Abstract
Due to the tremendous rise of the cloud computing and the Internet of Things (IoT) paradigms, the possibility of remote monitoring of the patients in real time by a remote Medical Professional (MP) has become feasible and patients can enjoy healthcare services at home. To achieve this, the patient’s medical data will need to be stored on the Cloud server. However, patient’s medical data stored on server are highly sensitive and, hence, the Cloud-IoT network becomes open to many attacks. For that reason, it must ensure that patients’ medical data do not get exposed to malicious users. This makes strong user authentication a prerequisite for the successful global deployment of centralized healthcare systems. In this paper, we present an efficient, strong authentication protocol, for the MP to access patient data for healthcare applications based on Cloud-IoT network. The proposed protocol includes: (1) three-factor MP authentication (i.e. password, biometrics and smartcard); (2) mutual authentication between MP and the cloud server; (3) establishes a secure shared session key; and (4) maintains key freshness. Furthermore, the proposed protocol uses only two message exchanges between MP and cloud server, and attains efficiency (i.e. low computation and communication costs). Through the formal analysis using AVISPA web tool, security analysis and performance analysis, we conclude that the proposed protocol is more secure against potential attacks and obtains a trade-off between security and performance cost for healthcare application using Cloud-IoT networks.
Similar content being viewed by others
References
Abdmeziem MR, Tandjaoui D (2015) An end-to-end secure key management protocol for e-health applications. Comput Electr Eng 44:184–197
Watro R, Kong D, Cuti S, Gardiner C, Lynn C, Kruus P (2004) TinyPK: securing sensor networks with public key technology. In: Proceedings of the 2nd ACM workshop on security of ad hoc and sensor networks, ACM, pp 59–64
Benenson Z, Gedicke N, Raivio O (2005) Realizing robust user authentication in sensor networks. Real-World Wirel Sens Netw 14:52
Wong KHM, Zheng Y, Cao J, Wang S (2006) A dynamic user authentication scheme for wireless sensor networks. In: IEEE international conference on sensor networks, ubiquitous, and trustworthy computing (SUTC’06), IEEE, vol 1, pp 8
Tseng H-R, Jan R-H, Yang W (2007) An improved dynamic user authentication scheme for wireless sensor networks. In: IEEE GLOBECOM 2007-IEEE global telecommunications conference, pp 986–990
Hu F, Jiang M, Wagner M, Dong D-C (2007) Privacy-preserving telecardiology sensor networks: toward a low-cost portable wireless hardware/software codesign. IEEE Trans Inf Technol Biomed 11(6):619–627
Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun 8(3):1086–1090
Huang Y-M, Hsieh M-Y, Chao H-C, Hung S-H, Park JH (2009) Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks. IEEE J Select Areas Commun 27(4):400–411
Malasri K, Wang L (2009) Design and implementation of a securewireless mote-based medical sensor network. Sensors 9(8):6273–6297
Sriram JC, Shin M, Choudhury T, Kotz D (2009) Activity-aware ECG-based patient authentication for remote health monitoring. In: Proceedings of the 2009 international conference on multimodal interfaces, pp 297–304
Sarier ND (2010) Improving the accuracy and storage cost in biometric remote authentication schemes. J Netw Comput Appl 33(3):268–274
Venkatasubramanian KK, Banerjee A, Gupta SKS (2010) PSKA: usable and secure key agreement scheme for body area networks. IEEE Trans Inf Technol Biomed 14(1):60–68
Yuan J, Jiang C, Jiang Z (2010) A biometric-based user authentication for wireless sensor networks. Wuhan Univ J Nat Sci 15(3):272–276
Chen T-H, Chen Y-C, Shih W-K, Wei H-W (2011) An efficient anonymous authentication protocol for mobile pay-TV. J Netw Comput Appl 34(4):1131–1137
Le XH, Khalid M, Sankar R, Lee S (2011) An efficient mutual authentication and access control scheme for wireless sensor networks in healthcare. J Netw 6(3):355–364
Yeh H-L, Chen T-H, Liu P-C, Kim T-H, Wei H-W (2011) A secured authentication protocol for wireless sensor networks using elliptic curves cryptography. Sensors 11(5):4767–4779
Chen H, Ge L, Xie L (2015) A user authentication scheme based on elliptic curves cryptography for wireless ad hoc networks. Sensors 15(7):17057–17075
Yoon E-J, Yoo K-Y (2011) A new biometric-based user authentication scheme without using password for wireless sensor networks. In: 2011 20th IEEE international workshops on enabling technologies: infrastructure for collaborative enterprises (WETICE), pp 279–284
Drira W, Renault E, Zeghlache D (2012) A hybrid authentication and key establishment scheme for WBAN. In: 2012 IEEE 11th international conference on trust, security and privacy in computing and communications, pp 78–83
He D, Chen C, Chan S, Bu J, Vasilakos AV (2012) ReTrust: attack-resistant and lightweight trust management for medical sensor networks. IEEE Trans Inf Technol Biomed 16(4):623–632
Kumar P, Ylianttila M, Gurtov A, Lee S-G, Lee H-J (2014) An efficient and adaptive mutual authentication framework for heterogeneous wireless sensor network-based applications. Sensors 14(2):2732–2755
Zhang Z, Wang H, Vasilakos AV, Fang H (2012) ECG-cryptography and authentication in body area networks. IEEE Trans Inf Technol Biomed 16(6):1070–1078
Althobaiti O, Al-Rodhaan M, Al-Dhelaan A (2013) An efficient biometric authentication protocol for wireless sensor networks. Int J Distrib Sens Netw 9(5):407971
Barua M, Lu R, Shen X (2013) SPS: secure personal health information sharing with patient-centric access control in cloud computing. In: 2013 IEEE global communications conference (GLOBECOM), pp 647–652
Divi K, Liu H (2013) Modeling of WBAN and cloud integration for secure and reliable healthcare. In: Proceedings of the 8th international conference on body area networks, pp 128–131
Li M, Yu S, Guttman JD, Lou W, Ren K (2013) Secure ad hoc trust initialization and key management in wireless body area networks. ACM Trans Sens Netw 9(2):18
Lv C, Ma M, Li H, Ma J, Zhang Y (2013) An novel three-party authenticated key exchange protocol using one-time key. J Netw Comput Appl 36(1):498–503
Shi L, Li M, Yu S, Yuan J (2013) BANA: body area network authentication exploiting channel characteristics. IEEE J Select Areas Commun 31(9):1803–1816
Xue K, Ma C, Hong P, Ding R (2013) A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. J Netw Comput Appl 36(1):316–323
Shi W, Gong P (2013) A new user authentication protocol for wireless sensor networks using elliptic curves cryptography. Int J Distrib Sens Netw 9(4):730831
Almashaqbeh G, Hayajneh T, Vasilakos AV, Mohd BJ (2014) QoS-aware health monitoring system using cloud-based WBANs. J Med Syst 38(10):1–20
Han ND, Han L, Tuan DM, In HP, Jo M (2014) A scheme for data confidentiality in cloud-assisted wireless body area networks. Inf Sci 284:157–166
Mishra D, Srinivas J, Mukhopadhyay S (2014) A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J Med Syst 38(10):1–10
Tan Z (2014) A user anonymity preserving three-factor authentication scheme for telecare medicine information systems. J Med Syst 38(3):1–9
Thilakanathan D, Chen S, Nepal S, Calvo R, Alem L (2014) A platform for secure monitoring and sharing of generic health data in the Cloud. Futur Gener Comput Syst 35:102–113
Xu J, Zhu W-T, Feng D-G (2009) An improved smart card based password authentication scheme with provable security. Comput Stand Interfaces 31(4):723–728
Zhao Z (2014) An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J Med Syst 38(2):1–7
Ullah S, Imran M, Alnuem M (2014) A hybrid and secure priority-guaranteed MAC protocol for wireless body area network. Int J Distrib Sens Netw 10(2):481761
Yang H, Kim H, Mtonga K (2015) An efficient privacy-preserving authentication scheme with adaptive key evolution in remote health monitoring system. Peer-to-Peer Netw Appl 8(6):1059–1069
Shankar SK, Tomar AS, Tak GK (2015) Secure medical data transmission by using ECC with mutual authentication in WSNs. Procedia Comput Sci 70:455–461
Quan Z, Chunming T, Xianghan Z, Chunming R (2015) A secure user authentication protocol for sensor network in data capturing. J Cloud Comput 4(1):1–12
Lu Y, Li L, Peng H, Yang Y (2015) An enhanced biometric-based authentication scheme for telecare medicine information systems using elliptic curve cryptosystem. J Med Syst 39(3):1–8
Arshad H, Nikooghadam M (2014) Three-factor anonymous authentication and key agreement scheme for telecare medicine information systems. J Med Syst 38(12):1–12
Hossain MS, Muhammad G (2015) Cloud-assisted speech and face recognition framework for health monitoring. Mobile Netw Appl 20(3):391–399
Amin R, Biswas GP (2015) A secure three-factor user authentication and key agreement protocol for tmis with user anonymity. J Med Syst 39(8):1–19
Xu X, Zhu P, Wen Q, Jin Z, Zhang H, He L (2014) A secure and efficient authentication and key agreement scheme based on ecc for telecare medicine information systems. J Med Syst 38(1):1–7
Liu C, Chung Y (2017) Secure user authentication scheme for wireless healthcare sensor networks. Comput Electr Eng 59:250–261
Moosavi SR et al (2016) End-to-end security scheme for mobility enabled healthcare Internet of Things. Futur Gener Comput Syst 64:108–124
Wu F, Xu L, Kumari S, Li X, Das AK, Shen J (2017) A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Hum Comput 2017:1–12
Dhillon PK, Kalra S (2017) A lightweight biometrics based remote user authentication scheme for IoT services. J Inf Secur Appl 34:255–270
Li C-T, Wu T-Y, Chen C-L, Lee C-C, Chen C-M (2017) An efficient user authentication and user anonymity scheme with provably security for IoT-based medical care system. Sensors 17(7):1482
Dhillon PK, Kalra S (2017) Secure multi-factor remote user authentication scheme for Internet of Things environments. Int J Commun Syst 30(16)
Góodor G, Szendi P, Imre S (2010) Elliptic curve cryptography based authentication protocol for small computational capacity RFID systems. In: Proceedings of the 6th ACM workshop on QoS and security for wireless and mobile networks, pp 98–105
Niu X, Jiao Y (2008) An overview of perceptual hashing. Acta Electron Sin 36(7):1405–1411
Armando A, Basin D, Cuellar J, Rusinowitch M, Viganò L (2006) AVISPA: automated validation of internet security protocols and applications. ERCIM News 64
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Dhillon, P.K., Kalra, S. Multi-factor user authentication scheme for IoT-based healthcare services. J Reliable Intell Environ 4, 141–160 (2018). https://doi.org/10.1007/s40860-018-0062-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40860-018-0062-5