Medical cooperative authenticated key agreement schemes with involvement of personal care assistant in telemedicine

Abstract

Background and objectiveDue to the mature development of information and network technology, telemedicine is increasingly able to facilitate the implementation of long-term care for patients with disabilities. Such patients may, however, not be adept at usage of such technological products, thus personal care assistants (PCAs) are required to assist in such usage. While PCAs collaborate with patients in operating telehealth systems, such use also poses challenges to security and raises concerns involving the authenticity of all the related participants. Even mutual authentication between patients and physicians can be a challenge when patients change or have multiple physicians, which raises key management concerns. MethodsA cooperative authenticated key agreement scheme is developed to address the various security scenarios when providing telemedicine care to patients with a disability. In addition, an enhanced version scheme with group key exchange functionality is proposed to satisfy situations where more than one physician is involved in providing services during a medical consultation situation. ResultsThe proposed schemes achieve the scenarios of PCAs involvement and group consultation in telemedicine with perfect security properties including mutual authentication, session key agreement, forward secrecy, known-key security, impersonation attack prevention, replay attack prevention, and insider attack prevention. The performance analysis is demonstrated to show the feasibility of our schemes. ConclusionsTwo schemes are presented for a patient with a disability in a telemedicine scenario. The first scheme establishes a solution for a typical situation where the patient and a personal care assistant cooperatively log into the telemedicine system and achieve a key agreement with the designated physician. Considering the case of multiple physicians’ collaboration, the second scheme provides a solution by forming a group for the patient and physicians and then distributes a group key between the group members to set up a secure communication platform.