Skip to main content
SpringerLink
Log in

A Dynamic-Identity Based Multimedia Server Client Authentication Scheme for Tele-Care Multimedia Medical Information System

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Recently, several biometric and tele-care based user authentication schemes have been proposed to enhance the safe and security of the systems. In 2013, the authors, namely Das et al. improved the authentication scheme of Chang et al. to overcome the severe security flaws, such as failed to protect man-in-the-middle attack, failed to provide the reliable authentication and flaws in client login-phase. Besides, the authors evaluated the authentication in the simulation tool of AVISPA. In the same year, the authors, namely Khurram et al. proposed an improved the authentication scheme of Youngwa An to eradicate the security flaws, like impersonation attack, mutual authentication and user anonymity. The authors, like Das et al. and Khurram et al. have had their own strategies to mitigate the security flaws, though they are still not able to evaluate their schemes in the real time medical information systems. Besides, both authors fail to prove the privacy preservation to the user systems. Thus, this paper proposes a dynamic-identity based multimedia server client authentication scheme to resolve the major security threats of Das et al. and Khurran et al. We prove that our proposed scheme is secure and efficient in comparison with the authentication schemes, namely Youngwa An, Khurram et al., Das et al. and Chang et al. We also depict that our proposed scheme can offer the features like privacy preservation and service scalability reliably for the user systems. Eventually, we design an develop a real time testbed of multimedia medical information system to cross-examine the authentication schemes. In the cross-examination, our authentication scheme shows the most achievable results for the metrics like call setup time, signal congestion and bandwidth consumption in relation to the other authentication schemes, such as Youngwa An, Khurram et al., Das et al. and Chang et al.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Lambrinoudakis, C., & Gritzalis, S. (2000). Managing medical and insurance information through a smart-card-based information system. Journal of Medical Systems, 24(4), 213–234.

    Article  Google Scholar 

  2. Das, M. L., Saxena, A., & Gulati, V. P. (2004). A dynamic ID-based remote user authentication scheme. IEEE Transactions on Consumer Electronics, 50(2), 629–631.

    Article  Google Scholar 

  3. Wang, Y. Y., Kiu, J. Y., Xiao, F. X., & Dan, J. (2009). A more scheme, secure dynamic ID-based remote user authentication. Computer Communications, 32(4), 583–585.

    Article  Google Scholar 

  4. Tsai, J.-L., Wu, T.-C., & Tsai, K.-Y. (2010). New dynamic ID authentication scheme using smart cards. International Journal of Communication Systems, 23, 1449–1462.

    Article  Google Scholar 

  5. Khan, M. K., Kim, S. K., & Alghathbar, K. (2010). Cryptanalysis and security enhancement of a more efficient & secure dynamic id-based remote user authentication scheme. Computer Communications, 34(3), 305–309.

    Article  Google Scholar 

  6. Chen, H. M., Lo, J. W., & Yeh, C. K. (2012). An efficient secure dynamic id-based authentication scheme for telecare medical information systems. Journal of Medical Systems, 36(6), 3907–3915.

    Article  Google Scholar 

  7. Ma, C.-G., Wang, D., & Zhao, S.-D. (2012). Security flaws in two improved remote user authentication schemes using smart cards. International Journal of Communication Systems,. doi:10.1002/dac.2468.

    Google Scholar 

  8. Jiang, Q., Ma, J., Ma, Z., & Li, G. (2013). A privacy enhanced authentication scheme for telecare medical information systems. Journal of Medical Systems,. doi:10.1007/s10916-012-9897-0.

    Google Scholar 

  9. Kumari, S., & Khan, M. K. (2013). Cryptanalysis and improvement of ‘a robust smart-card-based remote user password authentication scheme. International Journal of Communication Systems,. doi:10.1002/dac.2590.

    Google Scholar 

  10. Jiang, Q., Ma, J., Li, G., & Li, X. (2013). Improvement of robust smart-card-based password authentication scheme. International of Communication Systems,. doi:10.1002/dac.2644.

    Google Scholar 

  11. Li, X., Niu, J., Liao, J., & Liang, W. (2013). Cryptanalysis of a dynamic identity-based remote user authentication scheme with verifiable password update. International Journal of Communication Systems,. doi:10.1002/dac.2676.

    Google Scholar 

  12. Kumari, S., Khan, M. K., & Kumar, R. (2013). Cryptanalysis and improvement of a privacy enhanced scheme for telecare medical information systems. Journal of Medical Systems,. doi:10.1007/s10916-013-9952-5.

    Google Scholar 

  13. Li, C. T., & Hwang, M. S. (2010). An efficient biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 33(1), 1–5.

    Article  Google Scholar 

  14. Das, A. K. (2011). Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards. IET Information Security, 5(3), 145–151.

    Article  Google Scholar 

  15. Li, X., Niu, J.-W., Ma, J., Wang, W.-D., & Liu, C.-L. (2011). Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications, 34(1), 73–79.

    Article  MATH  Google Scholar 

  16. Chang, Y.-F., Yu, S.-H., & Shiao, D.-R. (2013). An uniqueness-and -anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems,. doi:10.1007/s10916-012-9902-7.

    Google Scholar 

  17. Das, A. K., & Goswami, A. (2013). A secure efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. Journal of Medical Systems,. doi:10.1007/s10916-013-9948-1.

    Google Scholar 

  18. Islam, S., & Biswas, G. (2011). A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. Journal of Systems and Software, 84(11), 1892–1898. doi:10.1016/j.jss.2011.06.061.

    Article  Google Scholar 

  19. Bellare, M., Pointcheval, D., & Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks. In: Advances in Cryptograhy-EUROCRYPT 2000, Lecture Notes in Computer Science. Berlin: Springer. doi:10.1007/3-540-45539-6_11.

  20. Katz, J., & Yung, M. (2007). Scalable protocols for authenticated group key exchange. Journal of Cryptology, 20(1), 85–113. doi:10.1007/s00145-006-0361-5.

    Article  MATH  MathSciNet  Google Scholar 

  21. Tseng, Y. (2007). A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy. Journal of Systems and Software, 80(7), 1091–1101. doi:10.1016/j.jss.2006.10.053.

    Article  Google Scholar 

  22. Younghwa An. (2012). Security analysis and enhancements of an effective biometric-based remote user authentication scheme using smart cards. Journal of Biomedicine and Biotechnology, Article ID 519723, 6 pages. doi:10.1155/2012/519723.

  23. Khan, M. K., & Kumari, S. (2013). An improved biometrics-based remote user authentication scheme with user anonymity. BioMed Research International, Article ID 491289, 9 pages. doi:10.1155/2013/491289.

  24. Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., & Sparks, R. (2002). SIP: Session initiation protocol, IETF: RFC 3261.

  25. GPP. 2011. TS 23.228: IP Multimedia Subsystems (IMS), third generation partnership project, technical specification group services and system aspects.

  26. GPP. 2010. TS 33.203: 3G security; access security for IP-based services (release 10), third generation partnership project, technical specification group services and system aspects.

  27. Fraunhofer FOKUS;OpenIMSCore; www.openimscore.org.

  28. BerliOS; UCTIMS Client; www.uctimsclient.berlios.de.

  29. Wu, Z.-Y., Lee, Y.-C., Lai, F., Lee, H.-C., & Chung, Y. (2010). A secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(3), 1529–1535.

    Article  Google Scholar 

  30. He, D., Chen, J., & Zhang, R. (2012). A more secure authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(3), 1989–1995.

    Article  Google Scholar 

  31. Wei, J., Hu, X., & Liu, W. (2012). An improved authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(6), 3597–3604.

    Article  Google Scholar 

  32. Wu, Z.-Y., Chung, Y., Lai, F., & Chen, T.-S. (2012). A password-based user authentication scheme for the integrated EPR information system. Journal of Medical Systems, 36(2), 631–638.

    Article  Google Scholar 

  33. Islam, S. H., & Biswas, G. P. (2015). Cryptanalysis and improvement of a password-based user authentication scheme for integrated EPR information system. Journal of King Saud University Computer and Information Sciences, 27(2), 211–221.

  34. Pu, Q., Wang, J., & Zhao, R. (2012). Strong authentication scheme for telecare medicine information systems. Journal of Medical Systems, 36(4), 2609–2619.

    Article  Google Scholar 

Download references

Acknowledgments

The corresponding author would like to thank SASTRA University and Tata Consultancy Services (TCS) for the financial assistance under the scheme of Research Scholar Program (RSP).

Conflict of interest

All the authors declare that there is no conflict of interest regarding the publication of this paper.

Author information

Authors and Affiliations

  1. School of Computing, SASTRA University, Thanjavur, Tamil Nadu, 613401, India

    Deebak Bakkiam David, Muthaiah Rajappa & Swaminathan Pitchai Iyer

  2. School of Electrical and Electronics, SASTRA University, Thanjavur, Tamil Nadu, 13401, India

    Thenmozhi Karupuswamy

Authors
  1. Deebak Bakkiam David
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Muthaiah Rajappa
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thenmozhi Karupuswamy
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Swaminathan Pitchai Iyer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Deebak Bakkiam David.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

David, D.B., Rajappa, M., Karupuswamy, T. et al. A Dynamic-Identity Based Multimedia Server Client Authentication Scheme for Tele-Care Multimedia Medical Information System. Wireless Pers Commun 85, 241–261 (2015). https://doi.org/10.1007/s11277-015-2736-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-015-2736-0

Keywords

Search

Navigation