang M.-L., Shih T.-F., A privacy authentication scheme based on cloud for medical environment, J Med Syst 38 (11) (2014) 1–16.

[45]

Chiou S.-Y., Ying Z., Liu J., Improvement of a privacy authentication scheme based on cloud for medical environment, J Med Syst 40 (4) (2016) 1–15.

[46]

Mohit P., Amin R., Karati A., Biswas G., Khan M.K., A standard mutual authentication protocol for cloud computing based health care system, J Med Syst 41 (4) (2017) 50.

[47]

Chen C.-L., Huang P.-T., Deng Y.-Y., Chen H.-C., Wang Y.-C., A secure electronic medical record authorization system for smart device application in cloud computing environments, Hum-Centr Comput Inform Sci 10 (2020) 1–31.

[48]

Mo J., Shen W., Pan W., An improved anonymous authentication protocol for wearable health monitoring systems, Wirel Commun Mob Comput 2020 (2020).

Digital Library

[49]

Dolev D., Yao A., On the security of public key protocols, IEEE Trans Inform Theory 29 (2) (1983) 198–208.

Digital Library

[50]

Katz J., Lindell Y., Introduction to modern cryptography, CRC Press, 2014.

Digital Library

[51]

Dodis Y., Reyzin L., Smith A., Fuzzy extractors: How to generate strong keys from biometrics and other noisy data, in: International conference on the theory and applications of cryptographic techniques, Springer, 2004, pp. 523–540.

[52]

Burrows M., Abadi M., Needham R.M., A logic of authentication, Proc R Soc Lond Ser A Math Phys Eng Sci 426 (1871) (1989) 233–271.

[53]

Abdalla M., Fouque P.-A., Pointcheval D., Password-based authenticated key exchange in the three-party setting, in: International workshop on public key cryptography, Springer, 2005, pp. 65–84.

[54]

Das A.K., Wazid M., Yannam A.R., Rodrigues J.J., Park Y., Provably secure ECC-based device access control and key agreement protocol for IoT environment, IEEE Access 7 (2019) 55382–55397.

[55]

Granlund T., Instruction latencies and throughput for AMD and Intel x86 Processors, KTH, 2012.

[56]

Barman S., Shum H.P., Chattopadhyay S., Samanta D., A secure authentication protocol for multi-server-based e-healthcare using a fuzzy commitment scheme, IEEE Access 7 (2019) 12557–12574.

Cited By

Mohinder Singh BNatarajan J(2023)A novel secure authentication protocol for eHealth records in cloud with a new key generation method and minimized key exchangeJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10162935:7Online publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1016/j.jksuci.2023.101629
Ding ZXie Q(2023)Provably secure and lightweight three-factor authentication scheme for industrial medical CPSJournal of Information Security and Applications10.1016/j.jisa.2023.10365679:COnline publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103656

Index Terms

An efficient mutual authentication and privacy prevention scheme for e-healthcare monitoring

Index terms have been assigned to the content through auto-classification.

Recommendations

An Efficient Mutual Authentication Framework for Healthcare System in Cloud Computing

The increasing role of Telecare Medicine Information Systems (TMIS) makes its accessibility for patients to explore medical treatment, accumulate and approach medical data through internet connectivity. Security and privacy preservation is necessary for ...
Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems

The E-health care systems employ IT infrastructure for maximizing health care resources utilization as well as providing flexible opportunities to the remote patient. Therefore, transmission of medical data over any public networks is necessary in ...
An efficient biometric-based privacy-preserving three-party authentication with key agreement protocol using smart cards

In communication systems, authentication protocols play an important role in protecting sensitive information against a malicious adversary by means of providing a variety of services such as mutual authentication, user credentials' privacy, and user ...

Comments

Information & Contributors

Information

Published In

cover image Journal of Information Security and Applications

Journal of Information Security and Applications Volume 63, Issue C

Dec 2021

515 pages

ISSN:2214-2126

Issue’s Table of Contents

Elsevier Ltd.

Publisher

Elsevier Science Inc.

United States

Publication History

Published: 01 December 2021

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 06 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mohinder Singh BNatarajan J(2023)A novel secure authentication protocol for eHealth records in cloud with a new key generation method and minimized key exchangeJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10162935:7Online publication date: 1-Jul-2023
https://dl.acm.org/doi/10.1016/j.jksuci.2023.101629
Ding ZXie Q(2023)Provably secure and lightweight three-factor authentication scheme for industrial medical CPSJournal of Information Security and Applications10.1016/j.jisa.2023.10365679:COnline publication date: 1-Dec-2023
https://dl.acm.org/doi/10.1016/j.jisa.2023.103656

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents