nach oben

Journal of Medical Systems

Erschienen in:

01.06.2013 | Original Paper

A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System

verfasst von: Tian-Fu Lee, I-Pin Chang, Tsung-Hung Lin, Ching-Cheng Wang

Erschienen in: Journal of Medical Systems | Ausgabe 3/2013

Einloggen, um Zugang zu erhalten

Abstract

The integrated EPR information system supports convenient and rapid e-medicine services. A secure and efficient authentication scheme for the integrated EPR information system provides safeguarding patients’ electronic patient records (EPRs) and helps health care workers and medical personnel to rapidly making correct clinical decisions. Recently, Wu et al. proposed an efficient password-based user authentication scheme using smart cards for the integrated EPR information system, and claimed that the proposed scheme could resist various malicious attacks. However, their scheme is still vulnerable to lost smart card and stolen verifier attacks. This investigation discusses these weaknesses and proposes a secure and efficient authentication scheme for the integrated EPR information system as alternative. Compared with related approaches, the proposed scheme not only retains a lower computational cost and does not require verifier tables for storing users’ secrets, but also solves the security problems in previous schemes and withstands possible attacks.

Chen, T. L., Chung, Y. F., and Lin, F. Y. S., A study on agent-based secure scheme for electronic medical record system. J. Med. Syst. 2012. doi:10.1007/s10916-010-9595-8.

Wu, Z. P., Chung, Y., Lai, F., and Chen, T. S., A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2):631–638, 2012.CrossRef

Takeda, H., Matsumura, Y., and Kuwata, S., Architecture for networked electronic patient record systems. Int. J. Med. Inform. 60(2):161–167, 2000.CrossRef

Lee, J. K., Ryu, S. R., and Yoo, K. Y., Fingerprint-based remote user authentication scheme using smart cards. Electron. Lett. 38(12):554–555, 2002.CrossRef

Lin, C. H., and Lai, Y. Y., A flexible biometrics remote user authentication scheme. Comput. Stand. Interfaces 27(1):19–23, 2004.CrossRef

Lee, N. Y., and Chiu, Y. C., Improved remote authentication scheme with smart card. Comput. Stand. Interfaces 27(2):177–180, 2005.CrossRef

Wu, S. T., and Chieu, B. C., A user friendly remote authentication scheme with smart cards. Comput. Secur. 22(6):547–550, 2003.CrossRef

Wu, Z. Y., Lee, Y. C., Lai, F., Lee, H. C., and Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 2010. doi:10.1007/s10916-010-9614-9.

He, D. B., Chen, J. H., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 2011. doi:10.1007/s10916-011-9658-5.

10.

Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 2012. doi:10.1007/s10916-012-9835-1.

11.

Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 2012. doi:10.1007/s10916-012-9856-9.

12.

Wu, Z. Y., Tseng, Y. J., Chung, Y., Chen, Y. C., and Lai, F., A reliable user authentication and key agreement scheme for Web-based Hospital-acquired Infection Surveillance Information System. J. Med. Syst. 36:2547–2555, 2012.CrossRef

13.

Song, R., Advanced smart card based password authentication protocol. Comput. Stand. Interfaces 32(5–6):321–325, 2010.CrossRef

14.

Stallings, W., Cryptography and network security: principles and practice, 2nd edition. Prentice Hall, Upper Saddle River, 1999.

15.

Kumar, M., Gupta, M. K., and Kumari, S., An improved efficient remote password authentication scheme with smart card over insecure network. Int. J. Netw. Secur. 13(3):167–177, 2011.

16.

Yoon, E. J., and Yoo, K. Y., Drawbacks of Liao et al.’s password authentication scheme. International Conference on Next Generation Web Services Prac-tices (NWeSP 2006), Seoul, Korea, 2006.

17.

Xiang, T., Wong, K. W., and Liao, X., Cryptanalysis of a password authentication scheme over insecure networks. J. Comput. Syst. Sci. 74(5):657–661, 2008.MathSciNetMATHCrossRef

18.

Ramasamy, R., and Muniyandi, A. P., An efficient password authentication scheme for smart card. Int. J. Netw. Secur. 14(3):180–186, 2012.

19.

Rivest, R. L., Shamir, A., and Adleman, L., A method for obtaining digital signature and public key cryptosystems. Commun. ACM 21(2):120–126, 1978.MathSciNetMATHCrossRef

20.

Lu, R., Cao, Z., Chai, Z., and Liang, X., A simple user authentication scheme for grid computing. Int. J. Netw. Secur. 7(2):202–206, 2008.

21.

Wang, Y. Y., Liu, J. Y., Xiao, F. X., and Dan, J., A more efficient and secure dynamic ID-based remote user authentication scheme. Comput. Commun. 32:583–585, 2009.CrossRef

Titel: A Secure and Efficient Password-Based User Authentication Scheme Using Smart Cards for the Integrated EPR Information System
verfasst von: Tian-Fu Lee
I-Pin Chang
Tsung-Hung Lin
Ching-Cheng Wang
Publikationsdatum: 01.06.2013
Verlag: Springer US
Erschienen in: Journal of Medical Systems / Ausgabe 3/2013
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI: https://doi.org/10.1007/s10916-013-9941-8

Springer Medizin

Abstract

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Weitere Artikel der Ausgabe 3/2013

easyHealthApps: e-Health Apps Dynamic Generation for Smartphones & Tablets

Smartphone Use and Acceptability Among Clinical Medical Students: A Questionnaire-Based Study

Clinical Pathways Scheduling Using Hybrid Genetic Algorithm

Facebook as a Platform for Health Information and Communication: A Case Study of a Diabetes Group

A Secure Smart-Card Based Authentication and Key Agreement Scheme for Telecare Medicine Information Systems

U-Healthcare System: State-of-the-Art Review and Challenges