Abstract
As one of the crucial components in the emerging internet of things (IoT), wireless body area networks (WBANs) is capable of monitoring vital physiological and behavioral information of users through wearable sensors, offering a new paradigm for the next-generation healthcare systems. However, due to the inherent open wireless communicating characteristics, security and privacy issues for WBANs communication remain unsolved. Note that the deployed WBANs sensors are resource-restrained entities, which restricts its wide applications in medical environment. In this case, effective authentication scheme with efficient group key management strategy is of great significance. Moreover, with comparatively large computation ability and storage capacity, smartphone is able to perform as the vital data processing gateway for WBANs, especially in the upcoming 5G network implementation with superior transmission quality and speed. Furthermore, the WBAN sensors are responsible for continuous physiological monitoring, where the acquired biometric features could be adopted to the authentication process. For the above consideration, a secure certificateless biometric authentication and group key management for WBAN scenarios is proposed in this paper. In our design, user's smartphone takes the role of personal controller (PC) in traditional WBANs structure. The representative features of the gathered electrocardiogram (ECG) records are applied as the distinctive biometric parameter during authentication procedure. Hence efficient authentication towards participating sensors is enabled. Subsequently, fast group key management among all validated sensors is presented, where small modification is required for dynamic key updating mechanism in sensor side. Security analysis indicates that the proposed protocol can achieve desired security properties and provide resistance to various attacks. Performance analysis demonstrates that the proposed protocol is efficient compared with the state-of-the-art WBAN authentication schemes.
Highlights
Wireless body area networks (WBANs) are considered as the fundamental infrastructure for future internet of things (IoT)-based healthcare system
In practical WBANs scenarios, the frequent data exchange between sensors and personal controller (PC) are conducted in open wireless environment, where the transmitted vital biometric data is vulnerable to various security attacks and privacy risks, especially in the WBAN occasions involving large numbers of participating devices [15]
In order to address the above issues, in this paper we propose a secure certificateless biometric authentication scheme for WBANs scenarios
Summary
Wireless body area networks (WBANs) are considered as the fundamental infrastructure for future IoT-based healthcare system. In practical WBANs scenarios, the frequent data exchange between sensors and PC are conducted in open wireless environment, where the transmitted vital biometric data is vulnerable to various security attacks and privacy risks, especially in the WBAN occasions involving large numbers of participating devices [15] In this case, advanced security strategies and privacy preservation techniques are vital for generalized WBAN [16]. (2) Efficient Group key distribution with dynamic updating mechanism: After successful validation, the unique group key is delivered to all legitimate sensors with the purpose of constructing secure communication channel among WBANs devices. The group key updating method only require small modification in smartphone, while the decrypting information in sensors side remains constant as soon as the sensors stay validated In this case, fast revocation process is enabled without extensive computation for the remaining devices.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
