Skip to main content

Advertisement

SpringerLink
Log in

ICASME: An Improved Cloud-Based Authentication Scheme for Medical Environment

  • Mobile & Wireless Health
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Unlike the traditional medical system, telecare medicine information system (TMIS) ensures that patients can get health-care services via the Internet at home. Authenticated key agreement protocol is very important for protecting the security in TMIS. Recently scholars have proposed a lot of authenticated key agreement protocols. In 2016, Chiou et al. demonstrated that Chen et al.’s authentication scheme fails to provide user’s anonymity and message authentication and then proposed an enhanced scheme (Chiou et al., J. Med. Syst. 40(4):1–15, 2006) to overcome these drawbacks. In this paper, we demonstrate that Chiou et al.’s scheme is defenseless against key compromise impersonation (KCI) attack and also fails to provide forward security. Moreover, we propose a novel authentication scheme namely ICASME to overcome the mentioned weaknesses in this paper. Security analyses show that ICASME achieves the forward security and KCI attack resistance. In addition, it is proved that the time taken to implement the ICASME is not intolerable compared to the original protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Rashvand, H., Salcedo, V., Sanchez, E., and Iliescu, D., Ubiquitous Wireless Telemedicine. IET Communications 2(2):237–254, 2008.

    Article  Google Scholar 

  2. Xia, Z., Wang, X., Sun, X., and Wang, Q., A Secure and Dynamic Multi-keyword Ranked Search Scheme over Encrypted Cloud Data. IEEE Transactions on Parallel and Distributed Systems 27(2):340–352, 2016.

    Article  Google Scholar 

  3. He, D., Zeadally, S., and Wu, L., Certificateless Public Auditing Scheme for Cloud-assisted Wireless Body Area Networks. IEEE Systems Journal. doi:10.1109/JSYST.2015.2428620, 2015.

  4. He, D., and Wang, D., Robust Biometrics-based Authentication Scheme for Multi-server Environment. IEEE Systems Journal 9(3):816–823, 2015.

    Article  Google Scholar 

  5. He, D., Neeraj, K., Naveen, C., A Secure Temporal-credential-based Mutual Authentication and Key Agreement Scheme with Pseudo Identity for Wireless Sensor Networks. Information Sciences 321:263–277, 2015.

    Article  Google Scholar 

  6. Hassan, M. M., Lin, K., and et al., A Multimedia Healthcare Data Sharing Approach Through Cloud-based Body Area Network. Future Generation Computer Systems 66(1):48–58, 2017.

    Article  Google Scholar 

  7. Jiang, Q., Wei, S., and et al., Robust Extended Chaotic Maps-based Three-factor Authentication Scheme Preserving Biometric Template Privacy. Nonlinear Dynamics 83(4):2085–2101, 2016.

    Article  Google Scholar 

  8. Lamport, L., Password Authentication with Insecure Communication. Communications of the ACM 24(24): 770–772, 1981.

    Article  Google Scholar 

  9. Lee, J. K., Ryu, S. R., and Yoo, K. Y., Fingerprint-based Remote User Authentication Scheme Using Smart Cards. Electronics Letters 38(12):554–555, 2002.

    Article  Google Scholar 

  10. Lin, C. H., and Lai, Y. Y., A Flexible Biometrics Remote User Authentication Scheme. Computer Standards & Interfaces 27(1):19–23, 2004.

    Article  Google Scholar 

  11. Das, A. K., Analysis and Improvement on an Efficient Biometric-based Remote User Authentication Scheme Using Smart Cards. IET Information Security 5(3):145–151, 2011.

    Article  Google Scholar 

  12. Tan, Z. W., An Efficient Biometric-based Authentication Scheme for Telecare Medicine Information Systems. Przeglad Elektrotechniczny 89(5):200–204, 2013.

    Google Scholar 

  13. Jiang, Q., Ma, J., and et al., Improvement of Robust Smart-card-based Password Authentication Scheme. International Journal of Communication Systems 28(2):383–393, 2015.

    Article  Google Scholar 

  14. David, D. B., Rajappa, M., Karupuswamy, T., and et al., A Dynamic-Identity Based Multimedia Server Client Authentication Scheme for Tele-Care Multimedia Medical Information System. Wireless Personal Communications 85(1):241–261, 2015.

    Article  Google Scholar 

  15. Chiou, S. Y., Ying, Z., and Liu, J., Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment. J. Med. Syst. 40(4):1–15, 2016.

    Article  Google Scholar 

  16. Fu, Z., Wu, X., Guan, C., and et al., Towards Efficient Multi-keyword Fuzzy Search over Encrypted Outsourced Data with Accuracy Improvement. IEEE Transactions on Information Forensics and Security 11(12):2706–2716, 2016.

    Article  Google Scholar 

  17. He, D., and Zeadally, S., Authentication Protocol for Ambient Assisted Living System. IEEE Communications Magazine 35(1):71–77, 2015.

    Article  Google Scholar 

  18. Jiang, Q., Muhammad, K., and et al., A Privacy Preserving Three-factor Authentication Protocol for E-health Clouds. Journal of Supercomputing 72(10):3826–3849, 2016.

    Article  Google Scholar 

  19. He, D., Sherali, Z., Neeraj, K., Lee, J.: Anonymous Authentication for Wireless Body Area Networks with Provable Security. IEEE Systems Journal. doi:10.1109/JSYST.2016.2544805, 2016.

  20. Zhang, L., Zhu, S., and Tang, S., Privacy Protection for Telecare Medicine Information Systems using a Chaotic Map-based Three-factor Authenticated Key Agreement Scheme. IEEE Journal of Biomedical & Health Informatics. doi:10.1109/JBHI.2016.2517146, 2016.

  21. Colin, B., and Anish, M., Protocols for Authentication and Key Establishment. Springer (2003)

  22. Menezes, A. J., Vanstone, S. A., and Oorschot, P.C.V., Handbook of Applied Cryptography. CRC Press, 1997.

  23. Anderson, R., Two Remarks on Public-Key Cryptology. Proceedings of CCCS: Invited lecture, 1997.

    Google Scholar 

  24. Bellare, M., and Rogaway, P., Random Oracles are Practical: a Paradigm for Designing Efficient Protocols. In: Proceedings of the First ACM conference on Computer and communications security. 62–73, 1993.

    Google Scholar 

  25. He, D., Kumar, N., Khan, M. K., and Lee, J. H., Anonymous Two-factor Authentication for Consumer Roaming Service in Global Mobility Networks. IEEE Transactions on Consumer Electronics 59(4):811–817, 2013.

    Article  Google Scholar 

  26. Jiang, Q., Ma, J., Li, G., and Yang, L., An Efficient Ticket Based Authentication Protocol with Unlinkability for Wireless Access Networks. Wireless Personal Communications 77(2):1489–1506, 2014.

    Article  Google Scholar 

Download references

Acknowledgment

The authors express their deep appreciation to the helpful comments and suggestions of the anonymous reviewers, which have improved the presentation. This work was was funded by the National High Technology Research and Development Program (863 Program) (No. 2015AA016007 & No. 2015AA017203).

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Xidian University, Xi’an, 710071, China

    Qingfeng Cheng & Jianfeng Ma

  2. Luoyang University of Foreign Languages, Luoyang, Henan, 471003, China

    Qingfeng Cheng & Xinglong Zhang

Authors
  1. Qingfeng Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xinglong Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jianfeng Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qingfeng Cheng.

Additional information

This article is part of the Topical Collection on Mobile & Wireless Health

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Cheng, Q., Zhang, X. & Ma, J. ICASME: An Improved Cloud-Based Authentication Scheme for Medical Environment. J Med Syst 41, 44 (2017). https://doi.org/10.1007/s10916-017-0693-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-017-0693-8

Keywords

Search

Navigation