1
|
Provably Secure and Lightweight Patient Monitoring Protocol for Wireless Body Area Network in IoHT. JOURNAL OF HEALTHCARE ENGINEERING 2023; 2023:4845850. [PMID: 36814548 PMCID: PMC9940953 DOI: 10.1155/2023/4845850] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 04/21/2022] [Revised: 06/04/2022] [Accepted: 11/24/2022] [Indexed: 02/16/2023]
Abstract
As one of the important applications of Internet of Health Things (IoHT) technology in the field of healthcare, wireless body area network (WBAN) has been widely used in medical therapy, and it can not only monitor and record physiological information but also transmit the data collected by sensor devices to the server in time. However, due to the unreliability and vulnerability of wireless network communication, as well as the limited storage and computing resources of sensor nodes in WBAN, a lot of authentication protocols for WBAN have been devised. In 2021, Alzahrani et al. designed an anonymous medical monitoring protocol, which uses lightweight cryptographic primitives for WBAN. However, we find that their protocol is defenseless to off-line identity guessing attacks, known-key attacks, and stolen-verifier attacks and has no perfect forward secrecy. Therefore, a patient monitoring protocol for WBAN in IoHT is proposed. We use security proof under the random oracle model (ROM) and automatic verification tool ProVerif to demonstrate that our protocol is secure. According to comparisons with related protocols, our protocol can achieve both high computational efficiency and security.
Collapse
|
2
|
Agrahari AK, Varma S, Venkatesan S. Two factor authentication protocol for IoT based healthcare monitoring system. JOURNAL OF AMBIENT INTELLIGENCE AND HUMANIZED COMPUTING 2022; 14:1-18. [PMID: 35462633 PMCID: PMC9013638 DOI: 10.1007/s12652-022-03834-9] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Figures] [Subscribe] [Scholar Register] [Received: 03/01/2021] [Accepted: 03/28/2022] [Indexed: 06/14/2023]
Abstract
In the last few years, technological advancement has led to the use of wearable body sensors for gathering patient information. Wireless body area networks played an essential role in the modern medical era. Through wearable body sensors, patient data are sent to medical professionals in real-time without any hindrance. This information moves through the public channel, and thus proper security and protection are needed because of its sensitiveness. Many authentication protocols proposed for solving these issues were neither secure nor cost-effective. This paper proposed an authentication protocol using certificateless cryptography for wireless body area networks to resolve the associated security concerns. A formal security analysis is done using the Burrows-Abadi-Needham logic shows that the proposed protocol is resilient against prevailing attacks. Additionally, we employ the Real-or-Random model for mathematical proof and Automated Verification Security Protocol and Analysis simulation tool for security analysis. A detailed comprehensive comparison with the existing protocols indicates that the proposed protocol is cost-effective with improved functionality.
Collapse
Affiliation(s)
- Abhay Kumar Agrahari
- Indian Institute of Information Technology, Allahabad, Uttar Pradesh 211012 India
| | - Shirshu Varma
- Indian Institute of Information Technology, Allahabad, Uttar Pradesh 211012 India
| | - S. Venkatesan
- Indian Institute of Information Technology, Allahabad, Uttar Pradesh 211012 India
| |
Collapse
|
3
|
An enhanced scalable and secure RFID authentication protocol for WBAN within an IoT environment. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS 2021. [DOI: 10.1016/j.jisa.2020.102705] [Citation(s) in RCA: 15] [Impact Index Per Article: 5.0] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 11/19/2022]
|
4
|
Re-AuTh: Lightweight Re-Authentication with Practical Key Management for Wireless Body Area Networks. ARABIAN JOURNAL FOR SCIENCE AND ENGINEERING 2021. [DOI: 10.1007/s13369-021-05442-9] [Citation(s) in RCA: 5] [Impact Index Per Article: 1.7] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 01/25/2023]
|
5
|
Efficient and privacy-preserving authentication scheme for wireless body area networks. JOURNAL OF INFORMATION SECURITY AND APPLICATIONS 2020. [DOI: 10.1016/j.jisa.2020.102499] [Citation(s) in RCA: 18] [Impact Index Per Article: 4.5] [Reference Citation Analysis] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 11/20/2022]
|
6
|
Kasyoka P, Kimwele M, Mbandu Angolo S. Certificateless pairing-free authentication scheme for wireless body area network in healthcare management system. J Med Eng Technol 2020; 44:12-19. [PMID: 31939688 DOI: 10.1080/03091902.2019.1707890] [Citation(s) in RCA: 7] [Impact Index Per Article: 1.8] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 01/11/2023]
Abstract
With the current advancement in technology, the use of Wireless Body Area Networks (WBANs) has become popular in the healthcare management. They provide a mechanism to collect and transmit physiological data to healthcare providers in remote locations. With the need to secure healthcare data becoming a global concern, mechanisms must be put in place to ensure secure communication of physiological data collected in WBANs. This paper, presents a new authentication scheme for WBANs based on Elliptic Curve Cryptography. Sensor nodes used in WBANs are resource constraint and for that reason, the proposed scheme is both certificateless and pairing-free. We compared the efficiency of our proposed authentication scheme with other related schemes and found that our scheme had considerable efficiency in terms of communication cost and running time.
Collapse
Affiliation(s)
- Philemon Kasyoka
- School of Computing and Information Technology, Jomo Kenyatta University of Agriculture and Technology, Nairobi, Kenya.,School of Information and Communication Technology, South Eastern Kenya University, Kitui, Kenya
| | - Michael Kimwele
- School of Computing and Information Technology, Jomo Kenyatta University of Agriculture and Technology, Nairobi, Kenya
| | - Shem Mbandu Angolo
- School of Computing and Mathematics, Co-operative University of Kenya, Karen, Nairobi, Kenya
| |
Collapse
|
7
|
Odelu V, Saha S, Prasath R, Sadineni L, Conti M, Jo M. Efficient privacy preserving device authentication in WBANs for industrial e-health applications. Comput Secur 2019. [DOI: 10.1016/j.cose.2019.03.002] [Citation(s) in RCA: 10] [Impact Index Per Article: 2.0] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 10/27/2022]
|
8
|
A Privacy-Preserving Authentication and Key Agreement Scheme with Deniability for IoT. ELECTRONICS 2019. [DOI: 10.3390/electronics8040450] [Citation(s) in RCA: 6] [Impact Index Per Article: 1.2] [Reference Citation Analysis] [Abstract] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 11/16/2022]
Abstract
User authentication for the Internet of Things (IoT) is a vital measure as it consists of numerous unattended connected devices and sensors. For security, only the user authenticated by the gateway node can access the real-time data gathered by sensor nodes. In this article, an efficient privacy-preserving authentication and key agreement scheme for IoT is developed which enables the user, the gateway node and sensor nodes to authenticate with each other. Only the trusted gateway node can determine the real identity of user; however, no other entities can get information about user’ identity by just intercepting all exchanged messages during authentication phase. The gateway cannot prove the received messages from the sender to a third party, and thus preserving the privacy of the sender. The correctness of the proposed scheme is proved to be feasible by using BAN logic, and its security is proved under the random oracle model. The execution time of the proposed scheme is evaluated and compared with existing similar schemes, and the results demonstrate that our proposed scheme is more efficient and applicable for IoT applications.
Collapse
|
9
|
A Secure Mutual Batch Authentication Scheme for Patient Data Privacy Preserving in WBAN. SENSORS 2019; 19:s19071608. [PMID: 30987177 PMCID: PMC6480194 DOI: 10.3390/s19071608] [Citation(s) in RCA: 13] [Impact Index Per Article: 2.6] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Received: 03/01/2019] [Revised: 03/18/2019] [Accepted: 03/26/2019] [Indexed: 11/16/2022]
Abstract
The current advances in cloud-based services have significantly enhanced individual satisfaction in numerous modern life areas. Particularly, the recent spectacular innovations in the wireless body area networks (WBAN) domain have made e-Care services rise as a promising application field, which definitely improves the quality of the medical system. However, the forwarded data from the limited connectivity range of WBAN via a smart device (e.g., smartphone) to the application provider (AP) should be secured from an unapproved access and alteration (attacker) that could prompt catastrophic consequences. Therefore, several schemes have been proposed to guarantee data integrity and privacy during their transmission between the client/controller (C) and the AP. Thereby, numerous effective cryptosystem solutions based on a bilinear pairing approach are available in the literature to address the mentioned security issues. Unfortunately, the related solution presents security shortcomings, where AP can with ease impersonate a given C. Hence, this existing scheme cannot fully guarantee C's data privacy and integrity. Therefore, we propose our contribution to address this data security issue (impersonation) through a secured and efficient remote batch authentication scheme that genuinely ascertains the identity of C and AP. Practically, the proposed cryptosystem is based on an efficient combination of elliptical curve cryptography (ECC) and bilinear pairing schemes. Furthermore, our proposed solution reduces the communication and computational costs by providing an efficient data aggregation and batch authentication for limited device's resources in WBAN. These additional features (data aggregation and batch authentication) are the core improvements of our scheme that have great merit for limited energy environments like WBAN.
Collapse
|
10
|
Chen R, Peng D. Analysis and Improvement of a Mutual Authentication Scheme for Wireless Body Area Networks. J Med Syst 2018; 43:19. [PMID: 30564900 DOI: 10.1007/s10916-018-1129-9] [Citation(s) in RCA: 6] [Impact Index Per Article: 1.0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 01/31/2018] [Accepted: 11/26/2018] [Indexed: 11/28/2022]
Abstract
An increase in aging population and the consequent chronic diseases pose not only serious effects to the economy but also a heavy burden to the medical system. Wireless body area networks (WBANs) provide a simple and low-cost strategy for health monitoring and telemedicine of the elderly. Many authentication schemes based on WBAN have been presented to address the sensitivity and privacy of collected data and the open characteristic of wireless networks. Wu et al. recently presented an efficient anonymous authentication scheme for WBANs, in which a one-side bilinear pairing methodology was applied to reduce the burden on the WBAN client side. However, we demonstrate that their scheme suffers from client impersonation attacks and that the adversary can easily forge a legal client to access the network service. In this paper, we analyze the limitations of Wu et al.'s scheme and design a novel mutual authentication scheme for WBANs that adopt asymmetric bilinear pairing to enhance security. Results of security and performance analyses reveal that the new scheme offers more effective security, better performance, and higher efficiency than Wu et al.'s scheme. We also provide a formal security proof of the protocol by using BAN authentication logic.
Collapse
Affiliation(s)
- Rui Chen
- College of Computer Science, Sichuan Normal University and College of Computer Science, Sichuan University, Chengdu, China
| | - Dezhong Peng
- College of Computer Science, Sichuan University, Chengdu, China. .,Chengdu Ruibei Yingte Information Technology Limited Company, Chengdu, China.
| |
Collapse
|
11
|
Liu X, Jin C, Li F. An Improved Two-Layer Authentication Scheme for Wireless Body Area Networks. J Med Syst 2018; 42:143. [PMID: 29959607 DOI: 10.1007/s10916-018-0990-x] [Citation(s) in RCA: 18] [Impact Index Per Article: 3.0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 03/31/2018] [Accepted: 06/07/2018] [Indexed: 11/25/2022]
Abstract
Wireless body area networks (WBANs) comprises a number of sensor nodes and the portable mobile device such as smartphone. It is used to monitor the physical condition and provide a reliable healthcare system. Utilizing the wireless communication network, sensor nodes collect the physiological data of one patient to the portable mobile device and the latter analyzes and transmits them to the application providers. Therefore, the personal data confidentiality and user privacy are cores of WBANs. Recently, Shen et al. presented a multi-layer authentication protocol for WBANs, which is lightweight and much easier to implement. However, we observe that their authentication between sensor nodes and the portable mobile device could ensure the forward security property only when the sensor nodes are changed (add or delete). When the sensor nodes are constant, the security property is not satisfied. Meanwhile, the authentication between the portable mobile device and application provider is prone to mutual impersonation attack, so the critical goal of mutual authentication can not be achieved. In this paper, an improved two-layer authentication scheme is proposed to remove the flaws. The analysis shows that our method is more secure and could withstand various attacks.
Collapse
Affiliation(s)
- Xiaoguang Liu
- Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, Sichuan, 611731, People's Republic of China.
- School of Computer Science and Technology, Southwest University for Nationalities, Chengdu, Sichuan, 610041, People's Republic of China.
| | - Chunhua Jin
- The Laboratory for Internet of Things and Mobile Internet Technology of Jiangsu Province, Huaiyin Institute of Technology, Huaian, Jiangsu, 223003, People's Republic of China
| | - Fagen Li
- Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, Sichuan, 611731, People's Republic of China
| |
Collapse
|
12
|
Public Auditing with Privacy Protection in a Multi-User Model of Cloud-Assisted Body Sensor Networks. SENSORS 2017; 17:s17051032. [PMID: 28475110 PMCID: PMC5469637 DOI: 10.3390/s17051032] [Citation(s) in RCA: 5] [Impact Index Per Article: 0.7] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Download PDF] [Figures] [Subscribe] [Scholar Register] [Received: 03/09/2017] [Revised: 04/25/2017] [Accepted: 04/27/2017] [Indexed: 11/30/2022]
Abstract
Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users’ medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs’ applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs’ deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.
Collapse
|
13
|
An Efficient Remote Authentication Scheme for Wireless Body Area Network. J Med Syst 2016; 41:25. [PMID: 28004287 DOI: 10.1007/s10916-016-0670-7] [Citation(s) in RCA: 22] [Impact Index Per Article: 2.8] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 06/02/2016] [Accepted: 12/07/2016] [Indexed: 10/20/2022]
Abstract
Wireless body area network (WBAN) provide a mechanism of transmitting a persons physiological data to application providers e.g. hospital. Given the limited range of connectivity associated with WBAN, an intermediate portable device e.g. smartphone, placed within WBAN's connectivity, forwards the data to a remote server. This data, if not protected from an unauthorized access and modification may be lead to poor diagnosis. In order to ensure security and privacy between WBAN and a server at the application provider, several authentication schemes have been proposed. Recently, Wang and Zhang proposed an authentication scheme for WBAN using bilinear pairing. However, in their scheme, an application provider could easily impersonate a client. In order to overcome this weakness, we propose an efficient remote authentication scheme for WBAN. In terms of performance, our scheme can not only provide a malicious insider security, but also reduce running time of WBAN (client) by 51 % as compared to Wang and Zhang scheme.
Collapse
|
14
|
Jiang Q, Lian X, Yang C, Ma J, Tian Y, Yang Y. A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth. J Med Syst 2016; 40:231. [DOI: 10.1007/s10916-016-0587-1] [Citation(s) in RCA: 36] [Impact Index Per Article: 4.5] [Reference Citation Analysis] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 06/14/2016] [Accepted: 09/04/2016] [Indexed: 11/28/2022]
|
15
|
Efficient and Anonymous Authentication Scheme for Wireless Body Area Networks. J Med Syst 2016; 40:134. [PMID: 27091755 DOI: 10.1007/s10916-016-0491-8] [Citation(s) in RCA: 32] [Impact Index Per Article: 4.0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 12/06/2015] [Accepted: 04/05/2016] [Indexed: 10/21/2022]
Abstract
As a significant part of the Internet of Things (IoT), Wireless Body Area Network (WBAN) has attract much attention in this years. In WBANs, sensors placed in or around the human body collect the sensitive data of the body and transmit it through an open wireless channel in which the messages may be intercepted, modified, etc. Recently, Wang et al. presented a new anonymous authentication scheme for WBANs and claimed that their scheme can solve the security problems in the previous schemes. Unfortunately, we demonstrate that their scheme cannot withstand impersonation attack. Either an adversary or a malicious legal client could impersonate another legal client to the application provider. In this paper, we give the detailed weakness analysis of Wang et al.'s scheme at first. Then we present a novel anonymous authentication scheme for WBANs and prove that it's secure under a random oracle model. At last, we demonstrate that our presented anonymous authentication scheme for WBANs is more suitable for practical application than Wang et al.'s scheme due to better security and performance. Compared with Wang et al.'s scheme, the computation cost of our scheme in WBANs has reduced by about 31.58%.
Collapse
|
16
|
Li CT, Lee CC, Weng CY. A Secure Cloud-Assisted Wireless Body Area Network in Mobile Emergency Medical Care System. J Med Syst 2016; 40:117. [PMID: 27000778 DOI: 10.1007/s10916-016-0474-9] [Citation(s) in RCA: 27] [Impact Index Per Article: 3.4] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 11/04/2015] [Accepted: 03/08/2016] [Indexed: 10/22/2022]
Abstract
Recent advances in medical treatment and emergency applications, the need of integrating wireless body area network (WBAN) with cloud computing can be motivated by providing useful and real time information about patients' health state to the doctors and emergency staffs. WBAN is a set of body sensors carried by the patient to collect and transmit numerous health items to medical clouds via wireless and public communication channels. Therefore, a cloud-assisted WBAN facilitates response in case of emergency which can save patients' lives. Since the patient's data is sensitive and private, it is important to provide strong security and protection on the patient's medical data over public and insecure communication channels. In this paper, we address the challenge of participant authentication in mobile emergency medical care systems for patients supervision and propose a secure cloud-assisted architecture for accessing and monitoring health items collected by WBAN. For ensuring a high level of security and providing a mutual authentication property, chaotic maps based authentication and key agreement mechanisms are designed according to the concept of Diffie-Hellman key exchange, which depends on the CMBDLP and CMBDHP problems. Security and performance analyses show how the proposed system guaranteed the patient privacy and the system confidentiality of sensitive medical data while preserving the low computation property in medical treatment and remote medical monitoring.
Collapse
Affiliation(s)
- Chun-Ta Li
- Department of Information Management, Tainan University of Technology, No. 529, Zhongzheng Road, Tainan City, 71002, Taiwan, People's Republic of China
| | - Cheng-Chi Lee
- Department of Library and Information Science, Fu Jen Catholic University, No. 510, Jhongjheng Road, New Taipei City, 24205, Taiwan, People's Republic of China. .,Department of Photonics and Communication Engineering, Asia University, No. 500, Lioufeng Road, Taichung City, 41354, Taiwan, People's Republic of China.
| | - Chi-Yao Weng
- Department of Computer Science, National Pingtung University, No. 4-18, Min-Sheng Road, Pingtung City, 90003, Taiwan, People's Republic of China
| |
Collapse
|