nach oben

Journal of Medical Systems

Erschienen in:

01.12.2012 | Original Paper

An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems

verfasst von: Hung-Ming Chen, Jung-Wen Lo, Chang-Kuo Yeh

Erschienen in: Journal of Medical Systems | Ausgabe 6/2012

Einloggen, um Zugang zu erhalten

Abstract

The rapidly increased availability of always-on broadband telecommunication environments and lower-cost vital signs monitoring devices bring the advantages of telemedicine directly into the patient’s home. Hence, the control of access to remote medical servers’ resources has become a crucial challenge. A secure authentication scheme between the medical server and remote users is therefore needed to safeguard data integrity, confidentiality and to ensure availability. Recently, many authentication schemes that use low-cost mobile devices have been proposed to meet these requirements. In contrast to previous schemes, Khan et al. proposed a dynamic ID-based remote user authentication scheme that reduces computational complexity and includes features such as a provision for the revocation of lost or stolen smart cards and a time expiry check for the authentication process. However, Khan et al.’s scheme has some security drawbacks. To remedy theses, this study proposes an enhanced authentication scheme that overcomes the weaknesses inherent in Khan et al.’s scheme and demonstrated this scheme is more secure and robust for use in a telecare medical information system.

Istepanian, R. S. H., Jovanov, E., and Zhang, Y. T., Guest editorial introduction to the special section on M-health: Beyond seamless mobility and global wireless health-care connectivity. IEEE Trans. Inf. Technol. Biomed. 8(4):405–414, 2004.CrossRef

Latré, B., Braem, B., Moerman, I., Blondia, C., and Demeester, P., A survey on wireless body area networks. J. Wireless Netw. 17(1). January 2011.

Stachura, M., and Khasanshina, E., Telehomecare and remote monitoring: An outcomes overview. Adv. Med. Technol. Assoc., October 31, 2007, Available at: http://www.advamed.org/NR/rdonlyres/2250724C-5005-45CD-A3C9-0EC0CD3132A1/0/TelehomecarereportFNL103107.pdf (last access March 2012).

Otto, C., Milenkovic, A., Sanders, C., and Jovanov, E., System architecture of a wireless body area sensor network for ubiquitous health monitoring. J. Mobile Multimed. 1(4):307–326, 2006.

Mana, M., Feham, M., and Bensaber, B. A., Trust key management scheme for wireless body area networks. Int. J. Netw. Secur. 12(2):71–79, 2011.

Electronic health record Wiki Site. http://en.wikipedia.org/wiki/Electronic_health_record#cite_note-23, (last accessed March 2012).

Dunlop, L., Electronic health records: Interoperability challenges and patient’s right for privacy. Shidler J. Comput. Technol. 3:16, 2007.

Tim Wafa (J.D.)., How the lack of prescriptive technical granularity in HIPAA has compromised patient privacy. N. Illinois Univ. Law Rev., 30(3), Summer 2010.

Lamport, L., Password authentication with insecure communication. Commun. ACM 24(11):770–772, 1981.MathSciNetCrossRef

10.

Haller, N., The S/KEY one-time password system. Proceedings of the Internet Society Symposium on Network and Distributed Systems, pp. 151–157, 1994.

11.

Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electron. 46(1):28–30, 2000.CrossRef

12.

Xu, J., Zhu, W. T., and Feng, D. G., An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfac. 31(4):723–728, 2009.CrossRef

13.

Lee, N. Y., and Chiu, Y. C., Improved remote authentication scheme with smart card. Comput. Stand. Interfac. 27(2):177–180, 2005.CrossRef

14.

Lee, S. W., Kim, H. S., and Yoo, K. Y., Improvement of Chien et al’.s remote user authentication scheme using smart cards. Comput. Stand. Interfac. 27(2):181–183, 2005.CrossRef

15.

Wu, Z.-Y., Lee, Y.-C., Lai, F., Lee, H.-C., and Chung, Y., A secure authentication scheme for Telecare medicine information systems. J. Med. Syst., 2010. doi:10.1007/s10916-010-9614-9.

16.

Debiao, H., Jianhua, C., and Rui, Z., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst., 2011. doi:10.1007/s10916-011-9658-5.

17.

Das, M. L., Saxena, A., and Gulati, V. P., A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electron. 50(2):629–631, 2004. 508.CrossRef

18.

Awashti, A. K., Comment on ‘A dynamic ID-based remote user authentication scheme’. Trans. Cryptol. 1(2):15–16, 2004.

19.

Chien, H. Y., and Chen, C. H., A remote authentication scheme preserving user anonymity. In: International conference on AINA’05, 2, 2005.

20.

Ku, W. C., Chang, S. T., Impersonation attack on a dynamic ID-based remote user authentication sheme using smart cards. IEICE Transactions on Communication E88-B (5):2165–2167, 2005.

21.

Liao, I., Lee, C. C., Hwang, M. S., Security enhancement for a dynamic ID-based remote user authentication scheme. Proceedings of the National Conference on Next Generation Web Services Practices, pp. 4, 22–26 Aug. 2005.

22.

Wang, Y. Y., Kiu, J. Y., Xiao, F. X., and Dan, J., A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32:583–585, 2009.CrossRef

23.

Khan, M. K., et al., Cryptanalysis and security enhancement of a more efficient & secure dynamic id-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2010.CrossRef

24.

He, D., Chen, J., and Hu, J, Weaknesses of a dynamic ID-based remote user authentication scheme. IACR Eprint archive, 2010, Available at http://eprint.iacr.org/2010/240 (last accessed March 2012).

Titel: An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems
verfasst von: Hung-Ming Chen
Jung-Wen Lo
Chang-Kuo Yeh
Publikationsdatum: 01.12.2012
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 6/2012
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-012-9862-y

Live-Webinar: Aktuelle Leitlinien bei Herz-Kreislauf-Erkrankungen

Springer Medizin

An Efficient and Secure Dynamic ID-based Authentication Scheme for Telecare Medical Information Systems

Abstract

Live-Webinar: Aktuelle Leitlinien bei Herz-Kreislauf-Erkrankungen

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 6/2012

Designing Patient-Centered Personal Health Records (PHRs): Health Care Professionals’ Perspective on Patient-Generated Data

Guest Editorial for the Special Issue on RFID-enabled Healthcare: Applications, Issues and Benefits

Deployment of RFID in Healthcare Facilities—Experimental Design in MRI Department

The Differing Privacy Concerns Regarding Exchanging Electronic Medical Records of Internet Users in Taiwan

Creation of a RFID Based Real Time Tracking (R-RTT) System for Small Healthcare Clinics

Security Risks Associated with Radio Frequency Identification in Medical Environments