Skip to main content

A Selective Group Authentication Scheme for IoT-Based Medical Information System

Journal of Medical Systems volume 41, Article number: 48 (2017) Cite this article

Abstract

The technology of IoT combined with medical systems is expected to support advanced medical services. However, unsolved security problems, such as misuse of medical devices, illegal access to the medical server and so on, make IoT-based medical systems not be applied widely. In addition, users have a high burden of computation to access Things for the explosive growth of IoT devices. Because medical information is critical and important, but users have a restricted computing power, IoT-based medical systems are required to provide secure and efficient authentication for users. In this paper, we propose a selective group authentication scheme using Shamir’s threshold technique. The property of selectivity gives the right of choice to users to form a group which consists of things users select and access. And users can get an access authority for those Things at a time. Thus, our scheme provides an efficient user authentication for multiple Things and conditional access authority for safe IoT-based medical information system. To the best of our knowledge, our proposed scheme is the first in which selectivity is combined with group authentication in IoT environments.

This is a preview of subscription content, access via your institution.

Access options

Buy single article

Instant access to the full article PDF.

43,34 €

Price includes VAT (Finland)
Tax calculation will be finalised during checkout.

Fig. 1
Fig. 2
Fig. 3
Fig. 4

References

  1. Jiang, Q., Ma, J., Ma, Z., and Li, G., A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst. 37:9897, 2013.

    Article  PubMed  Google Scholar 

  2. Roman, R., Najera, P., and Lpoez, J., Securing the internet of things. Comput. 44(9):51–58, 2011.

    Article  Google Scholar 

  3. Weber, R. H., Internet of Things—New security and privacy challenges. Comput. Law Security Rev. 26(1): 23–30, 2010.

    Article  Google Scholar 

  4. Li, S. H., Wang, C. Y., LuW, H., Lin, Y. Y., and Yen, D. C., Design and implementation of a telecare information platform. J. Med. Syst. 36(3):1629–1650, 2012.

    Article  PubMed  Google Scholar 

  5. Gritzalis, S., Lambrinoudakis, C., Lekkas, D., and Deftereos, S., Technical guidelines for enhancing privacy and data protection in modern electronic medical environments. IEEE Trans. Inf. Technol. Biomed. 9(3):413–423, 2005.

    Article  PubMed  Google Scholar 

  6. Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst. 24(4):213–234, 2000.

    CAS  Article  PubMed  Google Scholar 

  7. Wu, Z. Y., Chung, Y., Lai, F., and Chen, T. S., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2):631–638, 2012.

    Article  PubMed  Google Scholar 

  8. Kumari, S., Khan, M. K., and Kumar, R., Cryptanalysis and improvement of ’A privacy enhanced scheme for telecare medical information systems’. J. Med. Syst. 37:9952, 2013.

    Article  PubMed  Google Scholar 

  9. Cao, T., and Zhai, J., Improved dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 37:9912, 2013.

    Article  PubMed  Google Scholar 

  10. Turkanovic, M., Brumen, B., and Hölbl, M., A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion. Ad Hoc Netw. 20:96–112, 2014.

  11. Yao, X., Han, X., Du, X., and Zhou, X., A lightweight multicast authentication mechanism for small scale IoT applications. IEEE Sensors J. 13(10):3693–3701, 2013.

    Article  Google Scholar 

  12. Ndibanje, B., Lee, H. J., and Lee, S. G., Security analysis and improvements of authentication and access control in the internet of Things. Sensors 14(8):14786–14805, 2014.

    Article  PubMed  PubMed Central  Google Scholar 

  13. Mahalle, P. N., Prasad, N. R., and Prasad, R., Threshold cryptography-based group authentication (TCGA) scheme for the Internet of Things (IoT), Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE) (2014)

  14. Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.

    Article  PubMed  Google Scholar 

  15. Amin, R., Islam, S. K. H., Biswas, G. P., Khan, M. K., and Kumar, N., An efficient and practical smart card based anonymity preserving user authentication scheme for TMIS using elliptic curve cryptography. J. Med. Syst. 39:180, 2015.

    Article  PubMed  Google Scholar 

  16. Peng, S., An ID-based multiple authentication scheme against attacks in wireless sensor networks, CCIS 2012 (2012)

  17. Shi, W., and Gong, P., A new user authentication protocol for wireless sensor networks usign elliptic curves cryptography. International Journal of Distributed Sensor Networks, 2013. Article ID 730831.

  18. Sun, H. M., He, B. Z., Chen, C. M., Wu, T. Y., Lin, C. H., and Wang, H., A provable authenticated group key agreement protocol for mobile environment. Information Sciences 321(10):224–237, 2015.

    Article  Google Scholar 

  19. Xu, B., Xu, L. D., Cai, H., Xie, C., Hu, J., and Bu, F., Ubiquitous data accessing method in IoT-based information system for emergency medical services. IEEE Trans. on Industrial Informatics 10(2):1578–1586, 2014.

    Article  Google Scholar 

  20. Porambage, P., Schmitt, C., Kumar, P., Gurtov, A., Ylianttila, M., and Pauthkey, A pervasive authentication protocol and key establishment scheme for wireless sensor networks in distributed IoT applications. International Journal of Distributed Sensor Networks 2014, 2014. Article ID 357430.

  21. Hou, J. L., and Yeh, K. H., Novel authentication schemes for IoT based healthcare systems. International Journal of Distributed Sensor Networks 2015, 2015. Article ID 183659.

  22. Harn, L., and Lin, C., Authenticated Group Key Transfer Protocol Based on Secret Sharing. IEEE Trans. Computers 59(6):842–846, 2010.

    Article  Google Scholar 

  23. Shamir, A., How to share a secret. Comm. ACM. 22(11):612–613, 1979.

    Article  Google Scholar 

  24. Herzberg, A., Jarecki, S., Krawczyk, H., and Yung, M., Proactive secret sharing or: how to cope with perpetual leakage. CRYPTO 95,339–352, 1995.

  25. Zhang, Y., and Lee, W., Intrusion detection in wireless ad-hoc networks. Mobicom 2000,275–283, 2000.

  26. Bechler, M., Hof, H. J., Kraft, D., Pahlke, F., and Wolf, L., A cluster-based security architecture for ad hoc networks. Infocom, 2004,2393–2403, 2004.

  27. Li, L.-C., and Liu, R.-S., Securing cluster-based ad hoc networks with distributed authorities. IEEE Trans. on Wireless Communications 9(10):3072–3081, 2010.

    Article  Google Scholar 

  28. Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A., Handbook of Applied Cryptography, pp. 524–526: CRC Press.

Download references

Acknowledgments

This study was supported by the BK21 Plus project funded by the Ministry of Education, Korea (21A20131600011).

Author information

Affiliations

  1. School of Electronics Engineering, Kyungpook National University, Daegu, South Korea

    YoHan Park & YoungHo Park

Authors
  1. YoHan Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. YoungHo Park
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to YoungHo Park.

Additional information

This article is part of the Topical Collection on Mobile & Wireless Health

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Park, Y., Park, Y. A Selective Group Authentication Scheme for IoT-Based Medical Information System. J Med Syst 41, 48 (2017). https://doi.org/10.1007/s10916-017-0692-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-017-0692-9

Keywords

  • Medical information system
  • Internet of things
  • Group authentication
  • Selectivity