Abstract
The E-healthcare system has a complex architecture, diverse business types, and sensitive data security. To meet the secure communication and access control requirements in the user–medical server, user–patient, patient–medical server, and other scenarios in the E-healthcare system, secure and efficient authenticated key agreement and access authorization scheme need to be studied. However, the existing multi-server solutions do not consider the authentication requirements of the Wireless Body Area Network (WBAN) and are not suitable for user–patient, patient–medical server scenarios; most of the existing WBAN authentication schemes are single-server type, which are difficult to meet the requirements of multi-server applications, and the study of user–patient real-time scenarios has not received due attention. This work first reveals the structural flaws and security vulnerabilities of the existing typical schemes and then proposes an authentication and access control architecture suitable for multiple scenarios of the E-healthcare system with separate management and business and designs a novel ECC-based multi-factor remote authentication and access control scheme for E-healthcare using physically unclonable function (PUF) and hash. Security analysis and efficiency analysis show that the new scheme has achieved improved functionality and higher security while maintaining low computational and communication overhead.
Highlights
In the near future, the medical industry will incorporate more artificial intelligence, sensor technology and other high technologies to create smart hospital systems, regional health systems and home health systems
Authentication and access control schemes can be classified into symmetric cryptography based schemes and public key cryptography based schemes according to the cryptography they rely on
In order to facilitate the understanding of the subsequent cryptanalysis of LACO, we briefly review the registration and authentication process of it [13]
Summary
The medical industry will incorporate more artificial intelligence, sensor technology and other high technologies to create smart hospital systems, regional health systems and home health systems. They will use advanced Internet of Things technology, cloud computing technology, big data technology and artificial intelligence technology to achieve seamless interaction between patients and medical staff, medical institutions, medical equipment, and make medical services truly digital and intelligent. Due to the complex network structure of E-healthcare system (the server side is mostly secure and stable Ethernet, the user side is mostly WLAN or cellular mobile communication network, and the patient side is wireless sensor network), some nodes are resource-constrained devices (most medical servers are high-performance server cluster or cloud server, the user-side devices are mostly personal computers or mobile smart terminals, except for the relatively rich gateway on the patient side, the remaining sensors and other devices are cheap terminals with limited batteries, storage and computing power, the interaction data involves individuals privacy (such as patient’s name, home address, medical records, blood test results, DNA sequence and other sensitive data) and other characteristics, so existing authentication and authorization scheme cannot be directly applied to Ehealthcare system
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have