nach oben

Journal of Medical Systems

Erschienen in:

01.02.2013 | Original Paper

A Privacy Enhanced Authentication Scheme for Telecare Medical Information Systems

verfasst von: Qi Jiang, Jianfeng Ma, Zhuo Ma, Guangsong Li

Erschienen in: Journal of Medical Systems | Ausgabe 1/2013

Einloggen, um Zugang zu erhalten

Abstract

The telecare medical information system (TMIS) aims to establish telecare services and enable the public to access medical services or medical information at remote sites. Authentication and key agreement is essential to ensure data integrity, confidentiality, and availability for TMIS. Most recently, Chen et al. proposed an efficient and secure dynamic ID-based authentication scheme for TMIS, and claimed that their scheme achieves user anonymity. However, we observe that Chen et al.’s scheme achieves neither anonymity nor untraceability, and is subject to the identity guessing attack and tracking attack. In order to protect user privacy, we propose an enhanced authentication scheme which achieves user anonymity and untraceablity. It is a secure and efficient authentication scheme with user privacy preservation which is practical for TMIS.

Li, S. H., Wang, C. Y., Lu W. H., Lin, Y. Y., and Yen, D. C., Design and implementation of a telecare information platform. J. Med. Syst. doi:10.1007/s10916-010-9625-6.

Lee, W. B., and Lee, C. D., A cryptographic key management solution for HIPAA privacy/security regulations. IEEE Trans. Inf. Technol. Biomed. 12(1):34–41, 2008.CrossRef

Gritzalis, S., Lambrinoudakis, C., Lekkas, D., and Deftereos, S., Technical guidelines for enhancing privacy and data protection in modern electronic medical environments. IEEE Trans. Inf. Technol. Biomed. 9(3):413–423, 2005.CrossRef

Lambrinoudakis, C., and Gritzalis, S., Managing medical and insurance information through a smart-card-based information system. J. Med. Syst. 24(4):213–234, 2000.CrossRef

He, D., Chen, J., and Chen, Y., A secure mutual authentication scheme for session initiation protocol using elliptic curve cryptography. Secur Commun Netw, 2012. doi:10.1002/sec.506.

Wu, Z. Y., Chung, Y., Lai, F., and Chen, T. S., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2):631–638, 2012.CrossRef

Wu, Z. Y., Tseng, Y. J., Chung, Y., Chen, Y. C., and Lai, F., A reliable user authentication and key agreement scheme for web-based hospital-acquired infection surveillance information system. J. Med. Syst., 2010. doi:10.1007/s10916-011-9727-9.

Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst., 2010. doi:10.1007/s10916-010-9614-9.

He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst., 2011. doi:10.1007/s10916-011-9658-5.

10.

Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. doi:10.1007/s10916-012-9835-1.

11.

Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. doi:10.1007/s10916-012-9856-9.

12.

Pu, Q., Wang, J., and Zhao, R. Y., Strong authentication scheme for telecare medicine information systems. J. Med. Syst., 2011. doi:10.1007/s10916-011-9735-9.

13.

Chen, H. M., Lo, J. W., Yeh, C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. doi:10.1007/s10916-012-9862-y.

14.

Khan, M. K., et al., Cryptanalysis and security enhancement of a more efficient & secure dynamic id-based remote user authentication scheme. Comput. Commun. 34(3):305–309, 2010.CrossRef

15.

Li, X., Qiu, W., Zheng, D., Chen, K., and Li, J., Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards. IEEE Trans. Ind. Electron. 57(2):793–800, 2010.CrossRef

16.

Youn, T., Park, Y., and Lim, J., Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Commun. Lett. 13(7):471–473, 2009.CrossRef

17.

Wu, S., Zhu, Y., and Pu, Q., Robust smart-cards-based user authentication scheme with user anonymity. Secur Commun Netw 5(2):236–248, 2012.CrossRef

18.

Jiang, Q., Ma, J., Li, G., and Yang, L., An enhanced authentication scheme with anonymity for roaming service in global mobility networks. Wirel. Pers. Commun., 2012. doi:10.1007/s11277-012-0535-4.

19.

Mao, W., Modern cryptography: theory and practice. Prentice Hall Professional Technical Reference, 2003.

20.

Dworkin, M., Recommendation for block cipher modes of operation: methods and techniques. NIST Special Publication 800-38A, 2001.

21.

Hsieh, W.-B., Leu, J.-S., Anonymous authentication protocol based on elliptic curve Diffie–Hellman for wireless access networks. Wirel. Commun. Mob. Comput. doi:10.1002/wcm.2252.

Titel: A Privacy Enhanced Authentication Scheme for Telecare Medical Information Systems
verfasst von: Qi Jiang
Jianfeng Ma
Zhuo Ma
Guangsong Li
Publikationsdatum: 01.02.2013
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 1/2013
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-012-9897-0

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 1/2013

A Randomized Trial of Population-Based Clinical Decision Support to Manage Health and Resource Use for Medicaid Beneficiaries

EHR Systems in the Spanish Public Health National System: The Lack of Interoperability between Primary and Specialty Care

Visual Sharing Protection Method for Medical Images

A Proposed Approach for Safety Management in Medical Software Design

Realizing Digital Signatures for Medical Imaging and Reporting in a PACS Environment

Mobile Tablet Use among Academic Physicians and Trainees