Abstract

Health related information of an individual is very sensitive and demands a high level of security and privacy. Healthcare providers have the responsibility to ensure that patient information is secure and accessible only to authorized users. Healthcare systems are using biometrics since long for authentication and/or access control purposes. Biometrics can also be used for healthcare data security and privacy. This paper proposes an iris based cancelable biometric cryptosystem to securely store the healthcare data of patients on the smart card. It employs symmetric key cryptography to encrypt the healthcare data and store it on the smart card in encrypted form. We use the fuzzy commitment scheme to bind the secret encryption key with the cancelable iris template of the patient. Our proposed scheme provides user authentication as well as the decryption of healthcare data when needed by using the iris template of the owner of the healthcare smart card. The implementation results show that our proposed scheme provides better performance as compared to other schemes. It can generate an encryption key of a maximum of 252 bits from the input iris template with a false acceptance rate (FAR) of 0 and a false rejection rate (FRR) of 0.07. The generated key can be used for encrypting the health care data of patients using a symmetric encryption algorithm, e.g. Advance Encryption Standard (AES), International Data Encryption Algorithm (IDEA), Blowfish, etc. As compared to a conventional encryption system where the security of the system depends on keeping the key secret, our proposed scheme binds the encryption key with the iris - template of the patient impeccably without the need to store it securely. The security analysis demonstrates that it is not possible for an attacker to retrieve the secret key or healthcare data of the patient from the stolen healthcare card.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.