Abstract
This study suggested a new security method which can be applied to healthcare environment aimed at those geographically living away from hospitals, including the elderly living alone, the handicapped, people living in islands and highlands, and chronic disease patients. In other words, it proposed a new authentication scheme of exchanging safely information between personal health device (PHD) to measure the bio-information of a chronic disease patient at home and data manager (DM) to collect the bio-information from the device. In terms of operations, the proposed scheme features the generation of a random number once by PHD and DM, respectively, two times of XOR operation, and one time of encoding and decoding operation. Therefore, given the low-power characteristic of PHD, it is very efficient. In addition, since a random number is used for encoding and decoding operation, the data to be transmitted is not only variable, but safe from illegal third parties’ attacks, including eavesdropping, location-tracking, spoofing, and replay. In particular, the proposed scheme can be applied directly to ISO/IEEE 11073-20601 standard. Therefore, it is judged that the proposed authentication scheme is very useful in the point that it added the mutual authentication function to PHD and DM to implement safer and more efficient e-health environment.
Similar content being viewed by others
Notes
The assumption that a communication channel between HMC and DM is secured against attacks is defined in the international standard HL7 Ver 3.0. Therefore, more description of it is not beyond this thesis. For more details, please refer to the international standard. If there is no HMC in an application environment, DM at home may be able to take the role of HMC, or a separate authentication server may be able to play such a role.
References
International Standard Organization (2013) ISO/IEEE 11073-20601: health informatics, personal health device communication, application profile optimized exchange protocol. http://www.iso.org. Accessed 1 Mar 2015
Appari A, Johnson ME (2010) Information security and privacy in healthcare: current state of research. Int J Internet Enterp Manag 6(4):279–314
Kumar P, Lee HJ (2012) Security issues in healthcare applications using wireless medical sensor networks: a survey. Sensors 12:55–91
Kliem A, Hovestadt M, Kao O (2012) Security and communication architecture for networked medical devices in mobility-aware eHealth environments. In: IEEE first international conference on mobile services (MS)
Koo B, Ryu G, Yang S, Chang T, Lee S (2006) Low-cost AES implementation for RFID tags. J KIISC 16(5):67–77
Daemen J, Rijmen V (2002) The design of Rijndael. In: AES-the Advanced Encryption Standard. Springer, Berlin
Daemen J, Rijmen V (1999) AES proposal; Rijndael, version 2. Submission to NIST
Feldhofer M, Dominikus S, Rijmen, Wolkerstorfer J (2004) Strong authentication for RFID systems using the AES algorithm. In: ICCHES, pp 357–370
Jung M, Fiedler H, Lerch R (2005) 8-bit microcontroller system with area efficient AES coprocessor for transponder application. In: Workshop on RFID and lightweight crypto, pp 32–43
Vernam GS (1919) Secret signaling system. US Patent 1,310,719
Shannon C (1949) Communication theory of secrecy systems. Bell Syst Tech J 28:656–715
Hongqiang J, Junfeng T, Baomin W (2008) A study on the one-time pad scheme based stern-brocot tree. ISCSCT 2008:568–571
Acknowledgments
This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2013R1A1A2006745).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kim, S.S. Mutual authentication scheme between biosensor device and data manager in healthcare environment. J Supercomput 72, 177–184 (2016). https://doi.org/10.1007/s11227-015-1536-3
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-015-1536-3