Abstract
Over the past few years, in order to protect patient privacy and increase efficiency and security of integrated electronic patient records(EPR) system, numerous biometric-based user authentication schemes for the integrated EPR system have been proposed. Recently, Jung et al. proposed a remote user authentication scheme for the integrated EPR system to remedy the flaws of Li et al.’s scheme. After careful analysis, we found that Jung’s protocol still has some security problems, in order to fix the existing problems, we propose an authentication scheme. We also demonstrate the completeness of the proposed scheme using the BAN-logic. Besides, informal and formal security analysis exhibits that the proposed scheme conquers the flaws.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Wu, Z.Y., Chung, Y., Lai, F., et al.: A password-based user authentication scheme for the integrated EPR information system. J. Med. Syst. 36(2), 631–638 (2012)
Lee, T.F., Chang, I.P., Lin, T.H., et al.: A secure and efficient password-based user authentication scheme using smart cards for the integrated EPR information system. J. Med. Syst. 37(3), 9941 (2013)
Wen, F.: A more secure anonymous user authentication scheme for the integrated EPR information system. J. Med. Syst. 38(5), 42 (2014)
Li, C.T., Weng, C.Y., Lee, C.C., et al.: Secure user authentication and user anonymity scheme based on quadratic residues for the integrated EPRIS. Proc. Comput. Sci. 52(1), 21–28 (2015)
Das, A.K.: A secure and robust password-based remote user authentication scheme using smart cards for the integrated EPR information system. J. Med. Syst. 39(3), 204 (2015)
Mir, O., Weide, T.V.D., Lee, C.C.: A secure user anonymity and authentication scheme using AVISPA for Telecare medical information systems. J. Med. Syst. 39(9), 265 (2015)
Li, C.T., Weng, C.Y., Lee, C.C., et al.: A hash based remote user authentication and authenticated key agreement scheme for the integrated EPR information system. J. Med. Syst. 39(11), 144 (2015)
Jung, J., Kang, D., Lee, D., et al.: An improved and secure anonymous biometric-based user authentication with key agreement scheme for the integrated EPR information system. Plos One 12(1), e0169414 (2017)
Wen, F., Guo, D.: An improved anonymous authentication scheme for telecare medical information systems. J. Med. Syst. 38(5), 26 (2014)
Messerges, T.S., Dabbish, E., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. Proc. Roy. Soc. Math. Phys. Eng. Sci. 8(5), 18–36 (1990)
Kilinc, H.H., Yanik, T.: A survey of SIP authentication and key agreement schemes. IEEE Commun. Surv. Tutorials 16(2), 1005–1023 (2014)
Acknowledgements
This work was supported by the National Natural Science Foundation of China (No. 61572027, U1636208, 61402037).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Wang, P., Guo, H., Huang, Y. (2017). An Improved Authentication Scheme for the Integrated EPR Information System. In: Wen, S., Wu, W., Castiglione, A. (eds) Cyberspace Safety and Security. CSS 2017. Lecture Notes in Computer Science(), vol 10581. Springer, Cham. https://doi.org/10.1007/978-3-319-69471-9_40
Download citation
DOI: https://doi.org/10.1007/978-3-319-69471-9_40
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-69470-2
Online ISBN: 978-3-319-69471-9
eBook Packages: Computer ScienceComputer Science (R0)