Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement

Zhang, Liping, Zhang, Yixin, Tang, Shanyu and Luo, He (2017) Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement. IEEE Transactions on Industrial Electronics. ISSN 0278-0046

[img]
Preview
PDF
Zhang-etal-2017-Privacy-protection-for-e-health-systems-by-means-of-dynamic-authentication-and-three-factor-key-agreement.pdf - Accepted Version

Download (263kB) | Preview

Abstract

During the past decade, the electronic healthcare (e-health) system has been evolved into a more patient-oriented service with smaller and smarter wireless devices. However, these convenient smart devices have limited computing capacity and memory size, which makes it harder to protect the user’s massive private data in the e-health system. Although some works have established a secure session key between the user and the medical server, the weaknesses still exist in preserving the anonymity with low energy consumption. Moreover, the misuse of biometric information in key agreement process may lead to privacy disclosure, which is irreparable. In this study, we design a dynamic privacy protection mechanism offering the biometric authentication at the server side whereas the exact value of the biometric template remains unknown to the server. And the user anonymity can be fully preserved during the authentication and key negotiation process because the messages transmitted with the proposed scheme are untraceable. Furthermore, the proposed scheme is proved to be semantic secure under the Real-or-Random Model. The performance analysis shows that the proposed scheme suits the e-health environment at the aspect of security and resource occupation.

Item Type: Article
Additional Information: © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Uncontrolled Keywords: electronic healthcare system, authentication, privacy protection, key agreement
Subjects: Computing > Information security > Cyber security
Computing > Information security
Depositing User: Shanyu Tang
Date Deposited: 28 Jul 2017 17:44
Last Modified: 15 Aug 2017 12:55
URI: http://repository.uwl.ac.uk/id/eprint/3646

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item

Menu