Skip to main content
Key Specialties
Cardiology Diabetology Endocrinology Gastroenterology Geriatrics and Gerontology Gynecology and Obstetrics Hematology Infectious Disease Internal Medicine Nephrology Neurology Oncology Pediatrics Respiratory Medicine Rheumatology Surgery
Congress Coverage
2024 ACC Congress 2023 ESMO Congress 2023 EASD Congress 2023 ERS Congress 2023 ESC Congress
Clinical Collections
Advances in Alzheimer’s

At a glance: The STEP trials

A round-up of the STEP phase 3 clinical trials evaluating semaglutide for weight loss in people with overweight or obesity.
ADVANCED SEARCH
Log in
Top
Journal of Medical Systems
Published in: Journal of Medical Systems 11/2014

01-11-2014 | Systems-Level Quality Improvement

Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems

Authors: Xuelei Li, Qiaoyan Wen, Wenmin Li, Hua Zhang, Zhengping Jin

Published in: Journal of Medical Systems | Issue 11/2014

Login to get access

Abstract

Healthcare delivery services via telecare medicine information systems (TMIS) can help patients to obtain their desired telemedicine services conveniently. However, information security and privacy protection are important issues and crucial challenges in healthcare information systems, where only authorized patients and doctors can employ telecare medicine facilities and access electronic medical records. Therefore, a secure authentication scheme is urgently required to achieve the goals of entity authentication, data confidentiality and privacy protection. This paper investigates a new biometric authentication with key agreement scheme, which focuses on patient privacy and medical data confidentiality in TMIS. The new scheme employs hash function, fuzzy extractor, nonce and authenticated Diffie-Hellman key agreement as primitives. It provides patient privacy protection, e.g., hiding identity from being theft and tracked by unauthorized participant, and preserving password and biometric template from being compromised by trustless servers. Moreover, key agreement supports secure transmission by symmetric encryption to protect patient’s medical data from being leaked. Finally, the analysis shows that our proposal provides more security and privacy protection for TMIS.
Literature
1.
Hsu, C. L., Lee, M. R., and Su, C. H., The role of privacy protection in healthcare information systems adoption. J. Med. Syst. 37(5):1–12, 2013.
2.
Touati, F., and Tabish, R., U-Healthcare System: State-of-the-Art Review and Challenges. J. Med. Syst. 37(3):1–20, 2013.CrossRef
3.
Anderson, K. B., Durbin, E., and Salinger, M. A., Identity theft. J. Econom. Perspect. 22(2):171–192, 2008.CrossRef
4.
Jain, A. K., and Nandakumar, K., Biometric authentication: system security and user privacy. IEEE Comput. 45(11):87–92, 2012.CrossRef
5.
Hwang, M. S., and Li, L. H., A new remote user authentication scheme using smart cards. IEEE Trans. Consum. Electr. 46(1):28–30, 2000.CrossRef
6.
Chien, H. Y., Jan, J. K., and Tseng, Y. M., An efficient and practical solution to remote authentication: smart card. Comput. Secur. 21(4):372–375, 2002.CrossRef
7.
Awasthi, A. K., Srivastava, K., and Mittal, R. C., An improved timestamp-based remote user authentication scheme. Comput. Electr. Eng. 37(6):869–874, 2011.CrossRef
8.
Li, X., Niu, J., Khurram Khan, M., and Liao, J., An enhanced smart card based remote user password authentication scheme. J. Netw. Comput. Appl. 36(5):1365–1371, 2013.CrossRef
9.
Wen, F., Susilo, W., and Yang, G., A robust smart card-based anonymous user authentication protocol for wireless communications. Secur. Commun. Netw. 2013. DOI: 10.1002/sec.816.
10.
Das, M. L., Saxena, A., and Gulati, V. P., A dynamic ID-based remote user authentication scheme. IEEE Trans. Consum. Electr. 50(2):629–631, 2004.CrossRef
11.
12.
Li, X., Ma, J., Wang, W., Xiong, Y., and Zhang, J., A novel smart card and dynamic ID based remote user authentication scheme for multi-server environment. Mathematical and Computer Modelling 58(1–2):85–95, 2013.CrossRef
13.
Wen, F., and Li, X., An improved dynamic ID-based remote user authentication with key agreement scheme. Comput. Electr. Eng. 38(2):381–387, 2012.CrossRef
14.
Lee, T. F., and Liu, C. M., A secure smart-card based authentication and key agreement scheme for telecare medicine information systems. J. Med. Syst. 37(3):1–8, 2013.
15.
Kocher, P., Jaffe, J., and Jun, B., Differential power analysis. Advances in Cryptology-CRYPTO 99:388–397, 1999.CrossRef
16.
Messerges, T. S., Dabbish, E. A., and Sloan, R. H., Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5):541–552, 2002.CrossRefMathSciNet
17.
Eisenbarth, T., Kasper, T., Moradi, A., Paar, C., Salmasizadeh, M., and Shalmani, M. T. M., On the power of power analysis in the real world: A complete break of the KeeLoq code hopping scheme. Advances in Cryptology-CRYPTO 08:203–220, 2008.MathSciNet
18.
Chen, H. M., Lo, J. W., and Yeh, C. K., An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 36(6):3907–3915, 2012.CrossRef
19.
Cao, T., and Zhai, J., Improved dynamic ID-based authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–7, 2013.CrossRefMathSciNet
20.
Xie, Q., Zhang, J., and Dong, N., Robust anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 37(2):1–8, 2013.CrossRef
21.
Fan, C. I., and Lin, Y. H., Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. IEEE Trans. Inf. Foren. Sec. 4(4):933–945, 2009.CrossRef
22.
Li, C. T., and Hwang, M. S., An efficient biometrics-based remote user authentication scheme using smart cards. J. Netw. Comput. Appl. 33(1):1–5, 2010.CrossRef
23.
Li, X., Niu, J., Ma, J., Wang, W., and Liu, C., Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards. Journal of Network and Computer Applications 34(1):73–79, 2011.CrossRefMATH
24.
Li, X., Niu, J., Wang, Z., Chen, C., Applying biometrics to design three-factor remote user authentication scheme with key agreement. Security and Communication Networks, 2013, in press, DOI: 10.​1002/​sec.​767.
25.
Li, X., Niu, J., Khan, M., Liao, J., Zhao, X., Robust three-factor remote user authentication scheme with key agreement for multimedia systems. Security and Communication Networks, 2013, in press, DOI: 10.​1002/​sec.​961.
26.
Huang, X., Xiang, Y., Chonka, A., Zhou, J., and Deng, R. H., A generic framework for three-factor authentication: preserving security and privacy in distributed systems. IEEE Trans. Parallel Distrib. Syst. 22(8):1390–1397, 2011.CrossRef
27.
Das, A. K., and Bruhadeshwar, B., An improved and effective secure password-based authentication and key agreement scheme using smart cards for the telecare medicine information system. J. Med. Syst. 37(5):1–17, 2013.CrossRef
28.
He, D., Chen, J., and Zhang, R., A more secure authentication scheme for telecare medicine information systems. J. Med. Syst. 36(3):1989–1995, 2012.CrossRef
29.
Awasthi, A. K., and Srivastava, K., A biometric authentication scheme for telecare medicine information systems with nonce. J. Med. Syst. 37(5):1–4, 2013.CrossRef
30.
31.
Dodis, Y., Ostrovsky, R., Reyzin, L., and Smith, A., Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM J. Comput. 38(1):97–139, 2008.CrossRefMATHMathSciNet
32.
Burrows, M., Abadi, M., and Needham, R., A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences 426(1871):233–271, 1989.CrossRefMATHMathSciNet
33.
Halevi, S., and Krawczyk, H., Public-key cryptography and password protocols. ACM Transactions on Information and System Security (TISSEC) 2(3):230–268, 1999.CrossRef
34.
Li, X., Wen, Q., Zhang, H., and Jin, Z., An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks. International Journal of Network Management 23(5):311–324, 2013.CrossRef
Metadata
Title
Secure Privacy-Preserving Biometric Authentication Scheme for Telecare Medicine Information Systems
Authors
Xuelei Li
Qiaoyan Wen
Wenmin Li
Hua Zhang
Zhengping Jin
Publication date
01-11-2014
Publisher
Springer US
Published in
Journal of Medical Systems / Issue 11/2014
Print ISSN: 0148-5598
Electronic ISSN: 1573-689X
DOI
https://doi.org/10.1007/s10916-014-0139-5

Other articles of this Issue 11/2014

Journal of Medical Systems 11/2014 Go to the issue

Systems-Level Quality Improvement

Reliable and Reproducible Classification System for Scoliotic Radiograph using Image Processing Techniques

Systems-Level Quality Improvement

RFID in the Pharmaceutical Industry: Addressing Counterfeits with Technology

Systems-Level Quality Improvement

Development and Application of a Chinese Webpage Suicide Information Mining System (Sims)

Systems-Level Quality Improvement

The Effect of Socio-Cultural Characteristics on the Effectiveness of Teamwork: A Study in the Gülhane Military Medical Faculty Training Hospital

Patient Facing Systems

A Privacy Authentication Scheme Based on Cloud for Medical Environment

Patient Facing Systems

Operating Room Metrics Score Card—Creating a Prototype for Individualized Feedback