Abstract
Recently several efficient schemes are proposed to provide security of e-medicine systems. Almost all of these schemes have tried to achieve the highest security level in transmission of patients’ medical information to medical institutions through a heterogeneous network like Internet. In this paper, we explain the insecurity of these schemes against “man-in-the-middle” attack. Furthermore, a dynamic mobile agent system based on hybrid cryptosystem is proposed that is both secure and also efficient in computation cost. Analyzing the security criteria confirms suitability of the proposed scheme for e-medicine systems.
Similar content being viewed by others
References
Chen, T. L., Chung, Y. F., and Lin, F. Y. S., Deployment of secure mobile agents for medical information systems. J. Med. Syst., 2011. doi:10.1007/s10916-011-9716-z.
Lange, D. B., and Oshima, M., Programming and deploying java mobile agents with aglets. Addison-Wesley Press, Massachusetts, USA, 1998.
Gian, P. P., Mobile agents: An introduction. Microprocess. Microsyst. 25:65–74, 2001.
Biskup, J., Embley, D. W., and Lochner, J. H., Reducing inference control to access control for normalized database schemas. Inf. Process. Lett. 106:8–12, 2008.
Esparza, O., Muñoz, J. L., Soriano, M., and Forné, J., Secure brokerage mechanisms for mobile electronic commerce. Comput. Commun. 29:2308–2321, 2006.
Chung, Y. F., Chen, Y. T., Chen, T. L., and Chen, T. S., An agent-based English auction protocol using elliptic curve cryptosystem for mobile commerce. Expert Syst. Appl. 38(8):9900–9907, 2011.
Nikooghadam, M., and Zakerolhosseini, A., An efficient blind signature scheme based on the elliptic curve discrete logarithm problem. ISecure: ISC Int’l J. Inf. Secur. 8(10):125–131, 2009.
Saxena, N., Tsudik, G., and Yi, J. H., Threshold cryptography in P2P and MANETs: The case of access control. Comput. Netw. 51:3632–3649, 2007.
Orgun, B., and Vu, J., HL7 ontology and mobile agents for interoperability in heterogeneous medical information systems. Comput. Biol. Med. 36:817–836, 2006.
Wu, S., and Chen K. An efficient key-management scheme for hierarchical access control in e-medicine system. J. Med. Syst., Springer, doi:10.1007/s10916-011-9700-7, 2011.
Lin, I. C., Ou, H. H., and Hwang, M. S., Two secure transportation schemes for mobile agents. Int. J. Inf. Secur. 8:87–97, 2002.
Corradi, A., Montanari, R., and Stefanelli, C., Security issues in mobile agent technology, proceedings of the 7th IEEE Workshop on Future Trends of Distributed Computing Systems (FTDCS ‘99). IEEE Computer Society Press, Cape Town, South Africa, pp. 3–8, 1999.
Karnik, N. M., Tripathi, A. R. A security architecture for mobile agents in Ajanta, Proceedings of the International Conference on Distributed Computing Systems, Taipei, Taiwan, 402–409, 2000.
Volker, R., and Mehrdad, J. S., Access control and key management for mobile agents. Comput. Graph. 22:457–461, 1998.
Chang, C. C., and Lin, I. C., A new solution for assigning cryptographic keys to control access in mobile agent environments. Wirel. Commun. Mob. Comput. 6:137–146, 2006.
Huang, K. H., Chung, Y. F., Liu, C. H., Lai, F., and Chen, T. S., Efficient migration for mobile computing in distributed networks. Comput. Stand. Int. 31:40–47, 2009.
Vanstone, S. A., Elliptic curve cryptosystem-the answer to strong, fast public-key cryptography for securing constrained environments. Inf. Secur. Tech. Rep. 12:78–87, 1997.
Stallings, W., Cryptography and Network Security: Principles and Practice, 4th edition. Prentice Hall, Upper Saddle River, NJ, 2005.
Liu, C. H., Chung, Y. F., Chen, Th, and De Wang, S., Mobile agent application and integration in electronic anamnesis system. J. Med. Syst., 2011. doi:10.1007/s10916-010-9563-3.
Menezes, A. J., van Oorschot, P. C., and Vanstone, S. A., Handbook of Applied Cryptography. CRC Press, Boca Raton, Florida, USA, 1997.
Nikooghadam, M., Zakerolhosseini, A., and Ebrahimi Moghadam, M., Efficient utilization of elliptic curve cryptosystem for hierarchical access control. J. Syst. Softw. 83:1917–1929, 2010.
Nikooghadam, M, Safaei F., and Zakerolhosseini A. An efficient key management scheme for mobile agents in distributed networks, IEEE, 1st International Conference on Parallel, Distributed and Grid Computing (PDGC - 2010), 2010.
Knuth, D. E., The art of computer programming, vol.2: semi numerical algorithms, 3rd edition. Addison-Wesley, Reading, MA, 1998.
Nikooghadam, M., Bonyadi, M. R., Malekian, E., and Zakerolhosseini, A., A protocol for digital signature based on the elliptic curve discrete logarithm problem. J. Appl. Sci. 8(10):1919–1925, 2008.
Ben-Or, M., “Probabilistic Algorithms in Finite Fields”, 22nd Annual Symposium on Foundations of Computer Science, Nashville, Tennessee, USA, 28–30 October 1981, pp. 394–398.
Cohen, H., A course in computational algebraic number theory. Springer-Verlag, Berlin, 1991.
Lin, Y. L., and Hsu, C. L., Secure key management scheme for dynamic hierarchical access control based on ECC. J. Syst. Softw. 84:679–685, 2011.
Koblitz, N., Menezes, A., and Vanstone, S. A., The state of elliptic curve cryptography. Des. Code Crypt. 19:173–193, 2000.
Chen, T. L., Chung, Y. F., and Lin, F. Y. S., A study on agent-based secure scheme for electronic medical record system. J. Med. Syst., 2010. doi:10.1007/s10916-010-9595-8.
Liu, C.H., Chung, Y.F., Chiang, T.W., T.S., Chen, and Wang, S.D., A Mobile Agent Approach for Secure Integrated Medical Information Systems. J of Med Syst., 2011, doi:10.1007/s10916-011-9749-3.
Conflict of interest
The authors declare that they have no conflict of interest.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Nikooghadam, M., Zakerolhosseini, A. Secure Communication of Medical Information Using Mobile Agents. J Med Syst 36, 3839–3850 (2012). https://doi.org/10.1007/s10916-012-9857-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10916-012-9857-8