Abstract
With the ongoing revolution of cloud computing and Internet of Things, remote patient monitoring has become feasible. These networking paradigms are widely used to provide healthcare services and real-time patient monitoring. The sensors that are either wearable or embedded within the body of a patient transmit patient’s data to the remote medical centers. The medical professional can access patient’s data stored in the cloud anywhere across the globe. As the sensitive data of the patient are sent over insecure cloud-IoT networks, secure user authentication is of utmost importance. An efficient user authentication scheme ensures that only legitimate users can access data and services. This paper proposes a secure and efficient user authentication scheme for remote patient monitoring. The proposed scheme is robust, lightweight and secure against multiple security attacks. Furthermore, the scheme has low computational overhead. A formal verification using AVISPA tool confirms the security of the proposed scheme.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ali A, Irum S, Kausar F, Khan FA (2013) A cluster-based key agreement scheme using keyed hashing for Body Area Networks. Multimed Tools Appl 66(2):201–214
Ameen M Al, Liu J, Kwak K (2012) Security and privacy issues in wireless sensor networks for healthcare applications. J Med Syst 36(1):93–101
Amin R, Biswas GP (2015a) A novel user authentication and key agreement protocol for accessing multi-medical server usable in tmis. J Med Syst 39(3):1–17
Amin R, Biswas GP (2015b) A secure three-factor user authentication and key agreement protocol for tmis with user anonymity. J Med Syst 39(8):1–19
Amin R, Biswas GP (2016) A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks. Ad Hoc Netw 36:58–80
Amin R, Islam SH, Biswas GP, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener Comput Syst 80:483–495
Armando A, Basin D, Cuellar J, Rusinowitch M, Viganò L (2006) Avispa: automated validation of internet security protocols and applications. ERCIM News
Chaudhry SA, Farash MS, Naqvi H, Kumari S, Khan MK (2015) An enhanced privacy preserving remote user authentication scheme with provable security. Secur Commun Netw 8(18):3782–3795
Das ML (2009) Two-factor user authentication in wireless sensor networks. IEEE Trans Wirel Commun 8(3):1086–1090
Divi K, Liu H (2013) Modeling of WBAN and cloud integration for secure and reliable healthcare. In: Proceedings of the 8th international conference on body area networks, pp 128–131. ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering)
Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208
He D, Chen C, Chan S, Jiajun B, Vasilakos AV (2012) ReTrust: attack-resistant and lightweight trust management for medical sensor networks. IEEE Trans Inf Technol Biomed 16(4):623–632
He D, Kumar N, Chen J, Lee C-C, Chilamkurti N, Yeo S-S (2015) Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimed Syst 21(1):49–60
Hossain MS, Muhammad G (2015) Cloud-assisted speech and face recognition framework for health monitoring. Mob Netw Appl 20(3):391–399
Hu F, Jiang M, Wagner M, Dong DC (2007) Privacy-preserving telecardiology sensor networks: toward a low-cost portable wireless hardware/software codesign. IEEE Trans Inf Technol Biomed 11(6):619–627
Huang YM, Hsieh MY, Chao HC, Hung SH, Park JH (2009) Pervasive, secure access to a hierarchical sensor-based healthcare monitoring architecture in wireless heterogeneous networks. IEEE J Sel Areas Commun 27(4):1–12. https://doi.org/10.1109/JSAC.2009.0905xx
Islam SH, Biswas GP (2015) Design of two-party authenticated key agreement protocol based on ecc and self-certified public keys. Wirel Pers Commun 82(4):2727–2750
Khan MK, Alghathbar K (2010) Cryptanalysis and security improvements of ‘two-factor user authentication in wireless sensor networks’. Sensors 10(3):2450–2459
Khan MK, Kumari S (2014) An improved user authentication protocol for healthcare services via wireless medical sensor networks. Int J Distrib Sens Netw. https://doi.org/10.1155/2014/347169
Kumar P, Lee HJ (2011) Cryptanalysis on two user authentication protocols using smart card for wireless sensor networks. In: Wireless Advanced (WiAd), 2011, pp 241–245. IEEE
Kumar P, Lee S-G, Lee H-J (2012) E-SAP: efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks. Sensors 12(2):1625–1647
Kumari S, Chaudhry SA, Wu F, Li X, Farash MS, Khan MK (2015) An improved smart card based authentication scheme for session initiation protocol. Peer-to-Peer Netw Appl 10:1–14
Lee CC et al (2013) An enhanced mobile-healthcare emergency system based on extended chaotic maps. J Med Syst 37(5):9973
Li M, Yu S, Guttman JD, Lou W, Ren K (2013) Secure ad hoc trust initialization and key management in wireless body area networks. ACM Trans Sens Netw (TOSN) 9:18
Li X, Niu J, Kumari S, Liao J, Liang W, Khan MK (2015) A new authentication protocol for healthcare applications using wireless medical sensor networks with user anonymity. Secur Commun Netw. https://doi.org/10.1002/sec.1214
Li CT, Lee CC, Weng CY, Chen SJ (2016) A secure dynamic identity and chaotic maps based user authentication and key agreement scheme for e-healthcare systems. J Med Syst 40(11):233
Liu CH, Chung YF (2017) Secure user authentication scheme for wireless healthcare sensor networks. Comput Electr Eng 59:250–261
Liu J, Zhang Z, Chen X, Kwak KS (2014) Certificateless remote anonymous authentication schemes for wireless body area networks. IEEE Trans Parallel Distrib Syst 25:332–342
Malasri K, Wang L (2009) Design and implementation of a securewireless mote-based medical sensor network. Sensors 9(8):6273–6297
Mishra D, Srinivas J, Mukhopadhyay S (2014) A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems. J Med Syst 38(10):1–10
Seyedi M, Kibret B, Lai DT, Faulkner M (2013) A survey on intrabody communications for body area network applications. IEEE Trans Biomed Eng 60(8):2067–2079
Wu F, Xu L, Kumari S, Li X (2015) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimed Syst. https://doi.org/10.1007/s00530-015-0476-3
Xiong H (2014) Cost-effective scalable and anonymous certificateless remote authentication protocol. IEEE Trans Inf Forensics Secur 9:2327–2339
Xu L, Wu F (2015) Cryptanalysis and improvement of a user authentication scheme preserving uniqueness and anonymity for connected health care. J Med Syst 39(2):10
Yuan J, Jiang C, Jiang Z (2010) A biometric-based user authentication for wireless sensor networks. Wuhan Univ J Nat Sci 15(3):272–276
Zhao Z (2014) An efficient anonymous authentication scheme for wireless body area networks using elliptic curve cryptosystem. J Med Syst 38:13
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Rights and permissions
About this article
Cite this article
Sharma, G., Kalra, S. A Lightweight User Authentication Scheme for Cloud-IoT Based Healthcare Services. Iran J Sci Technol Trans Electr Eng 43 (Suppl 1), 619–636 (2019). https://doi.org/10.1007/s40998-018-0146-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40998-018-0146-5