Preeti Soni1, Arup Kumar Pal1, Sk Hafizul Islam2. 1. Department of Computer Science and Engineering, Indian Institute of Technology [IIT(ISM)], Dhanbad, Jharkhand 826004, India. 2. Department of Computer Science and Engineering, Indian Institute of Information Technology, Kalyani, West Bengal 741235, India. Electronic address: hafi786@gmail.com.
Abstract
BACKGROUND AND OBJECTIVE: Wireless sensor network-based remote health-care systems are becoming popular day by day with the rapid growth of Internet technologies and the proliferation of Internet-based application. A remote health-care system always demands a flexible and secure mechanism since any misuse of health-care related data leads to the risk of a patient's life. To make patient-related information more secure, we further consider that the patient related all the communication must be anonymous and untraceable to prevent traffic analysis. This particular approach makes the healthcare system more secure and suitable for real-time scenario. METHODS: Recently, a three-factor mutual authentication scheme in wireless sensor networks (WSNs) is suggested by Challa et al. to deal with the security of the remote health-care system. They believe that their scheme is suitable and ensure the security of the remote health-care system. However, the authors of this article have found that their scheme suffers from sensor node capture attack; user identity reveals attack, session key leak attack, and message modification attack. Further, their scheme designs improper user revocation phase and re-registration phase, which produces the risk of illegal use of smartcard by a legitimate user. So, in this paper, the authors have given an enhanced mechanism for developing a three-factor secure mutual authentication scheme to attain effectively the security of the remote health-care system for patient monitoring. Further, the proper revocation and re-registration of users have been incorporated to support some additional securities in a case when the user lost his/her smartcard or smartcard is stolen. RESULTS AND CONCLUSIONS: Testing with the BAN logic model affirms the accuracy of mutual authentication of the scheme designed in this paper. Also, the output of the AVISPA simulation depicts that the enhanced scheme efficiently tackle the active and passive attacks. Further, the comparative studies of our scheme with state-of-the-art schemes are also acceptable in terms of different security aspects.
BACKGROUND AND OBJECTIVE: Wireless sensor network-based remote health-care systems are becoming popular day by day with the rapid growth of Internet technologies and the proliferation of Internet-based application. A remote health-care system always demands a flexible and secure mechanism since any misuse of health-care related data leads to the risk of a patient's life. To make patient-related information more secure, we further consider that the patient related all the communication must be anonymous and untraceable to prevent traffic analysis. This particular approach makes the healthcare system more secure and suitable for real-time scenario. METHODS: Recently, a three-factor mutual authentication scheme in wireless sensor networks (WSNs) is suggested by Challa et al. to deal with the security of the remote health-care system. They believe that their scheme is suitable and ensure the security of the remote health-care system. However, the authors of this article have found that their scheme suffers from sensor node capture attack; user identity reveals attack, session key leak attack, and message modification attack. Further, their scheme designs improper user revocation phase and re-registration phase, which produces the risk of illegal use of smartcard by a legitimate user. So, in this paper, the authors have given an enhanced mechanism for developing a three-factor secure mutual authentication scheme to attain effectively the security of the remote health-care system for patient monitoring. Further, the proper revocation and re-registration of users have been incorporated to support some additional securities in a case when the user lost his/her smartcard or smartcard is stolen. RESULTS AND CONCLUSIONS: Testing with the BAN logic model affirms the accuracy of mutual authentication of the scheme designed in this paper. Also, the output of the AVISPA simulation depicts that the enhanced scheme efficiently tackle the active and passive attacks. Further, the comparative studies of our scheme with state-of-the-art schemes are also acceptable in terms of different security aspects.