Cloud Centric Authentication for Wearable Healthcare Monitoring System

 

Abstract:

Security and privacy are the major concerns in cloud computing as users have limited access on the stored data at the remote locations managed by different service providers. These become more challenging especially for the data generated from the wearable devices as it is highly sensitive and heterogeneous in nature. Most of the existing techniques reported in the literature are having high computation and communication costs and are vulnerable to various known attacks, which reduce their importance for applicability in real-world environment. Hence, in this paper, we propose a new cloud based user authentication scheme for secure authentication of medical data. After successful mutual authentication between a user and wearable sensor node, both establish a secret session key that is used for future secure communications. The extensively-used Real-Or-Random (ROR) model based formal security analysis and the broadly-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool based formal security verification show that the proposed scheme provides the session-key security and protects active attacks. The proposed scheme is also informally analyzed to show its resilience against other known attacks. Moreover, we have done a detailed comparative analysis for the communication and computation costs along with security and functionality features which proves its efficiency in comparison to the other existing schemes of its category.

Existing System:

Most of the existing techniques reported in the literature are having high computation and communication costs and are vulnerable to various known attacks, which reduce their importance for applicability in real-world environment. Hence, in this paper, we propose a new cloud based user authentication scheme for secure authentication of medical data. After successful mutual authentication between a user and wearable sensor node, both establish a secret session key that is used for future secure communications. The extensively-used Real-Or-Random (ROR) model based formal security analysis and the broadly-accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool based formal security verification show that the proposed scheme provides the session-key security and protects active attacks. The proposed scheme is also informally analyzed to show its resilience against other known attacks. Moreover, we have done a detailed comparative analysis for the communication and computation costs along with security and functionality features which proves its efficiency in comparison to the other existing schemes of its category.

Proposed System:

we mainly focus on the security issue where the real-time data collected by the wearable sensors deployed in a patient’s body can be scanned/monitored by a healthcare professional (e.g., a doctor or a medical advisor). To achieve this goal, we propose a secure user authentication scheme where a user can access the real-time data directly from the wearable devices provided that he/she is authorized. A doctor, who is performing some surgery, can wear the google glass, and the vision of the glass can be provided in real-time to the audience (for example, other doctors, relatives of patients, etc.).

Conclusion:

we provided a new user authentication scheme in which a legal user registered at the BRC will be able to mutually authenticate with an accessible wearable sensor node with the help of the CoT C. At the end of successful mutual authentication between user and wearable sensor node, both establish a secret session key that is further used for future secure communications. The formal security using ROR model, informal security and formal security verification using AVISPA tool can give high confidence that several potential passive and active attacks performed by an adversary can be protected in the proposed scheme. In addition, a detailed comparative analysis for the communication and computation costs, and security and functionality features shows that there is a better trade-off a these components in the proposed scheme as compared to those for other schemes. The future work includes evaluating the proposed scheme in a real-world wearable devices deployment that will permit us to fine-tune the scheme, if necessary, to offer better performance as well as security.

REFERENCES

[1] J. Zhou, Z. Cao, X. , and X. Lin, “Security and privacy in cloudassisted wireless wearable communications: Challenges, solutions, and future directions,” IEEE Wireless Communications, vol. 22, no. 2, pp. 136–144, April 2015.

[2] A. K. Das, M. Wazid, N. Kumar, M. K. Khan, K. K. R. Choo, and Y. Park, “Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment,” IEEE Journal of Biomedical and Health Informatics, 2017, DOI: 10.1109/JBHI.2017.2753464.

[3] J. C. S. dos Anjos, M. D. Assuno, J. Bez, C. Geyer, E. P. de Freitas, A. Carissimi, J. P. C. L. Costa, G. Fedak, F. Freitag, V. Markl, P. Fergus, and R. Pereira, “SMART: An Application Framework for Real Time Big Data Analysis on Heterogeneous Cloud Environments,” in IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, Liverpool, UK, Oct 2015, pp. 199–206.

[4] S. Challa, M. Wazid, A. K. Das, and M. K. Khan, “Authentication Protocols for Implantable Medical Devices: Taxonomy, Analysis and Future Directions,” IEEE Consumer Electronics Magazine, vol. 7, no. 1, pp. 57–65, Jan 2018.

[5] J. Wu, H. Li, S. Cheng, and Z. Lin, “The promising future of healthcare services: When big data analytics meets wearable technology,” Information & Management, vol. 53, no. 8, pp. 1020–1033, 2016.

[6] “Information Matters. The Business of Data and the Internet of Things (IoT),” http://informationmatters.net/internet-of-things-statistics/. Accessed on August 2017.

[7] M. D. Assuno, R. N. Calheiros, S. Bianchi, M. A. Netto, and R. Buyya, “Big Data computing and clouds: Trends and future directions,” Journal of Parallel and Distributed Computing, vol. 79-80, pp. 3 – 15, 2015.

[8] R. Alguliyev and Y. Imamverdiyev, “Big Data: Big Promises for Information Security,” in IEEE 8th International Conference on Application of Information and Communication Technologies (AICT), Astana, Kazakhstan, 2014, pp. 1–4.

[9] M. Chen, Y. Ma, Y. Li, D. Wu, Y. Zhang, and C. H. Youn, “Wearable 2.0: Enabling Human-Cloud Integration in Next Generation Healthcare Systems,” IEEE Communications Magazine, vol. 55, no. 1, pp. 54–61, January 2017.

[10] W. Liu, H. Liu, Y. Wan, H. Kong, and H. Ning, “The yoking-proof-based authentication protocol for cloud-assisted wearable devices,” Personal and Ubiquitous Computing, vol. 20, no. 3, pp. 469–479, 2016.

[11] A. K. Das, S. Zeadally, and M. Wazid, “Lightweight authentication protocols for wearable devices,” Computers and Electrical Engineering, vol. 63, pp. 196–208, 2017.

[12] D. Dolev and A. Yao, “On the security of public key protocols,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 198–208, 1983.

[13] T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart-card security under the threat of power analysis attacks,” IEEE Transactions on Computers, vol. 51, no. 5, pp. 541–552, 2002.

[14] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Advances in Cryptology–CRYPTO’99. Santa Barbara, California, USA: Springer, 1999, pp. 789–789.

[15] A. Dua, N. Kumar, A. K. Das, and W. Susilo, “Secure Message Communication Protocol a Vehicles in Smart City,” IEEE Transactions on Vehicular Technology, 2017, DOI: 10.1109/TVT.2017.2780183.