Abstract
The telecare medicine information system enables or supports health-care delivery services. In recent years, the increased availability of lower-cost telecommunications systems and custom made physiological monitoring devices for patients have made it possible to bring the advantages of telemedicine directly into the patient’s home. These systems are moving towards an environment where automated patient medical records and electronically interconnected telecare facilities are prevalent. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. Many schemes based on cryptography have been proposed for the goals. However, much of the schemes are vulnerable to various attacks, and are neither efficient, nor user friendly. Specially, in terms of efficiency, some schemes need the exponential computation resulting in high time cost. Therefore, we propose a novel authentication scheme that is added the pre-computing idea within the communication process to avoid the time-consuming exponential computations. Finally, it is shown to be more secure and practical for telecare medicine environments.
Similar content being viewed by others
References
Yang, C. M., Lin, H. C., Chang, P., and Jian, W. S., Taiwan’s perspective on electronic medical records’ security and privacy protection: Lessons learned from HIPAA. Comput. Methods Programs Biol. 82(3):277–282, 2006.
Lee, W. B., and Lee, C. D., A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Trans. Inf. Technol. Biomed. 12(1):34–41, 2008.
Gritzalis, S., Lambrinoudakis, C., Lekkas, D., and Deftereos, S., Technical guidelines for enhancing privacy and data protection in modern electronic medical environments. IEEE Trans. Inf. Technol. Biomed. 9(3):413–423, 2005.
Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst. 24(4):213–234, 2000.
Tsai, J. L., Efficient nonce-based authentication scheme for session initiation protocol. Int. J. Netw. Sec. 9(1):12–16, 2009.
Lee, N. Y., and Chiu, Y. C., Improved remote authentication scheme with smart card. Comput. Stand. Interfaces 27(2):177–180, 2005.
Chien, H.-Y., Jan, J.-K., and Tseng, Y.-M., An efficient and practical solution to remote authentication: Smart card. Comput. Secur. 21(4):372–375, 2002.
Song, R., Korba, L., Yee, G., Analysis of smart card-based remote user authentication schemes. Proceedings of the 2007 International Conference on Security and Management, 323–329, 2007.
Das, M. L., Two-factor user authentication in wireless sensor networks. IEEE Trans. Wireless Commun. 8(3):1086–1090, 2009.
Liao, E., Lee, C. C., and Hwang, M. S., A password authentication scheme over insecure networks. J. Comput. Syst. Sci. 72(4):727–740, 2006.
Diffie, W., and Hellman, M., New directions in cryptology. IEEE Trans. Inf. Theory 22(6):644–654, 1976.
Yang, C. C., Wang, R. C., and Liu, W. T., Secure authentication scheme for session initiation protocol. Comput. Secur. 24:381–386, 2005.
Xu, J., Zhu, W. T., and Feng, D. G., An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces 31(4):723–728, 2009.
Liu, J. Y., Zhou, A. M., and Gao, M. X., A new mutual authentication scheme based on nonce and smart cards. Comput. Commun. 31(10):2205–2209, 2008.
Jones, D., Smart cards for the people. Card Technol. Today 15(3):16–16(1), 2003.
Chen, C.-L., Chen, Y.-Y., and Chen, Y.-H., Group-based authentication to protect digital content for business applications. Int. J. Innovative Comput. Inf. Control 5(5):1243–1251, 2009.
Lo, N. W., and Yeh, K.-H., A novel authentication scheme for mobile commerce transactions. Int. J. Innovative Comput. Inf. Control 6(7):3093–3103, 2010.
Yoon, E., and Yoo, K., An efficient password authentication schemes without using the server public key for grid computing. GCC 2005 LNCS 3795:149–154, 2005.
Stallings, W., Cryptography and network security: Principal and practices. 4th Edition. Prentice Hall, 2005.
Huston, T., Security issues for implementation of E-medical records. Commun. ACM 44(9):89–94, 2001.
ElGamal, T., A public-key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory IT-31(4):469–472, 1985.
Acknowledgement
This work was supported partially by National Science Council, Taiwan under Grants NSC 99-2221-E-029-023.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wu, ZY., Lee, YC., Lai, F. et al. A Secure Authentication Scheme for Telecare Medicine Information Systems. J Med Syst 36, 1529–1535 (2012). https://doi.org/10.1007/s10916-010-9614-9
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10916-010-9614-9