A physiological and behavioral feature authentication scheme for medical cloud based on fuzzy-rough core vector machine

Abstract

The medical cloud brings in connivance to share medical data within the same hospital or between different hospitals. However, sharing medical data on the cloud faces challenges such as (1) the medical cloud platform is vulnerable to cyber attacks, (2) medical data can be illegally accessed by the doctor without patient’s authorization, and (3) unauthorized access from an attacker. Currently, common security authentication schemes generally use fingerprint or face for identification, but these biometric data are easily copied and reused. At present, widely used biometric authentications such as fingerprint and faceID are easy to be copied and reused. The latest GAN algorithm has broken into almost all face recognition systems, the success proportion of the attack reached 95%. Therefore, a secure login authentication scheme is needed. In this paper, we propose a physiological and behavioral feature authentication scheme based on fuzzy-rough theory to limit the access right of medical devices. Such a scheme requires the doctor’s own gesture for the authorization to access the medical device. Fuzzy-rough core vector machine (FRCVM) approach is adopted in our scheme to achieve high classification accuracy and efficiency. The results have shown that our solutions are highly secure and practical. To secure the cloud platform and ensure only the authorized doctors can access the patient data, we have designed an efficient data sharing solution that enables medical data stored in the cloud to be hierarchically authorized for patient access. The solution exploits proxy re-encryption to protect patient-centric medical data sharing.