Abstract
Heterogeneous mobile authentication is a crucial technique to securely retrieve the resource of e-healthcare cloud servers which are commonly implemented in a public key Infrastructure (PKI). Conventionally, a mobile data user can utilize a self-chosen password along with a portable device to request the access privilege of clouds. However, to validate the membership of users, a cloud server usually has to make use of a password table, which not only increases the burden of management, but also raises the possibility of information leakage. In this paper, we propose a secure heterogeneous mobile authentication and key agreement scheme for e-healthcare cloud systems. In our system structure, an e-healthcare cloud server of traditional PKIs does not have to store a password table. A legitimate data user only possesses a security token hardware and keeps an offline updatable password without using any private key. Our scheme is classified into the category of dynamic ID authentication techniques, since a data user is able to preserve his/her anonymity during authentication processes. We formally prove that the proposed mechanism fulfills the essential authenticated key exchange (AKE) security and owns lower computational costs. To further ensure the practical application security, an automatic security validation tool called AVISPA is also adopted to analyze possible attacks and pitfalls of our designed protocol.
Highlights
In an open environment such as the Internet, the data communication security is considered as an important issue and has to be ensured to prevent exposure of confidential messages
Utilizing the RSA cryptosystem, in 2013, Lin [15] proposed a dynamic ID-based authentication scheme designed for telecare medical information system
We demonstrate the proposed heterogeneous mobile authentication and key agreement scheme for e-healthcare cloud systems
Summary
In an open environment such as the Internet, the data communication security is considered as an important issue and has to be ensured to prevent exposure of confidential messages. Whenever a patient tries to request the service of a remote e-healthcare cloud server, the latter must confirm his/her identity before approving the request. We call such a protocol the user authentication scheme. Speaking, according to the used evidence, we can classify user authentication schemes into the following three techniques: 1. Something you know: It is a kind of intangible knowledge. A user can be authenticated if he proves that he learns something, e.g., password or PIN
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
