Skip to main content

Advertisement

SpringerLink
Log in

A Mutual Authentication Framework for Wireless Medical Sensor Networks

  • Mobile & Wireless Health
  • Published:
Journal of Medical Systems Aims and scope Submit manuscript

Abstract

Wireless medical sensor networks (WMSN) comprise of distributed sensors, which can sense human physiological signs and monitor the health condition of the patient. It is observed that providing privacy to the patient’s data is an important issue and can be challenging. The information passing is done via the public channel in WMSN. Thus, the patient, sensitive information can be obtained by eavesdropping or by unauthorized use of handheld devices which the health professionals use in monitoring the patient. Therefore, there is an essential need of restricting the unauthorized access to the patient’s medical information. Hence, the efficient authentication scheme for the healthcare applications is needed to preserve the privacy of the patients’ vital signs. To ensure secure and authorized communication in WMSN, we design a symmetric key based authentication protocol for WMSN environment. The proposed protocol uses only computationally efficient operations to achieve lightweight attribute. We analyze the security of the proposed protocol. We use a formal security proof algorithm to show the scheme security against known attacks. We also use the Automated Validation of Internet Security Protocols and Applications (AVISPA) simulator to show protocol secure against man-in-the-middle attack and replay attack. Additionally, we adopt an informal analysis to discuss the key attributes of the proposed scheme. From the formal proof of security, we can see that an attacker has a negligible probability of breaking the protocol security. AVISPA simulator also demonstrates the proposed scheme security against active attacks, namely, man-in-the-middle attack and replay attack. Additionally, through the comparison of computational efficiency and security attributes with several recent results, proposed scheme seems to be battered.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Khan, M. K., Chaturvedi, A., Mishra, D., and Kumari, S., On the security enhancement of integrated electronic patient records information systems. Comput. Sci. Inf. Syst. 12(2):857–872, 2015.

    Article  Google Scholar 

  2. Istepanian, R. S., Jovanov, E., and Zhang, Y., Guest editorial introduction to the special section on m-health: Beyond seamless mobility and global wireless health-care connectivity. IEEE Trans. Inf. Technol. Biomed. 8(4): 405–414, 2004.

    Article  PubMed  Google Scholar 

  3. Wood, A., Virone, G., Doan, T., Cao, Q., Selavo, L., Wu, Y., Fang, L., He, Z., Lin, S., Stankovic, J.: Alarm-net: Wireless sensor networks for assisted-living and residential monitoring. University of Virginia Computer Science Department Technical Report 2 (2006)

  4. Lorincz, K., Malan, D. J., Fulford-Jones, T. R., Nawoj, A., Clavel, A., Shnayder, V., Mainland, G., Welsh, M., Moulton, S., Sensor networks for emergency response: Challenges and opportunities. IEEE Pervasive Comput. 3(4):16–23, 2004.

    Article  Google Scholar 

  5. Chen, B. R., Peterson, G., Mainland, G., and Welsh, M., Livenet: Using passive monitoring to reconstruct sensor network dynamics. Distributed Computing in Sensor Systems, pp. 79–98. Springer (2008)

  6. van Halteren, A., Bults, R., Wac, K., Konstantas, D., Widya, I., Dokovski, N., Koprinkov, G., Jones, V., Herzog, R.: Mobile patient monitoring: The mobihealth system (2004)

  7. Fischer, M., Lim, Y. Y., Lawrence, E., and Ganguli, L. K., Remotecare: Health monitoring with streaming video. 7th International Conference on Mobile Business (ICMB’08), pp. 280–286. IEEE (2008)

  8. Bellifemine, F., Fortino, G., Giannantonio, R., Gravina, R., Guerrieri, A., Sgroi, M., Spine: A domain-specific framework for rapid prototyping of wbsn applications. Software: Practice and Experience 41(3): 237–265, 2011.

    Google Scholar 

  9. Ng, J. W., Lo, B. P., Wells, O., Sloman, M., Peters, N., Darzi, A., Toumazou, C., Yang, G. Z.: Ubiquitous monitoring environment for wearable and implantable sensors (ubimon). International Conference on Ubiquitous Computing (Ubicomp). Citeseer (2004)

  10. de los Angeles Cosio Leon, M., Hipolito, J. I. N., and García, J. L.: A security and privacy survey for wsn in e-health applications. Electronics, Robotics and Automotive Mechanics Conference, 2009. CERMA’09, pp. 125–130. IEEE (2009)

  11. Ng, H., Sim, M., and Tan, C., Security issues of wireless sensor networks in healthcare applications. BT Technol. J. 24(2):138–144, 2006.

    Article  Google Scholar 

  12. Mishra, D., Chaturvedi, A., and Mukhopadhyay, S., An improved biometric–based remote user authentication scheme for connected healthcare. Int. J. Ad Hoc Ubiquitous Comput. 18(1-2):75–84, 2015.

    Article  Google Scholar 

  13. Alemdar, H., and Ersoy, C., Wireless sensor networks for healthcare: A survey. Comput. Netw. 54(15): 2688–2710, 2010.

    Article  Google Scholar 

  14. Das, A. K., Sutrala, A. K., Odelu, V., and Goswami, A., A secure smartcard-based anonymous user authentication scheme for healthcare applications using wireless medical sensor networks. Wirel. Pers. Commun.,1–35, 2016.

  15. Wazid, M., Zeadally, S., Das, A. K., and Odelu, V., Analysis of security protocols for mobile healthcare. J. Med. Syst. 40(11):229, 2016.

    Article  PubMed  Google Scholar 

  16. Mishra, D., On the security flaws in id-based password authentication schemes for telecare medical information systems. J. Med. Syst. 39(1):154, 2015.

    Article  PubMed  Google Scholar 

  17. Khan, M.K., and Kumari, S., An improved user authentication protocol for healthcare services via wireless medical sensor networks. Int. J. Distrib. Sens. Netw. 10(4):1–10, 2014.

    Article  Google Scholar 

  18. Wu, F., Xu, L., Kumari, S., and Li, X., An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimedia Systems,1–11, 2015.

  19. Xu, L., and Wu, F., Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J. Med. Syst. 39(2):1–9, 2015.

    Article  Google Scholar 

  20. Hu, F., Jiang, M., Wagner, M., and Dong, D. C., Privacy-preserving telecardiology sensor networks: Toward a low-cost portable wireless hardware/software codesign. IEEE Trans. Inf. Technol. Biomed. 11(6):619–627, 2007.

    Article  PubMed  Google Scholar 

  21. Mishra, D., and Mukhopadhyay, S., Cryptanalysis of pairing-free identity-based authenticated key agreement protocols. International Conference on Information Systems Security, pp. 247–254. Springer (2013)

  22. Mishra, D., Mukhopadhyay, S., Chaturvedi, A., Kumari, S., and Khan, M. K., Cryptanalysis and improvement of yan et al.s biometric-based authentication scheme for telecare medicine information systems. J. Med. Syst. 38(6):24, 2014.

    Article  PubMed  Google Scholar 

  23. Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915 , 2012.

    Article  PubMed  Google Scholar 

  24. Lin, H. Y., On the security of a dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):9929, 2013.

    Article  PubMed  Google Scholar 

  25. Cao, T., and Zhai, J., Improved dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):9912, 2013.

    Article  PubMed  Google Scholar 

  26. Xie, Q., Zhang, J., and Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):9911, 2013.

    Article  PubMed  Google Scholar 

  27. Le, X. H., Khalid, M., Sankar, R., and Lee, S., An efficient mutual authentication and access control scheme for wireless sensor networks in healthcare. J. Netw. 6(3):355–364, 2011.

    Google Scholar 

  28. Huang, H. F., Chang, Y. F., and Liu, C. H., Enhancement of two-factor user authentication in wireless sensor networks. IEEE 6th International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH-MSP), pp. 27–30 (2010)

  29. Mishra, D., Srinivas, J., andMukhopadhyay, S., A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J. Med. Syst. 38(10):1–10, 2014.

    Article  Google Scholar 

  30. Mishra, D., Das, A. K., Chaturvedi, A., and Mukhopadhyay, S., A secure password-based authentication and key agreement scheme using smart cards. J. Inf. Secur. Appl. 23:28–43, 2015.

    Google Scholar 

  31. He, D., Zeadally, S., Kumar, N., and Lee, J. H., Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J.,1–12, 2016.

  32. Li, X., Niu, J., Khan, M. K., and Liao, J., An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5):1365–1371, 2013.

    Article  Google Scholar 

  33. Xu, X., Zhu, P., Wen, Q., Jin, Z., Zhang, H., and He, L., A secure and efficient authentication and key agreement scheme based on ecc for telecare medicine information systems. J. Med. Syst. 38(1):9994, 2013.

    Article  PubMed  Google Scholar 

  34. Lee, T. F., Chang, I. P., Lin, T. H., and Wang, C. C., A secure and efficient password-based user authentication scheme using smart cards for the integrated epr information system. J. Med. Syst. 37(3):9941, 2013.

    Article  PubMed  Google Scholar 

  35. Jiang, Q., Ma, J., Lu, X., and Tian, Y., Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J. Med. Syst. 38(2):12, 2014.

    Article  PubMed  Google Scholar 

  36. Bin Muhaya, F. T., Cryptanalysis and security enhancement of zhu’s authentication scheme for telecare medicine information system. Secur. Commun. Netw. 8(2):149–158, 2015.

    Article  Google Scholar 

  37. Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838, 2012.

    Article  PubMed  Google Scholar 

  38. Khan,M. K., and Kumari, S., An authentication scheme for secure access to healthcare services. J. Med. Syst. 37(4):9954, 2013.

    Article  PubMed  Google Scholar 

  39. Arshad, H., and Nikooghadam, M., An efficient and secure authentication and key agreement scheme for session initiation protocol using ecc. Multimedia Tools and Applications 75(1):181–197, 2016.

    Article  Google Scholar 

  40. Mir, O., van der Weide, T., and Lee, C. C., A secure user anonymity and authentication scheme using avispa for telecare medical information systems. J. Med. Syst. 39(9):89, 2015.

    Article  PubMed  Google Scholar 

  41. Das, M. L., Two-factor user authentication in wireless sensor networks. IEEE Trans. Wireless Commun. 8 (3):1086–1090, 2009.

    Article  Google Scholar 

  42. Chen, T. H., and Shih, W. K., A robust mutual authentication protocol for wireless sensor networks. ETRI J. 32(5):704–712, 2010.

    Article  Google Scholar 

  43. Khan, M. K., and Alghathbar, K., Cryptanalysis and security improvements of ’two-factor user authentication in wireless sensor networks’. Sensors 10(3):2450–2459, 2010.

    Article  PubMed  PubMed Central  Google Scholar 

  44. Kumar, P., Lee, S. G., and Lee, H. J., E-sap: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12(2):1625–1647, 2012.

    Article  CAS  PubMed  PubMed Central  Google Scholar 

  45. He, D., Kumar, N., Chen, J., Lee, C. C., Chilamkurti, N., and Yeo, S. S., Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems 21(1):49–60, 2013.

    Article  Google Scholar 

  46. Li, X., Niu, J., Kumari, S., Liao, J., Liang, W., and Khan, M. K., A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Secur. Commun. Netw. 9(15): 2643–2655, 2016.

    Article  Google Scholar 

  47. Siddiqui, Z., Abdullah, A. H., Khan, M. K., and Alghamdi, A. S., Smart environment as a service: Three factor cloud based user authentication for telecare medical information system. J. Med. Syst. 38(1):9997, 2014.

    Article  PubMed  Google Scholar 

  48. Mishra, D., Mukhopadhyay, S., Kumari, S., Khan, M. K., and Chaturvedi, A., Security enhancement of a biometric based authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 38(5): 1–13, 2014.

    Article  Google Scholar 

  49. Mir, O., and Nikooghadam, M., A secure biometrics based authentication with key agreement scheme in telemedicine networks for e-health services. Wirel. Pers. Commun. 83(4):2439–2461, 2015.

    Article  Google Scholar 

  50. Das, A. K., Odelu, V., and Goswami, A., A secure and robust user authenticated key agreement scheme for hierarchical multi-medical server environment in tmis. J. Med. Syst. 39(9):92, 2015.

    Article  PubMed  Google Scholar 

  51. Das, A. K., A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems. J. Med. Syst. 39(3):30, 2015.

    Article  PubMed  Google Scholar 

  52. David, D. B., Mutual authentication scheme for multimedia medical information systems. Multimedia Tools and Applications,1–19, 2016.

  53. Amin, R., Islam, S. H., Biswas, G., Khan, M. K., Leng, L., and Kumar, N., Design of anonymity preserving three-factor authenticated key exchange protocol for wireless sensor network. Comput. Netw. 101:42–62, 2016.

    Article  Google Scholar 

  54. Dolev, D., and Yao, A. C., On the security of public key protocols. IEEE Trans. Inf. Theory 29(2):198–208, 1983.

    Article  Google Scholar 

  55. Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.

    Article  Google Scholar 

  56. Kocher, P., Jaffe, J., and Jun, B., Differential power analysis. In: Proceedings of Advances in Cryptology - CRYPTO’99, Vol. 1666, pp. 388–397. LNCS (1999)

  57. Wu, F., Xu, L., Kumari, S., and Li, X., A new and secure authentication scheme for wireless sensor networks with formal proof. Peer-to-Peer Networking and Applications,1–15, 2015.

  58. Mishra, D., Design and analysis of a provably secure multi-server authentication scheme. Wirel. Pers. Commun. 86(3):1095–1119, 2016.

    Article  Google Scholar 

  59. AVISPA: Automated Validation of Internet Security Protocols and Applications http://www.avispa-project.org/. Accessed on January, Vol. 2015,

  60. He, D., and Wang, D., Robust biometrics-based authentication scheme for multiserver environment. IEEE Syst. J. 9(3):816–823, 2015.

    Article  Google Scholar 

  61. Odelu, V., Das, A. K., and Goswami, A., A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Trans. Inf. Forensics Secur. 10(9):1953–1966, 2015.

    Article  Google Scholar 

  62. Odelu, V., Das, A. K., and Goswami, A., An effective and robust secure remote user authenticated key agreement scheme using smart cards in wireless communication systems. Wirel. Pers. Commun. 84(4):2571–2598, 2015.

    Article  Google Scholar 

  63. He, D., Kumar, N., Shen, H., and Lee, J. H., One-to-many authentication for access control in mobile pay-tv systems. Science China Information Sciences 59(5):052108, 2016.

    Article  Google Scholar 

  64. Das, A. K., Sutrala, A. K., Kumari, S., Odelu, V., Wazid, M., and Li, X., An efficient multi-gateway-based three-factor user authentication and key agreement scheme in hierarchical wireless sensor networks. Secur. Commun. Netw. 9(13):2070–2092, 2016.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Mathematics, Indian Institute of Technology, Kharagpur, India

    Jangirala Srinivas & Sourav Mukhopadhyay

  2. Department of Mathematics, LNM Institute of Information Technology, Jaipur, India

    Dheerendra Mishra

Authors
  1. Jangirala Srinivas
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dheerendra Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sourav Mukhopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dheerendra Mishra.

Ethics declarations

Disclosure of potential conflicts of interest

The authors declare that they have no conflict of interest.

Research involving human participants and/or animals

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed Consent

This article does not contain any studies with human participants performed by any of the authors.

Additional information

This article is part of the Topical Collection on Mobile & Wireless Health

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Srinivas, J., Mishra, D. & Mukhopadhyay, S. A Mutual Authentication Framework for Wireless Medical Sensor Networks. J Med Syst 41, 80 (2017). https://doi.org/10.1007/s10916-017-0720-9

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10916-017-0720-9

Keywords

Search

Navigation