Abstract
Electronic healthcare (e-health) has gained more and more research attention in recent years, due to its flexibility and convenience. E-health is efficiently enabled by telecare medicine information system (TMIS). TMIS provides seamless transfer and timely sharing of medical information for specific healthcare services. Since communications in TMIS are carried out through unreliable channels, data security and user privacy concerns become prominent. With traditional single-server architecture, users must store massive credentials, which causes inefficient communication and significant overhead. Moreover, user credentials in previously proposed schemes are stored at server side, suffering potential risks. Our work proposes a three-factor user-controlled single sign-on (UCSSO) with fast authentication and privacy protection for TMIS. The contributions of this paper are as follows. Our work integrates three factors including password, smart card and biometrics in authentication procedure, for providing a high-security and privacy-preserved communication. We introduce single sign-on solution that allows users to log in to multiple servers using a single password. User-controlled mechanism is proposed to address insider attacks and the risk that registration center may be compromised. The proposed scheme is designed with fast authentication mechanism that helps to efficiently establishes new session key. Our work is proved secure using BAN logic, ROR model, and AVISPA toolset. The results of performance comparison show that our scheme provides more security properties and bears the least overhead, compared with competitive schemes.
Highlights
Telecare medicine information system (TMIS) has attracted more and more attention because of its convenience, allowing healthcare data to be flexibly stored and shared by communicating participants
CONTRIBUTIONS In this paper, we propose a three-factor user-controlled single sign-on (UCSSO) with fast authentication and privacy protection for TMIS
THREE-FACTOR UCSSO SCHEME WITH FAST AUTHENTICATION AND PRIVACY PROTECTION we describe the system model of our scheme
Summary
Telecare medicine information system (TMIS) has attracted more and more attention because of its convenience, allowing healthcare data to be flexibly stored and shared by communicating participants. A smart card based user authentication scheme for TMIS designed by Amin et al [24] provides anonymity preservation for patients. 1) We propose a three-factor authentication mechanism combining password, smart card and biometrics, which provides a high security communication for TMIS. 4) Fast authentication is designed to allow the users to rapidly establish new session key with TMIS servers. This solution can accelerate the communication process and save the cost. (patient) and TMIS server S# (healthcare provider) They are allowed to compute a shared session key in a secure and privacy-preserving environment. For security proof of our scheme, the following goals of authentication and key agreement must be realized based on the assumption and logics.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
