Skip to main content
Hauptrubriken
CME Facharzt-Training Webinare Zeitschriften Bücher e.Medpedia Podcast
Service
Jobbörse Info & Hilfe
Fachgebiete
Anästhesiologie Allgemeinmedizin Arbeitsmedizin Augenheilkunde Chirurgie Dermatologie Gynäkologie und Geburtshilfe HNO Innere Medizin Kardiologie Neurologie Onkologie und Hämatologie Orthopädie und Unfallchirurgie Pädiatrie Pathologie Psychiatrie Radiologie Rechtsmedizin Urologie Zahnmedizin
Themen
Klimawandel und Gesundheit Neues aus dem Markt COVID-19 Praxis und Beruf Seltene Erkrankungen GOÄ & EBM Panorama
Sammlungen
Kasuistiken Algorithmen & Infografiken Blickdiagnosen Arthropedia FlapFinder (für Dermatochirurgen) Videos Kongressberichterstattung Medizin für Apothekerinnen und Apotheker Für Ärztinnen und Ärzte in Weiterbildung Für Medizinstudierende
Erweiterte Suche
Anmelden
nach oben
Journal of Medical Systems
Erschienen in: Journal of Medical Systems 11/2014

01.11.2014 | Systems-Level Quality Improvement

Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems

verfasst von: Xuelei Li, Qiaoyan Wen, Wenmin Li, Hua Zhang, Zhengping Jin

Erschienen in: Journal of Medical Systems | Ausgabe 11/2014

Einloggen, um Zugang zu erhalten

Abstract

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient’s medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.
Literatur
1.
Hsu, C. L., Lee, M. R., and Su, C. H., The role of privacy protection in healthcare information systems adoption. J. Med. Syst. 37(5):1–12, 2013.
2.
Touati, F., and Tabish, R., U-Healthcare System: State-of-the-Art Review and Challenges. J. Med. Syst. 37(3):1–20, 2013.CrossRef
3.
Anderson, K. B., Durbin, E., and Salinger, M. A., Identity theft. J. Econom. Perspect. 22(2):171–192, 2008.CrossRef
4.
Jain, A. K., and Nandakumar, K., Biometric authentication: system security and user privacy. IEEE Comput. 45(11):87–92, 2012.CrossRef
5.
Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electr. 46(1):28–30, 2000.CrossRef
6.
Chien, H. Y., Jan, J. K., and Tseng, Y. M., An efficient and practical solution to remote authentication: smart card. Comput. Secur. 21(4):372–375, 2002.CrossRef
7.
Awasthi, A. K., Srivastava, K., and Mittal, R. C., An improved timestamp-based remote user authentication scheme. Comput. Electr. Eng. 37(6):869–874, 2011.CrossRef
8.
Li, X., Niu, J., Khurram Khan, M., and Liao, J., An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5):1365–1371, 2013.CrossRef
9.
Wen, F., Susilo, W., and Yang, G., A robust smart card-based anonymous user authentication protocol for wireless communications. Secur. Commun. Netw. 2013. DOI: 10.1002/sec.816.
10.
Das, M. L., Saxena, A., and Gulati, V. P., A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electr. 50(2):629–631, 2004.CrossRef
11.
12.
Li, X., Ma, J., Wang, W., Xiong, Y., and Zhang, J., A novel smart card and dynamic ID based remote user authentication scheme for multi-server environment. Mathematical and Computer Modelling 58(1–2):85–95, 2013.CrossRef
13.
Wen, F., and Li, X., An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2012.CrossRef
14.
Lee, T. F., and Liu, C. M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):1–8, 2013.
15.
Kocher, P., Jaffe, J., and Jun, B., Differential power analysis. Advances in Cryptology-CRYPTO 99:388–397, 1999.CrossRef
16.
Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.CrossRefMathSciNet
17.
Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., and Shalmani, M. T. M., On the power of power analysis in the real world: A complete break of the KeeLoq code hopping scheme. Advances in Cryptology-CRYPTO 08:203–220, 2008.MathSciNet
18.
Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.CrossRef
19.
Cao, T., and Zhai, J., Improved dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–7, 2013.CrossRefMathSciNet
20.
Xie, Q., Zhang, J., and Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–8, 2013.CrossRef
21.
Fan, C. I., and Lin, Y. H., Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. IEEE Trans. Inf. Foren. Sec. 4(4):933–945, 2009.CrossRef
22.
Li, C. T., and Hwang, M. S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.CrossRef
23.
Li, X., Niu, J., Ma, J., Wang, W., and Liu, C., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications 34(1):73–79, 2011.CrossRefMATH
24.
Li, X., Niu, J., Wang, Z., Chen, C., Applying biometrics to design three-factor remote user authentication scheme with key agreement. Security and Communication Networks, 2013, in press, DOI: 10.​1002/​sec.​767.
25.
Li, X., Niu, J., Khan, M., Liao, J., Zhao, X., Robust three-factor remote user authentication scheme with key agreement for multimedia systems. Security and Communication Networks, 2013, in press, DOI: 10.​1002/​sec.​961.
26.
Huang, X., Xiang, Y., Chonka, A., Zhou, J., and Deng, R. H., A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans. Parallel Distrib. Syst. 22(8):1390–1397, 2011.CrossRef
27.
Das, A. K., and Bruhadeshwar, B., An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. J. Med. Syst. 37(5):1–17, 2013.CrossRef
28.
He, D., Chen, J., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
29.
Awasthi, A. K., and Srivastava, K., A biometric authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 37(5):1–4, 2013.CrossRef
30.
31.
Dodis, Y., Ostrovsky, R., Reyzin, L., and Smith, A., Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1):97–139, 2008.CrossRefMATHMathSciNet
32.
Burrows, M., Abadi, M., and Needham, R., A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences 426(1871):233–271, 1989.CrossRefMATHMathSciNet
33.
Halevi, S., and Krawczyk, H., Public-key cryptography and password protocols. ACM Transactions on Information and System Security (TISSEC) 2(3):230–268, 1999.CrossRef
34.
Li, X., Wen, Q., Zhang, H., and Jin, Z., An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. International Journal of Network Management 23(5):311–324, 2013.CrossRef
Metadaten
Titel
Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems
verfasst von
Xuelei Li
Qiaoyan Wen
Wenmin Li
Hua Zhang
Zhengping Jin
Publikationsdatum
01.11.2014
Verlag
Springer US
Erschienen in
Journal of Medical Systems / Ausgabe 11/2014
Print ISSN: 0148-5598
Elektronische ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0139-5

Weitere Artikel der Ausgabe 11/2014

Journal of Medical Systems 11/2014 Zur Ausgabe

Systems-Level Quality Improvement

Opioid Prescribing by Physicians With and Without Electronic Health Records

Systems-Level Quality Improvement

The Effect of Socio-Cultural Characteristics on the Effectiveness of Teamwork: A Study in the Gülhane Military Medical Faculty Training Hospital

Erratum

Erratum to: Video Summarization Based Tele-endoscopy: A Service to Efficiently Manage Visual Data Generated During Wireless Capsule Endoscopy Procedure

Transactional Processing Systems

Characterization of Image Transfer Patterns in a Regional Trauma Network

Systems-Level Quality Improvement

Reliable and Reproducible Classification System for Scoliotic Radiograph using Image Processing Techniques

Systems-Level Quality Improvement

Distributed Denial of Service (DDoS) Attack in Cloud- Assisted Wireless Body Area Networks: A Systematic Literature Review