Skip to main content

Advertisement

SpringerLink
Log in

Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment

  • Patient Facing Systems
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Medical systems allow patients to receive care at different hospitals. However, this entails considerable inconvenience through the need to transport patients and their medical records between hospitals. The development of Telecare Medicine Information Systems (TMIS) makes it easier for patients to seek medical treatment and to store and access medical records. However, medical data stored in TMIS is not encrypted, leaving patients’ private data vulnerable to external leaks. In 2014, scholars proposed a new cloud-based medical information model and authentication scheme which would not only allow patients to remotely access medical services but also protects patient privacy. However, this scheme still fails to provide patient anonymity and message authentication. Furthermore, this scheme only stores patient medical data, without allowing patients to directly access medical advice. Therefore, we propose a new authentication scheme, which provides anonymity, unlinkability, and message authentication, and allows patients to directly and remotely consult with doctors. In addition, our proposed scheme is more efficient in terms of computation cost. The proposed system was implemented in Android system to demonstrate its workability.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. He, C. H., Jin, X., Zhao, Z.X., and Xiang, T., A Cloud Computing Solution for Hospital Information System. Intelligent Computing and Intelligent Systems (ICIS), 2010 IEEE International Conference on. 2:517–520, 2010.

  2. Toyoda, K., Standardization and security for the EMR. Int. J. Med. Inform. 48(1–3):57–60, 1998.

    Article  CAS  PubMed  Google Scholar 

  3. Yeo, K., Lee, K., Kim, J. M., Kim, T. H., Choi, Y. H., Jeong, W. J., Hwang, H., Baek, R. M. and Yoo, S., Pitfalls and Security Measures for the Mobile EMR System in Medical Facilities. Healthcare Inform. Res. 18(2):125–135, 2012. doi:10.4258/hir.2012.18.2.125.

  4. Mishra, D., On the security flaws in ID-based password authentication schemes for telecare medical information systems. J. Med. Syst. 39(1):154, 2015.

    Article  PubMed  Google Scholar 

  5. Mishra, D., Understanding security failures of two authentication and key agreement schemes for telecare medicine information systems. J. Med. Syst. 39(3):1–8, 2015.

    Article  Google Scholar 

  6. Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.

    Article  PubMed  Google Scholar 

  7. He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.

    Article  Google Scholar 

  8. Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.

    Article  PubMed  Google Scholar 

  9. Jiang, Q., Ma, J., Ma, Z., and Li, G., A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst. 37:9897, 2013.

    Article  PubMed  Google Scholar 

  10. Kumari, S., Khan, M. K., and Kumar, R., Cryptanalysis and improvement of ‘A privacy enhanced scheme for telecare medical information systems’. J. Med. Syst. 37(4):9952, 2013. doi:10.1007/s10916-013-9952-5.

    Article  PubMed  Google Scholar 

  11. Jiang, Q., Ma, J., Lu, X., et al., Robust Chaotic Map-based Authentication and Key Agreement Scheme with Strong Anonymity for Telecare Medicine Information Systems. J. Med. Syst. 38(2):1–8, 2014.

    Article  Google Scholar 

  12. Mishra, D., Srinivas, J., and Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10):1–10, 2014.

    Article  Google Scholar 

  13. Tan, Z., An efficient biometrics-based authentication scheme for telecare medicine information systems. Network 2(3):200–204, 2013.

    Google Scholar 

  14. Yan, P., Li, W., Li, P., et al., A Secure Biometrics-based Authentication Scheme for Telecare Medicine Information Systems. J. Med. Syst. 37(5):537–550, 2013.

    Article  Google Scholar 

  15. Mishra, D., Mukhopadhyay, S., Chaturvedi, A., et al., Cryptanalysis and improvement of Yan et al.’s biometric-based authentication scheme for telecare medicine information systems. J. Med. Syst. 38(6):1–12, 2014.

    Article  Google Scholar 

  16. Padhy, R. P., Patra, M. R., and Satapathy, S. C., Design and Implementation of a Cloud based Rural Healthcare Information System Model. Univ. J. Appl. Comput. Sci. Technol. 2(1):149–157, 2012.

    Google Scholar 

  17. Banerjee, A., Agrawal, P., and Rajkumar, R., Design of a Cloud Based Emergency Healthcare Service Model. Int. J. Appl. Eng. Res. 8(19):2013, (2013).

  18. Chen, C. L., Yang, T. T., Leu, F. Y., and Huang, Y. L., Designing a healthcare authorization model based on cloud authentication. Intell. Autom. Soft. Comput. 20(3):365–379, 2014.

    Article  Google Scholar 

  19. Chen, C. L., and Yang, T. T., A secure medical data exchange protocol based on cloud environment. J. Med. Syst. 38:112, 2014. doi:10.1007/s10916-014-0112-3.

    Article  PubMed  Google Scholar 

  20. Chen, C. L., Yang, T. T., Chiang, M. L., and Shih, T. F., A Privacy Authentication Scheme Based on Cloud for Medical Environment. J. Med. Syst. 38:143, 2014. doi:10.1007/s10916-014-0143-9.

    Article  PubMed  Google Scholar 

  21. Amin, R., and Biswas, G. P., A novel user authentication and key agreement protocol for accessing multi-medical server usable in TMIS. J. Med. Syst. 39(3):1–17, 2015.

    Article  Google Scholar 

  22. Mishra, D., Das, A. K., Chaturvedi, A., et al., A secure password-based authentication and key agreement scheme using smart cards. J. Inform. Secur. Appl. 23:28–43, 2015. doi:10.1016/j.jisa.2015.06.003.

    Google Scholar 

  23. Bellare, M., and Rogaway, P., Random oracles are practical: A paradigm for designing efficient protocols. Proceedings of the First ACM conference on Computer and communications security. 62–73, 1993.

  24. Mishra D., Das A. K., and Mukhopadhyay S., A secure and efficient ECC-based user anonymitypreserving session initiation authentication protocol using smart card. Peer-to-peer networking and applications. 9(1):171–192, 2016.

  25. SHA-256, website: http://www.cnblogs.com/elaron/archive/2013/04/09/3010375.html. (Chinese)

  26. AES, website: http://blog.csdn.net/hbcui1984/article/details/5201247. (Chinese)

  27. ECC, website: http://snowolf.iteye.com/blog/383412. (Chinese)

Download references

Acknowledgments

This work is partially supported by the Ministry of Science and Technology under Grant MOST 104-2221-E-182-012 and by the National Natural Science Foundation of China under Grant 61272306. The authors also gratefully acknowledge the helpful comments and suggestions of the reviewers, which have improved the presentation.

Author information

Authors and Affiliations

  1. Department of Electrical Engineering, Chang Gung University, 259 Wen-Hwa 1st Road, Kwei-Shan, Tao-Yuan, Taiwan, Republic of China

    Shin-Yan Chiou

  2. School of Information and Electronic Engineering, Zhejiang Gongshang University, 18 Xuezheng Street, Hangzhou, Zhejiang, China

    Zhaoqin Ying & Junqiang Liu

Authors
  1. Shin-Yan Chiou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhaoqin Ying
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Junqiang Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shin-Yan Chiou.

Additional information

This article is part of the Topical Collection on Patient Facing Systems

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chiou, SY., Ying, Z. & Liu, J. Improvement of a Privacy Authentication Scheme Based on Cloud for Medical Environment. J Med Syst 40, 101 (2016). https://doi.org/10.1007/s10916-016-0453-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-016-0453-1

Keywords

Search

Navigation