Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement

Lists

Zhang, Liping, Zhang, Yixin, Tang, Shanyu ORCID: https://orcid.org/0000-0002-2447-8135 and Luo, He (2018) Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement. IEEE Transactions on Industrial Electronics, 65 (3). pp. 2795-2805. ISSN 0278-0046

[thumbnail of Zhang-etal-2017-Privacy-protection-for-e-health-systems-by-means-of-dynamic-authentication-and-three-factor-key-agreement.pdf]
Preview
 PDF
Zhang-etal-2017-Privacy-protection-for-e-health-systems-by-means-of-dynamic-authentication-and-three-factor-key-agreement.pdf - Accepted Version
Download (263kB) | Preview

Abstract

During the past decade, the electronic healthcare (e-health) system has been evolved into a more patient-oriented service with smaller and smarter wireless devices. However, these convenient smart devices have limited computing capacity and memory size, which makes it harder to protect the user’s massive private data in the e-health system. Although some works have established a secure session key between the user and the medical server, the weaknesses still exist in preserving the anonymity with low energy consumption. Moreover, the misuse of biometric information in key agreement process may lead to privacy disclosure, which is irreparable. In this study, we design a dynamic privacy protection mechanism offering the biometric authentication at the server side whereas the exact value of the biometric template remains unknown to the server. And the user anonymity can be fully preserved during the authentication and key negotiation process because the messages transmitted with the proposed scheme are untraceable. Furthermore, the proposed scheme is proved to be semantic secure under the Real-or-Random Model. The performance analysis shows that the proposed scheme suits the e-health environment at the aspect of security and resource occupation.

Item Type: Article
Identifier: 10.1109/TIE.2017.2739683
Additional Information: © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Keywords: electronic healthcare system, authentication, privacy protection, key agreement
Subjects: Computing > Information security > Cyber security
Computing > Information security
Depositing User: Shanyu Tang
Date Deposited: 28 Jul 2017 17:44
Last Modified: 06 Feb 2024 15:53
URI: https://repository.uwl.ac.uk/id/eprint/3646

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item
Tools
CORE (COnnecting REpositories)

Menu