Skip to main content
Hauptrubriken
CME Facharzt-Training Webinare Zeitschriften Bücher e.Medpedia Podcast
Service
Jobbörse Info & Hilfe
Fachgebiete
Anästhesiologie Allgemeinmedizin Arbeitsmedizin Augenheilkunde Chirurgie Dermatologie Gynäkologie und Geburtshilfe HNO Innere Medizin Kardiologie Neurologie Onkologie und Hämatologie Orthopädie und Unfallchirurgie Pädiatrie Pathologie Psychiatrie Radiologie Rechtsmedizin Urologie Zahnmedizin
Themen
Klimawandel und Gesundheit Neues aus dem Markt COVID-19 Praxis und Beruf Seltene Erkrankungen GOÄ & EBM Panorama
Sammlungen
Kasuistiken Algorithmen & Infografiken Blickdiagnosen Arthropedia FlapFinder (für Dermatochirurgen) Videos Kongressberichterstattung Medizin für Apothekerinnen und Apotheker Für Ärztinnen und Ärzte in Weiterbildung Für Medizinstudierende
Erweiterte Suche
Anmelden
nach oben
Journal of Medical Systems
Erschienen in: Journal of Medical Systems 3/2015

01.03.2015 | Patient Facing Systems

A Novel User Authentication and Key Agreement Protocol for Accessing Multi-Medical Server Usable in TMIS

verfasst von: Ruhul Amin, G. P. Biswas

Erschienen in: Journal of Medical Systems | Ausgabe 3/2015

Einloggen, um Zugang zu erhalten

Abstract

Telecare Medical Information System (TMIS) makes an efficient and convenient connection between patient(s)/user(s) at home and doctor(s) at a clinical center. To ensure secure connection between the two entities (patient(s)/user(s), doctor(s)), user authentication is enormously important for the medical server. In this regard, many authentication protocols have been proposed in the literature only for accessing single medical server. In order to fix the drawbacks of the single medical server, we have primarily developed a novel architecture for accessing several medical services of the multi-medical server, where a user can directly communicate with the doctor of the medical server securely. Thereafter, we have developed a smart card based user authentication and key agreement security protocol usable for TMIS system using cryptographic one-way hash function. We have analyzed the security of our proposed authentication scheme through both formal and informal security analysis. Furthermore, we have simulated the proposed scheme for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool and showed that the scheme is secure against the replay and man-in-the-middle attacks. The informal security analysis is also presented which confirms that the protocol has well security protection on the relevant security attacks. The security and performance comparison analysis confirm that the proposed protocol not only provides security protection on the above mentioned attacks, but it also achieves better complexities along with efficient login and password change phase.
Literatur
1.
Amin, R., Cryptanalysis and an efficient secure id-based remote user authentication using smart card. Int. J. Comput. Appl. 75(13):43–48, 2013.
2.
Amin, R., Maitra, T., Giri, D., Article: An improved efficient remote user authentication scheme in multi-server environment using smart card. Int. J. Comput. Appl. 69(22):1–6, 2013.
3.
Amin, R., Maitra, T., Rana, S.P., An improvement of wang. et. al.’s remote user authentication scheme against smart card security breach. Int. J. Comput. Appl. 75(13):37–42, 2013.
4.
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P., Hem, P., Kouchnarenko, O., Mantovani, J., Mdersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Vigan, L., Vigneron, L.: The avispa tool for the automated validation of internet security protocols and applications. In: Computer Aided Verification, Vol. 3576, pp. 281–285. Lecture Notes in Computer Science (2005)
5.
Bhargav-Spantzel, A., Squicciarini, A.C., Modi, S., Young, M., Bertino, E., Elliott, S.J., Privacy preserving multi-factor authentication with biometric. J. Comput. Secur. 15(5):529–560, 2007.
6.
7.
8.
Chen, H.M., Lo, J.W., Yeh, C.K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.CrossRef
9.
Chuang, M.C., and Chen, M.C., An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst. Appl. 41(4, Part 1):1411–1418, 2014.CrossRef
10.
Das, A., and Goswami, A., A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(3):9948, 2013. doi:10.​1007/​s10916-013-9948-1.CrossRef
11.
Das, A.K., Analysis and improvement on an effcient biometric based remote user authentication scheme using smart cards. IET Inf. Secur. 5(3):145–151, 2011.CrossRef
12.
Debiao, H., Jianhua, C., Rui, Z., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
13.
Dolev, D., and Yao, A.C., On the security of public key protocols. Information Theory. IEEE Trans. 29(2):198–208, 1983.MATHMathSciNet
14.
Fan, C.I., and Lin, Y.H., Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. Information Forensics and Security. IEEE Trans. 4(4):933–945, 2009.
15.
Guo, C., and Chang, C.C., Chaotic maps-based password-authenticated key agreement using smart cards. Commun. Nonlinear Sci. Numer. Simul. 18(6):1433–1440, 2013.CrossRefMATHMathSciNet
16.
17.
Islam, S.H., and Biswas, G.P., A more efficient and secure id-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem. J. Syst. Softw. 84(11):1892–1898, 2011.CrossRef
18.
Jiang, Q., Ma, J., Lu, X., Tian, Y., Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38(2):1–8, 2014. doi:10.​1007/​s10916-014-0012-6.CrossRef
19.
20.
Jina, A.T.B., Ling, D.N.C., Goh, A., Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn. 37(11):2245–2255, 2004.CrossRef
21.
22.
Khan, M.K., and Zhang, J., Improving the security of a flexible biometric remote user authentication scheme. Comput. Stand. Interfaces 29(1):82–85, 2007.CrossRef
23.
Kocher, P., Jaffe, J., Jun, B., Differential power analysis. In: Advances in Cryptology CRYPTO 99. Vol. 1666, pp. 388–397: Lecture Notes in Computer Science, 1999.
24.
Kumar, M., Gupta, M.K., Kumari, S., An improved efficient remote password authentication scheme with smart card over insecure networks. Int. J. Netw. Secur. 13(3):167–177, 2011.
25.
Kumari, S., Gupta, M.K., Khan, M.K., Li, X., An improved timestamp-based password authentication scheme: comments, cryptanalysis, and improvement. Secur. Commun. Netw. 7:1921–1932, 2014. doi:10.​1002/​sec.​906.CrossRef
26.
27.
Kumari, S., and Khan, M.K., More secure smart card based remote user password authentication scheme with user anonymity. Secur. Commun. Netw. 7:2039–2053, 2013. doi:10.​1002/​sec.​916.CrossRef
28.
Kumari, S., and Khan, M.K., Cryptanalysis and improvement of ’a robust smart-card-based remote user password authentication scheme. Int. J. Commun. Syst. 27:3939–3955, 2014. doi:10.​1002/​dac.​2590.​.CrossRef
29.
30.
Kumari, S., Khan, M.K., Li, X., Wu, F., Design of a user anonymous password authentication scheme without smart card. Int. J. Commun. Syst. 27(10):609–618, 2014. doi:10.​1002/​dac.​2853.
31.
32.
Lee, T.F., An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J. Med. Syst. 37(6):1–9, 2013. doi:10.​1007/​s10916-013-9985-9.CrossRef
33.
Lee, T.F., Chang, I.P., Lin, T.H., Wang, C.C., A secure and efficient password- based user authentication scheme using smart cards for the integrated epr information system. J. Med. Syst. 37(3):3833–3838, 2013.
34.
Li, C.T., and Hwang, M.S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.CrossRef
35.
Li, C.T., Lee, C.C., Weng, C.Y., A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J. Med. Syst. 38(9):77, 2014. doi:10.​1007/​s10916-014-0077-2.CrossRef
36.
Li, X., Niu, J.W., Ma, J., Wang, W.D., Liu, C.L., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 34(1):73–79, 2011.CrossRefMATH
37.
Li, X., Xiong, Y., Ma, J., Wang, W., An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards. J. Netw. Comput. Appl. 35(2):763–769, 2012.CrossRef
38.
Lin, H.Y., On the security of a dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–5, 2013.CrossRef
39.
Lumini, A., and Nanni, L., Biohashing: Two factor authentication featuring fingerprint data and tokenised random number. Pattern Recogn. 40(3):1057–1065, 2007.CrossRefMATH
40.
Maitra, T., and Giri, D., An efficient biometric and password-based remote user authentication using smart card for telecare medical information systems in multi-server environment. J. Med. Syst. 38(12):142, 2014. doi:10.​1007/​s10916-014-0142-x.CrossRef
41.
Messerges, T.S., Dabbish, E.A., Sloan, R.H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.CrossRefMathSciNet
42.
Mishra, D., Mukhopadhyay, S., Chaturvedi, A., Kumari, S., Khan, M., Cryptanalysis and improvement of yan et al.s biometric-based authentication scheme for telecare medicine information systems. J. Med. Syst. 38(6): 24, 2014. doi:10.​1007/​s10916-014-0024-2.CrossRef
43.
Mishra, D., Srinivas, J., Mukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10): 120, 2014. doi:10.​1007/​s10916-014-0120-3.CrossRef
44.
Sood, S.K., Sarje, A.K., Singh, K., A secure dynamic identity based authentication protocol for multi-server architecture. J. Netw. Comput. Appl. 34(2):609–618, 2011.CrossRef
45.
Tan, Z., An efficient biometrics-based authentication scheme for telecare medicine information systems. Netw. 2(3):200–204, 2013.
46.
47.
Wang, B., and Ma, M., A smart card based efficient and secured multi-server authentication scheme. Wirel. Pers. Commun. 68(2):361–378, 2013.CrossRef
48.
Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.CrossRef
49.
Wu, Z.Y., Lee, Y.C., Lai, F., Lee, H.C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.CrossRef
50.
51.
Xue, K., Hong, P., Ma, C., A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J. Comput. Syst. Sci. 80(1):195–206, 2014.CrossRefMATHMathSciNet
52.
Yan, X., Li, W., Li, P., Wang, J., Hao, X., Gong, P., A secure biometrics-based authentication scheme for telecare medicine information systems. J. Med. Syst. 37(5):1–6, 2013.CrossRefMATH
53.
Yang, D., and Yang, B.: A biometric password-based multi-server authentication scheme with smart card. In: 2010 International Conference on, Computer Design and Applications (ICCDA). Vol. 5, pp. 554–559 (2010)
54.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838, 2012.CrossRef
Metadaten
Titel
A Novel User Authentication and Key Agreement Protocol for Accessing Multi-Medical Server Usable in TMIS
verfasst von
Ruhul Amin
G. P. Biswas
Publikationsdatum
01.03.2015
Verlag
Springer US
Erschienen in
Journal of Medical Systems / Ausgabe 3/2015
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-015-0217-3

Weitere Artikel der Ausgabe 3/2015

Journal of Medical Systems 3/2015 Zur Ausgabe

Systems-Level Quality Improvement

A Secure RFID Mutual Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptography

Systems-Level Quality Improvement

Automatic Lung Segmentation Using Control Feedback System: Morphology and Texture Paradigm

Education & Training

Benefits of Online Health Education: Perception from Consumers and Health Professionals

Systems-Level Quality Improvement

Use of Oximetry as a Screening Tool for Obstructive Sleep Apnea: a Case Study in Taiwan

Transactional Processing Systems

Design and Development of a Medical Big Data Processing System Based on Hadoop

Patient Facing Systems

Reliable Feature Selection for Automated Angle Closure Glaucoma Mechanism Detection