Investigation of Authentication Schemes in Telecare Medicine Information Systems

Document Type : Review Article

Authors

1 Associate Professor, Department of Electrical and Computer Engineering, Isfahan University of Technology, Isfahan, Iran

2 Associate professor, Department of Computer Engineering, Shahid Rajaee Teacher Training University Tehran, Iran

3 PhD, Department of Electrical and Computer Engineering, Isfahan University of Technology, Isfahan, Iran

4 Assistant Professor, Department of Electrical and Computer Engineering, Isfahan University of Technology, Isfahan. Iran

Abstract

Background: Technological advancements based on the Internet of Things have revolutionized human life, and remote monitoring of patient health is no exception. Telecare medicine information systems are systems between home healthcare organizations and patients at home that allow doctors and patients to view medical data electronically. The development of a wireless body network plays a key role in health monitoring. The body's wireless network includes medical sensors that can be embedded in the patient's body, measure the patient vital signs, and send them to medical servers through a wireless channel. Therefore, security in telemedicine has always been a challenge. As cyber-attacks proliferate, we should expect users to take strict measures to protect their information. Thus, the design of lightweight authentication security protocols with the lowest cost has become a major challenge. In this article, we have limited our focus to reviewing the types of authentication protocols presented recently.
Conclusion: In this article, the concepts of TMIS were first examined, and the necessity of creating these systems is introduced. Also, the recently presented authentication schemes were introduced. It was observed that the performance of each authentication scheme depends on the resistance against existing attacks, security features, computing costs, etc. Today, we see the presentation of many protocols in the field of TMIS. However, in addition to the rapid development and progress of these protocols, it should be taken into account that security threats and new attacks are not separated from this speed of technology. As a result, researchers in network security should investigate security protocols to ensure that there is no security threat to them in the worst case.

Highlights

Seyed Mohammad Dakhilalian: Google Scholar

Masoumeh Safkhani: Google Scholar

Behzad Nazari: Google Scholar

Keywords

Main Subjects

References

  1. Safkhan, M, Camara C, Peris-Lopez P. Bagheri N. RSEAP2: An enhanced version of RSEAP, an RFID based authentication protocol for vehicular cloud computing. Vehicular Communications 2021; 28: 100311.
  2. Safkhani M, Bagheri M. Passive secret disclosure attack on an ultralightweight authentication protocol for internet of things. Journal of Supercomputing 2017; 73: 3579-85.
  3. Amintoosi H, Nikooghadam M, Shojafar M, Kumari S, Alazab M. Slight: A lighweight authentication scheme for smart healthcare services. Computers and Electrical Engineering 2022; 99: 107803.
  4. Dadkhah P, Dakhilalian M, Rastegari P. Security analysis and improvement of an access control scheme for wireless body area networks. ISeCure 2023; 15(3): 35-42.
  5. Safkhani M, Servati MR. ECCbAS: An ECC based authentication scheme for healthcare IoT systems. Pervasive and Mobile Computing 2023; 90: 101753.
  6. Meshram Ch, Obaidat MS, Ibrahim RW, Meshram SG, Raikwar AV. An efficient privacy-preserved authentication technique based on conformable fractional chaotic map for TMIS under smart homes environments. J Supercomput 2024; 80: 2514–37.
  7. Nikkhah F. Improving the privacy security of telecare medical information systems [in Persian]. [MSc Thesis]. Tehran, Iran: Shahid Rajaee University; 2020.
  8. Pirmoradian F. Design and security analysis of authentication protocols used in Telecare Medicine Information Systems (TMIS) [in Persian]. [Thesis]. Isfahan, Iran: University of Technology; 2023.
  9. Sowjanya K, Dasgupta M, Ray S. An elliptic curve cryptography based enhanced anonymous authentication protocol for wearable health monitoring systems. Int J Inf Secur 2020; 19: 129-46.
  10. Xiong H, Tao J, Yuan C. Enabling telecare medical information systems with strong authentication and anonymity. IEEE Access 2017; 5: 5648-61.
  11. Mehmood Z, Ghani A, Chen G, Alghamdi AS. Authentication and secure key management in e-health services: a robust and efficient protocol using biometrics. IEEE Access 2019; 7: 113385-97.
  12. Liu J, Zhang L, Sun R. 1- RAAP: an efficient 1-round anonymous authentication protocol for wireless body area networks. Sensors 2016; 16(5): 728.
  13. Li X, Peng J, Kumari S, Wu F, Karuppiah M, Raymond Choo KK. An enhanced 1-round authentication protocol for wireless body area networks with user anonymity Computers and Electrical Engineering 2017; 61: 238–49.
  14. Chiou SY, Chang SY. An enhanced authentication scheme in mobile RFID system. Ad Hoc Networks 2018; 71: 1-13.
  15. Deebak BD, Al-Turjman F. Smart mutual authentication protocol for cloud based medical healthcare systems using internet of medical thing. IEEE Journal on Selected Areas in Communications 2020; 39(2): 346-60.
  16. Chandrakar P, Om H. Cryptanalysis and improvement of a biometric-based remote user authentication protocol usable in a multiserver environment. Transactions on Emerging Telecommunication Technologies 2017; 28(12): e3200.
  17. Yessad N, Bouchelaghem S, Ouada FS, Omar M. Secure and reliable patient body motion based authentication approach for medical body area networks. Passive and Mobile Computing 2017; 42: 351-70.
  18. Wu F, Li X, Kumari S, Karuppiah M, Shen J. A lightweight and privacy-preserving mutual authentication scheme for wearable devices assisted by cloud server. Computer and Electrical Engineering 2017; 63: 168–81.
  19. Pirmoradian F, Dakhilalian SM, Safkhani M. ECKCI: An ECC-based Authenticated Key Agreement (AKA) scheme resistant to Key Compromise Impersonation Attack for TMIS. The ISC International Journal of Information Security 2024; 16(2): 115-36.
  20. Li C, Shih DH, Wang CC. Cloud-assisted mutual authentication and privacy preservation protocol for telecare medical information systems. Comput Methods Programs Biomed 2018; 157: 191-203.
  21. Mohit P, Amin R, Karati A, Biswas GP. A standard mutual authentication protocol for cloud computing based health care systems. J Med Syst 2017; 1(4): 50.
  22. Qi M, Chen J, Chen Y. A secure biometrics-based authentication key exchange protocol for multi-server TMIS using ECC. Comput Methods Programs Biomed 2018; 164: 101-9.
  23. Amin R, Hafizul Islam SK, Biswas GP, Khurram Khan M, Kumar N. A robust and anonymous patient monitoring systme using wireless medical sensor networks. Future Generation Computer Systems 2018; 80: 483-95.
  24. Ravanbakhsh N, Nazari N. An efficient improvement remote user mutual authentication and session key agreement scheme for e-healthcare systems. Multimed Tools Appl 2019; 77: 55-88.
  25. Ostad-Sharif A, Abbasinezhad-Mood D, Nikooghadam M. An enhanced anonymous and unlinkable user authentication and key agreement proocol for TMIS by utilization of ECC. International Journal of Communication Systems 2019; 32(5): e3913.
  26. Nikooghadam M, Amintoosi H. An improved secure authentication and key agreement scheme for healthcare applications. Proceedings of the 25th International Computer Conference, Computer Society of Iran (CSISS), Tehran, Iran: IEEE; 2020.
  27. Karthigaiveni M, Indrani B. An efficient two-factor authentication scheme with key agreement for IoT based E-health care application using smart card. J Ambient Intell Human Comput 2019.
  28. Alzahrani BA. Secure and efficient cloud-based iot authenticated key agreement scheme for e-health wireless sensor network. Arabian Journal for Science and Engineering 2020; 46: 3017-32.
  29. Jia X, He D, Kumar N, Choo KKR. Authenticated key agreement scheme for fog-driven IoT healthcare system. Wireless Networks 2019; 25: 4737-50.
  30. Li X, Chen T, Cheng Q, Ma J. An efficient and authenticated key establishment scheme based on fog computing for healthcare system. Front Comput Sci 2012; 16: 164815.
  31. Pirmoradian F, Safkhani M, Dakhilalian SM. ECCPWS:An ECC-based protocol for WBAN systems. Computer Networks 2023; 224: 109598.
  32. Mehmood Z, Ghani A, Chen G, Alghamdi AS. Authentication and secure key management in e-health services: a robust and efficient protocol using biometrics. IEEE Access 2019; 7: 113385-97.
  33. Alzahrani BA, Chaudhry SA, Barnawi A, Al-Barakati A, Shon M. An anonymous device to device authentication protocol using ecc and self certified public keys usable in internet of thingd based autonomous devices. Electronics 2020; 9(3): 520.
  34. Hajian R, Haghighat A, Erfani SH. A secure anonymous D2D mutual authentication and key agreement protocol for IoT. Internet of Things 2022; 18: 100493.
  35. Son S, Park Y, Park Y. A secure, lightweight, and anonymous user authentication protocol for IoT environments. Sustainability 2021; 13(16): 9241.
  36. Hosseinzadeh M, Hussain M, Safkhani M, Bagheri N, Hoang Le Q, Taghtiz L, Mosavi AH. Toward designing a secure authentication protocol for IoT environments. Sustainability 2023; 15(7): 5934.
  37. Guo Y, Guo Y. CS-LAKA: A lightweight authenticated key agreement protocol with critical security properties for iot environments. IEEE Transactions on Services Computing 2019; 16(6): 4102-14.
Journal of Isfahan Medical School
Volume 42, Issue 783
3rd Week, November
November and December 2024
Pages 813-824

Files

History

  • Receive Date: 09 March 2024
  • Accept Date: 23 November 2024

Share

How to cite

Statistics