Skip to main content
Hauptrubriken
CME Facharzt-Training Webinare Zeitschriften Bücher e.Medpedia Podcast
Service
Jobbörse Info & Hilfe
Fachgebiete
Anästhesiologie Allgemeinmedizin Arbeitsmedizin Augenheilkunde Chirurgie Dermatologie Gynäkologie und Geburtshilfe HNO Innere Medizin Kardiologie Neurologie Onkologie und Hämatologie Orthopädie und Unfallchirurgie Pädiatrie Pathologie Psychiatrie Radiologie Rechtsmedizin Urologie Zahnmedizin
Themen
Klimawandel und Gesundheit Neues aus dem Markt COVID-19 Praxis und Beruf Seltene Erkrankungen GOÄ & EBM Panorama
Sammlungen
Kasuistiken Algorithmen & Infografiken Blickdiagnosen Arthropedia FlapFinder (für Dermatochirurgen) Videos Kongressberichterstattung Medizin für Apothekerinnen und Apotheker Für Ärztinnen und Ärzte in Weiterbildung Für Medizinstudierende
Erweiterte Suche
Anmelden
nach oben
Journal of Medical Systems
Erschienen in: Journal of Medical Systems 1/2014

01.01.2014 | Original Paper

Smart Environment as a Service: Three Factor Cloud Based User Authentication for Telecare Medical Information System

verfasst von: Zeeshan Siddiqui, Abdul Hanan Abdullah, Muhammad Khurram Khan, Abdullah S. Alghamdi

Erschienen in: Journal of Medical Systems | Ausgabe 1/2014

Einloggen, um Zugang zu erhalten

Abstract

The Telecare Medical Information System (TMIS) provides a set of different medical services to the patient and medical practitioner. The patients and medical practitioners can easily connect to the services remotely from their own premises. There are several studies carried out to enhance and authenticate smartcard-based remote user authentication protocols for TMIS system. In this article, we propose a set of enhanced and authentic Three Factor (3FA) remote user authentication protocols utilizing a smartphone capability over a dynamic Cloud Computing (CC) environment. A user can access the TMIS services presented in the form of CC services using his smart device e.g. smartphone. Our framework transforms a smartphone to act as a unique and only identity required to access the TMIS system remotely. Methods, Protocols and Authentication techniques are proposed followed by security analysis and a performance analysis with the two recent authentication protocols proposed for the healthcare TMIS system.
Literatur
1.
Song, M., Kim, S., and Lee, S., Smart card, USPTO, Pat. No: 6050494, April 18, 2000.
2.
Elberg, P., Electronic patient records and innovation in health care services. J. Med. Syst. 64:201–205, 2001.
3.
Leiner, F., Gaus, W., Haux, R., and Knaup, P., Medical data management-a practical guide. Health Inf. Springer, New York 16:204, 2003.
4.
Xiao, C., and Yu. A., Medical Smart Card System for Patient, Science, Technology, and Energy Policy. White Paper Competition, Bears Breaking Boundaries, 2009.
5.
Huang, X., Xiang, Y., Chonka, A., Zhou, J., and Deng, R., A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. Parallel Distrib. Syst. IEEE 22(08):1390–1397, 2011.CrossRef
6.
Slawomir, G., and Peter, M., Sharing cloud services: User authentication for social enhancement of home networking. Trans. Consum. Electron. IEEE 57:1424–1432, 2011.CrossRef
7.
Jucheng, Y., Naixure, X., Athanasios, V., Zhijun, F., Dongsun, P., Xianghua, X., Sook, Y., Shanjuan, X., and Yong, Y., A fingerprint recognition scheme based on assembling invariant moments for cloud computing communications. Syst. IEEE 5:574–583, 2011.CrossRef
8.
Dirk, B., Richard, C., Orl, E., Markus, J., Steve, K., Scott, M., Jesus, M., and Paul, O., The future of authentication. Secur. Priv. IEEE 10:22–27, 2012.CrossRef
9.
Cong, W., Kui, R., Wenjin, L., and Jin, L., Towards publicly auditable secure cloud data storage services. Networks IEEE 24:19–24, 2010.CrossRef
10.
Fagen, L., and Khan, M. K., A biometric identity based signcryption scheme. Futur. Gener. Comput. Syst., Elsevier Science, 28:306–310, 2012.
11.
Jun, E., Khan, M. K., and Young, K., New robust protocols for remote user authentication and password change. Innov. Comput. Inf. Control (IJICIC) 7:5583–5603, 2011.
12.
Khan, M. K., Alghathbar, K., and Jiashu, Z., Secure and tokenless privacy-protecting chaotic revocable biometrics authentication scheme. Telecommun. Syst., Springer-Verlag, 47:227–234, 2011.
13.
Sayim, M., and Khan, M. K., Authentication fingerprint statistically. Imaging Sci. (UK) 60:165–171, 2012.CrossRef
14.
Sayim, M., Imran, M., and Khan, M. K., Fingerprint classification using PCA, LDA, L-LDA and BPN. Information 14:3313–3324, 2011.
15.
Rhee, M. Y., Message Authentication Code, and Data Expansion Function, in Mobile Communication Systems and Security. John Wiley & Sons, Ltd, Chichester, UK. doi:10.​1002/​9780470823392.​ch10.
16.
Siddiqui, Z., Abdullah, A., Khan, M. K., Qualified Analysis B/w ESB(s) using Analytical Hierarchy Process (AHP) Method. Second International Conference on Intelligent Systems, Modelling and Simulation (ISMS’11), Kuala Lumpur Malaysia, ISBN 978-1-4244-9809-3, 100–104:2011.
17.
Ghamdi, A., Siddiqui, Z., and Quadri, S., A Common Information Exchange Model for Multiple C4I Architectures. 12th International Conference on Computer Modelling and Simulation (UKSIM’10), UK, ISBN 978-1-4244-6614-6, 538–542, 2010.
18.
Ghamdi, A., Siddiqui, Z., Common Information Framework b/w/Defense Architectures, A Wen Semantics Approach. 16th Internationa Conference on Distributed Multimedia Systems, USA, ISSN 2326-3261, 14–16, 2010.
19.
Siddiqui, Z., Abdullah, A., Khan, M. K., and Alghathbar, K., Analysis of enterprise service buses on information security, interoperability and high-availability using Analytical Hierarchy Process (AHP). Phys. Sci. 6:35–42, 2011.
20.
Siddiqui, Z., Abdullah, A., and Khan, M. K., Qualified Analysis b/w ESB(s) using Analytical Hierarchy Process (AHP) Method. International Conference on Intelligent Systems, Modelling and Simulation (ISMS’11), Malaysia, ISBN 978-1-4244-9809-3, 100–104, 2011.
21.
Siddiqui, Z., Abdullah, A., Khan, M. K., and Ghamdi, A., Node Level Information Security in Common Information Exchange Model (CIEM). Science International, ISSN 1013-5316, 21:221–230, 2010.
22.
Dunlop, L., Electronic health records: Interoperability challenges and patient’s right for privacy. Comput. Technol. Shidler J. 3:34–49, 2007.
23.
Khan, M. K., and Kumari, S., An authentication scheme for secure access to healthcare services. J. Med. Syst. 37, 2012.
24.
Kumari, S., and Khan, M. K., Cryptanalysis and improvement of a robust smart-card-based remote user authentication scheme. doi:10.​1002/​dac.​2590, 2013.
25.
Khan, M. K., and Zhang, J., Multimodal face and fingerprint biometrics authentication on space-limited tokens. Neurocomputing 71:3026–3031, 2008.CrossRef
26.
Dilmaghani, R., Ghavami, M., and Bobarshad. H., A new paradigm for Telehealth implementation. International On Engineering Medicine and Biology Society, IEEE, ISBN 978-1-4244-4123-5, 3915–3918, 2010.
27.
28.
Federal Financial Institutions Examination Council (FFIEC), “Authentication of Internet Banking Environment”, http://​www.​ffiec.​gov, pp. 2-4, August 2001, Last Visit: 09 October 2013.
29.
Hung, S., Yao, C., and Yue, L., oPass: A user authentication protocol resistant to password stealing and password reuse attacks. Trans. Inf. Forensic Secur. IEEE 7:651–663, 2012.CrossRef
30.
Gagnon, S., Nabelsi, V., Passerni, K., and Cakici, K., The next web apps architecture: Challenges for SaaS vendors. IT Prof. IEEE 13:44–50, 2011.CrossRef
31.
Wei, J., Hu, X., and Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36:3597–3604, 2012.CrossRef
32.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36:3833–3838, 2012.CrossRef
33.
Chen, M., Lo, W., and Yeh, K., An efficient and secure dynamic ID-based authentication scheme for telecare medical in- formation systems. Med. Syst. Springer, 36:3907–3915, 2012.
34.
Qi, J., Ma, J., Ma, Z., and Li, G., A privacy enhanced authentication scheme for Telecare medical information system. Med. Syst. 37:9886–9894, 2013.
35.
Khan, M. K., Jiashu, Z., and Xiaomin, W., Chaotic Hash-Based Fingerprint Biometric Remote User Authentication Scheme on Mobile Devices Vol. 35. Elsevier Science, UK, pp. 519–524, 2008.
36.
Park, H., Hong, J., Park, J., Zhan, J., and Lee, D., Combined authentication-based multilevel access control in mobile application for DailyLifeService. Mob. Comput. IEEE 09:824–837, 2010.CrossRef
37.
Fuglerud, K., and Dale, O., Secure and inclusive authentication with a talking mobile OTP client. Secur. Priv. IEEE 9:27–34, 2011.CrossRef
38.
Hamdy, M., Alghathbar, K., and Khan, M. K., OTP-Based Two-Factor Authentication Using Mobile Phones. Eigth International Conference on Information Technology: New Generations (ITNG’11), IEEE, ISBN 978-0-7695-4367-3, 327–331, 2011.
39.
Saxena, N., Jan, E., Kari, K., and Asokan, N., Scure device pairing based on a visual channel: Design and usability study. Inf. Forensic Secur. IEEE 06:28–38, 2011.CrossRef
40.
Kelin, E., GPA Location Authentication Method for Mobile Voting. USPTO, Pub. No: US 2011/0053559 A1, March 03, 2011.
41.
Kimberly, D., and Parker, Money Transfer Smart Phone Methods and Systems. USPTO, Pub. No: US 2011/0251941 A1, October 13, 2011.
42.
Haller, N., The S/KEY One-Time Password System. ISOC Symposium on Network and Distributed System Security, San Diego, CA, 151–157, 1994.
43.
Hamdy, E., Khan, M. K., Alghathbar, K., Kim, T., and Hassan, E., Mobile one-time passwords: Two-factor authentication using mobile phones. Secur. Commun. Netw., John Wiley & Sons, 5:508–516, 2011.
44.
Khan, M. K., Kumari, S., An efficient and secure dynamic id-based authentication scheme for Telecare medical information systems. doi:10.​1002/​sec.​791, 2013.
45.
Khan, M. K., and Kumari, S., Cryptanalysis and improvement of an efficient and secure dynamic ID-based authentication scheme for Telecare medical information systems. J. Med. Syst. 37, 2013.
46.
Kocher, P., Jaffe, J., and Jun, B., Differential Power Analysis. Proceedings of Advances in Cryptology. Santa Barbara, CA, U.S.A., 388–397, 1999.
47.
Messerges, T., Dabbish, E., and Sloan, R., Examining smart-card security under the threat of power analysis attacks. Comp. IEEE 51(5):541–552, 2002.CrossRefMathSciNet
Metadaten
Titel
Smart Environment as a Service: Three Factor Cloud Based User Authentication for Telecare Medical Information System
verfasst von
Zeeshan Siddiqui
Abdul Hanan Abdullah
Muhammad Khurram Khan
Abdullah S. Alghamdi
Publikationsdatum
01.01.2014
Verlag
Springer US
Erschienen in
Journal of Medical Systems / Ausgabe 1/2014
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-013-9997-5

Weitere Artikel der Ausgabe 1/2014

Journal of Medical Systems 1/2014 Zur Ausgabe

ReviewPaper

Mobile Clinical Decision Support Systems and Applications: A Literature and Commercial Review

Editorial

Innovation & Market Consolidation Among Electronic Health Record Vendors: An Acute Need for Regulation

OriginalPaper

Systems, Technology and the Critical Need for Rigorous Evaluation

Original Paper

The SAMS: Smartphone Addiction Management System and Verification

Original Paper

Smartphones and Health Promotion: A Review of the Evidence

Erratum

Erratum to: C-PHIS: A Concept Map-Based Knowledge Base Framework to Develop Personal Health Information Systems