Abstract
Wireless medical sensor networks (WMSNs) play a significant role in increasing the availability of remote healthcare systems. The vital and physiological data of the patient can be collected using the WMSN via sensor nodes that are placed on his/her body and then transmitted remotely to a healthcare professional for proper diagnosis. The protection of the patient’s privacy and their data from unauthorized access is a major concern in such systems. Therefore, an authentication scheme with a high level of security is one of the most effective mechanisms by which to address these security concerns. Many authentication schemes for remote patient monitoring have been proposed recently. However, the majority of these schemes are extremely vulnerable to attacks and are unsuitable for practical use. This paper proposes a secure three-factor authentication scheme for a patient-monitoring healthcare system that operates remotely using a WMSN. The proposed authentication scheme is formally verified using the Burrows, Abadi and Needham’s (BAN) logic model and an automatic cryptographic protocol verifier (ProVerif) tool. We show that our authentication scheme can prevent relevant types of security breaches in a practical context according to the discussed possible attack scenarios. Comparisons of the security and performance are carried out with recently proposed authentication schemes. The results of the analysis show that the proposed authentication scheme is secure and practical for use, with reasonable storage space, computation, and communication efficiency.
Highlights
Wireless medical sensor networks (WMSNs) represent an important trend that has emerged recently to enhance the quality of healthcare services
The gateway node (GWN) is a trusted node which represents the provider of the healthcare service and has adequate computational resources to serve as a link between sensors and healthcare professionals [4–6]
To ensure that our authentication scheme can protect against an impersonation attack, we consider the following possible attack scenarios: Scenario 1: To impersonate the Ui entity during authentication, assume that an attacker has intercepted the login request message M1: {TIDi, CTi1, and Vi1} that was sent to the GWN node, where TIDi = h2 (IDi ‖ SNi), SNi = h1 (SSi1), CTi1= EKGWN−U (r2 ‖ identity of SNj (IDSNj) ‖ SSi1), and vi1= h (TIDi ‖ r2 ‖ SSi1)
Summary
Wireless medical sensor networks (WMSNs) represent an important trend that has emerged recently to enhance the quality of healthcare services. In 2019, Shuai et al [9] noted that the authentication schemes proposed by Wu et al [19] and Ali et al [22] could not protect against a desynchronization attack or achieve a perfect forward secrecy feature They suggested a three-factor authentication scheme for remote patient observation using. In 2020, Fotouhi et al [23] demonstrated that the authentication scheme that was proposed by Srinivas et al [20] was unable to prevent an offline estimation attack, unable to achieve sensor anonymity with untraceability, and failed to provide forward secrecy services. They reported that the authentication schemes that were proposed in [19] and [21] were unable to ensure sensor anonymity, untraceability, or provide perfect forward secrecy services They proposed a lightweight, secure two-factor authentication scheme for healthcare monitoring systems in order to prevent the mentioned attacks.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
