Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

At a glance: The STEP trials

A round-up of the STEP phase 3 clinical trials evaluating semaglutide for weight loss in people with overweight or obesity.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 12/2014

01-12-2014 | Patient Facing Systems

An Efficient Biometric and Password-Based Remote User Authentication using Smart Card for Telecare Medical Information Systems in Multi-Server Environment

Authors: Tanmoy Maitra, Debasis Giri

Published in: Journal of Medical Systems | Issue 12/2014

Login to get access

Abstract

The medical organizations have introduced Telecare Medical Information System (TMIS) to provide a reliable facility by which a patient who is unable to go to a doctor in critical or urgent period, can communicate to a doctor through a medical server via internet from home. An authentication mechanism is needed in TMIS to hide the secret information of both parties, namely a server and a patient. Recent research includes patient’s biometric information as well as password to design a remote user authentication scheme that enhances the security level. In a single server environment, one server is responsible for providing services to all the authorized remote patients. However, the problem arises if a patient wishes to access several branch servers, he/she needs to register to the branch servers individually. In 2014, Chuang and Chen proposed an remote user authentication scheme for multi-server environment. In this paper, we have shown that in their scheme, an non-register adversary can successfully logged-in into the system as a valid patient. To resist the weaknesses, we have proposed an authentication scheme for TMIS in multi-server environment where the patients can register to a root telecare server called registration center (RC) in one time to get services from all the telecare branch servers through their registered smart card. Security analysis and comparison shows that our proposed scheme provides better security with low computational and communication cost.
Literature
1.
2.
Wu, Z.-Y., Lee, Y.-C., Lai, F., Lee, H.-C., Chung, Y., A secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1529–1535, 2012.CrossRef
3.
Debiao, H., Jianhua, C., Rui, Z., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
4.
Pu, Q., Wang, J., Zhao, R., Strong authentication scheme for telecare medicine information systems. J. Med. Syst. 36(4):2609–2619, 2012.CrossRef
5.
Wei, J., Hu, X., Liu, W., An improved authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6):3597–3604, 2012.CrossRef
6.
Zhu, Z., An efficient authentication scheme for telecare medicine information systems. J. Med. Syst. 36(6): 3833–3838, 2012.CrossRef
7.
Muhammad, K.K., and Kumari, S., An authentication scheme for secure access to healthcare services. J. Med. Syst. 37(4):1–12, 2013.
8.
Lee, T.-F., and Liu, C.-M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):1–8, 2013.
9.
Das, A., and Bruhadeshwar, B., An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. J. Med. Syst. 37(5):1–17, 2013.CrossRef
10.
Chen, H.-M., Lo, J.-W., Yeh, C.-K., An efficient and secure dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.CrossRef
11.
Qi, J., Ma, J., Ma, Z., Li, G., A privacy enhanced authentication scheme for telecare medical information systems. J. Med. Syst. 37(1):1–8, 2013.
12.
Qi, X., Zhang, J., Na, D., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–8, 2013.
13.
Cao, T., and Zhai, J., Improved dynamic id-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–7, 2013.CrossRefMathSciNet
14.
Chang, Y.-F., Yu, S.-H., Shiao, D.-R., A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(2):1–9, 2013.MATH
15.
Das, A.K., and Goswami, A., A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J. Med. Syst. 37(3):1–16, 2013.CrossRef
16.
Awasthi, A., and Srivastava, K., A biometric authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 37(5):1–4, 2013.CrossRef
17.
Tan, Z., A user anonymity preserving three-factor authentication scheme for telecare medicine information systems. J. Med. Syst. 38(3):1–9, 2014.CrossRef
18.
Yang, D., and Yang, B. A biometric password-based multi-server authentication scheme with smart card.InComputer Design and Applications (ICCDA), 2010 International Conference on. Vol. 5, pp. 554–559, 2010.
19.
Sood, S.K., Sarje, A.K., Singh, K., A secure dynamic identity based authentication protocol for multi-server architecture. J. Netw. Comput. Appl. 34(2):609–618, 2011.CrossRef
20.
Wang, B., and Ma, M., A smart card based efficient and secured multi-server authentication scheme. Wirel. Pers. Commun. 68(2):361–378, 2013.CrossRef
21.
He, D., and Wu, S., Security flaws in a smart card based authentication scheme for multi-server environment. Wirel. Pers. Commun. 70(1):323–329, 2013.CrossRef
22.
He, D., and Wang, D., Robust biometrics-based authentication scheme for multiserver environment. Syst J. IEEE PP(99):1–8, 2014.CrossRef
23.
Chuang, M.-C., and Chen, M.C., An anonymous multi-server authenticated key agreement scheme based on trust computing using smart cards and biometrics. Expert Syst. Appl. 41(4, Part 1):1411–1418, 2014.CrossRef
24.
Jain, A.K., Flynn, P., Arun, A.R. Handbook of Biometrics. New York: Springer-Verlag, 2007. Inc., Secaucus, NJ,USA.
25.
26.
Kocher, P., Jaffe, J., Jun, B. Differential power analysis.In Advances in Cryptology CRYPTO 99, volume 1666 of lecture notes in computer science, pp. 388–397, 1999.
27.
Messerges, T.S., Dabbish, E.A., Sloan, R.H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.CrossRefMathSciNet
28.
Behrouz, A. Forouzan and Debdeep Mukhopadhyay. Cryptography and Network Security 2/e. Tata-McGraw Hill, TMH: 2nd edition, 2010.
29.
Das, A.K., Sharma, P., Chatterjee, S., Sing, J.K., A dynamic password-based user authentication scheme for hierarchical wireless sensor networks. J. Netw. Comput. Appl. 35(5):1646–1656, 2012.CrossRef
30.
Palash Sarkar, A simple and generic construction of authenticated encryption with associated data. ACM Trans. Inf. Syst. Secur. 13(4:article no.33):1–16, 2010.CrossRef
31.
Potlapally, N.R., Ravi, S., Raghunathan, A, Jha, N.K., A study of the energy consumption characteristics of cryptographic algorithms and security protocols. Mob. Comput. IEEE Trans. 5(2):128–143, 2006.CrossRef
32.
Menezes, A.J., Vanstone, S.A., Paul, C. Van Oorschot. Handbook of Applied Cryptography: 1st edition, 1996. Boca Raton, FL, USA.
Metadata
Title
An Efficient Biometric and Password-Based Remote User Authentication using Smart Card for Telecare Medical Information Systems in Multi-Server Environment
Authors
Tanmoy Maitra
Debasis Giri
Publication date
01-12-2014
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 12/2014
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0142-x

Other articles of this Issue 12/2014

Journal of Medical Systems 12/2014 Go to the issue

Education & Training

HMM for Classification of Parkinson’s Disease Based on the Raw Gait Data

Systems-Level Quality Improvement

Improving Operating Room Turnover Time: A Systems Based Approach

Systems-Level Quality Improvement

Optimization of Noise in Non-integrated Instrumentation Amplifier for the Amplification of Very Low Electrophisiological Signals. Case of Electro Cardio Graphic Signals (ECG).

Systems-Level Quality Improvement

Prioritizing Barriers to Successful Implementation of Hospital Information Systems

Transactional Processing Systems

Service Oriented Architecture for Clinical Decision Support: A Systematic Review and Future Directions

Mobile Systems

Use of an Agent-Based Simulation Model to Evaluate a Mobile-Based System for Supporting Emergency Evacuation Decision Making