Abstract
With the rapid development and evolution of wireless network technology, electronic health has shown great potential in continuously monitoring the health of patients. The wireless medical sensor network (WMSN) has played an important role in this field. In WMSN, medical sensors are placed on patients to collect relevant health data and transmitted to medical professionals in hospitals or at home through insecure channels. These health data need to be highly protected because they contain patient-related private information. Once the information is leaked or maliciously modified, it will cause the wrong diagnosis and endanger the health of patients. To protect information privacy and security from being stolen by illegal users, this article reviews the solutions of Farash <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> and further points out the existing vulnerabilities, such as privileged insider attack, user anonymity invalidation, and offline password guessing attack. In order to overcome these drawbacks, we use the Elliptic Curve Cryptography to propose an improved anonymous authentication protocol for a smart healthcare system. The security of our protocol is verified by Burrows-Abadi-Needham logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tools, and security features and efficiency analysis are performed with other related schemes. The results show that the improved protocol provides better security protection while ensuring computational and communication efficiency.
Highlights
In recent years, with the rapid growth of hospitalized patients, it has become an increasingly difficult task to continuously monitor the health of patients by relying solely on medical professionals [1]
The medical user first establishes a connection with a specific sensor node and sends an authentication request; the sensor node sends its own information along with the information received from the user to the gateway node for authentication
There are 6 secrecy goals and 4 authentication goals as follows: secrecy_of sec_subs1: It tells that only Ui is familiar with {IDi, PWi}; secrecy_of sec_a: It shows that only Ui is familiar with An; secrecy_of sec_b: It indicates that Bn is undisclosed to everyone except Sj; role gwn (Ui,Sj,G:agent, SKgui:symmetric_key, SKgsj:symmetric_key, H,Mul:hash_func, Snd,Rcv:channel(dy)) played_by G
Summary
With the rapid growth of hospitalized patients, it has become an increasingly difficult task to continuously monitor the health of patients by relying solely on medical professionals (such as doctors or nurses) [1]. Wu et al [25] in 2017 and Ali et al [26] in 2018 further pointed out system insiders can use their own privileges to obtain the password of any user, and an unauthorized attacker can pass the system authentication through forged login information in Amin et al.’s protocol [23]. In 2017, Challa et al [30] designed a three-factor user authentication protocol for use in healthcare environments that takes into account both computational efficiency and security In their scheme, in addition to providing a regular password update function, the user can update his/her biometrics.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
