Abstract
Mobile technologies are capable of offering individual level health care services to users. Mobile Healthcare (m-Healthcare) frameworks, which feature smartphone (SP) utilizations of ubiquitous computing made possible by applying wireless Body Sensor Networks (BSNs), have been introduced recently to provide SP clients with health condition monitoring and access to medical attention when necessary. However, in a vulnerable m-Healthcare framework, clients’ personal info and sensitive data can easily be poached by intruders or any malicious party, causing serious security problems and confidentiality issues. In 2013, Lu et al. proposed a mobile-Healthcare emergency framework based on privacy-preserving opportunistic computing (SPOC), claiming that their splendid SPOC construction can opportunistically gather SP resources such as computing power and energy to handle computing-intensive Personal Health Information (PHI) with minimal privacy disclosure during an emergency. To balance between the risk of personal health information exposure and the essential PHI processing and transmission, Lu et al. presented a patient-centric privacy ingress control framework based on an attribute-based ingress control mechanism and a Privacy-Preserving Scalar Product Computation (PPSPC) technique. In spite of the ingenious design, however, Lu et al.’s framework still has some security flaws in such aspects as client anonymity and mutual authentication. In this article, we shall offer an improved version of Lu et al.’s framework with the security weaknesses mended and the computation efficiency further boosted. In addition, we shall also present an enhanced mobile-Healthcare emergency framework using Partial Discrete Logarithm (PDL) which does not only achieve flawless mutual authentication as well as client anonymity but also reduce the computation cost.
Similar content being viewed by others
References
Istepanian, R. S. H., and Laxminaryan, S., UNWIRED, the next generation of wireless and internetable telemedicine systems-editorial paper. IEEE Trans. Inform. Technol. Biomed. 4:189–194, 2000.
Jovanov, E., Lords, A., Raskovic, D., Cox, P., Adhami, R., and Andrasik, F., Stress monitoring using a distributed wireless intelligent sensor system. IEEE Eng. Med. Biol. Mag. 22(3):49–55, 2003.
Pattichis, C. S., Kyriacou, E., Voskarides, S., Pattichis, M. S., Istepanian, R. S. H., and Schizas, C. N., Wireless telemedicine systems: An overview. IEEE Antennas Propagat. Mag. 44(2):143–153, 2002.
Jiang, Q., Khan, M. K., Lu, X., Ma, J., and He, D., A privacy preserving three-factor authentication protocol for e-Health clouds. J. Supercomput. 72(10):3826–3849, 2016.
Jiang, Q., Ma, J., Ma, Z., and Li, G., A Privacy Enhanced Authentication Scheme for Telecare Medical Information Systems. J. Med. Syst. 37(1):9897, 2013.
He, D., Kumar, N., Chen, J., Lee, C. C., Chilamkurti, N., and Yeo, S. S., Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks. Multimedia Systems 21(1):49–60, 2015a.
He, D., Kumar, N., and Chilamkurti, N., A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks. Inf. Sci. 321:263–277, 2015b.
He, D., Zeadally, S., Kumar, N., and Lee, J. H., Anonymous authentication for wireless body area networks with provable security. IEEE Syst. J. 11(4):2590–2601, 2016.
Eichelberg, M., Aden, T., Riesmeier, J., Dogac, A., Laleci, G., Electronic health record standards – a brief overview, in: ITI 4th International Conference on Information Communications Technology, 2006. ICICT ‘06, 1–1, 2006.
Fleming, N. S., Becker, E. R., Culler, S. D., Cheng, D., McCorkle, R., Graca, B. D., and Ballard, D. J., The impact of electronic health records on workflow and financial measures in primary care practices. Health Serv. Res. 49(1pt2):405–420, 2014.
Akter, S., and Ray, P., mHealth–an ultimate platform to serve the unserved. Yearb Med Inform:94–100, 2010.
Tachakra, S., Wang, X., Istepanian, R. S., and Song, Y., Mobile e-health: the unwired evolution of telemedicine. Telemed. J. e-Health 9(3):247–257, 2003.
Zuehlke, P., Li, J., Talaei-Khoei, A., Ray, P., A functional specification for mobile ehealth (mhealth) systems, in: 11th International Conference on e-Health Networking, Applications and Facilities, 2009. Healthcom 2009, 74–78, 2009.
Li, M., Yu, S., Zheng, Y., Ren, K., and Lou, W., Scalable and Secure Sharing of Personal Health Records in Cloud Computing Using Attribute-Based Encryption. IEEE Transactions on Parallel and Distributed System 24(1):131–143, 2013.
Ren, Y., Pazzi, R. W. N., and Boukerche, A., Monitoring Patients via a Secure and Mobile Healthcare System. IEEE Wirel. Commun. 17(1):59–65, 2010.
Toninelli, A., Montanari, R., and Corradi, A., Enabling Secure Service Discovery in Mobile Healthcare Enterprise Networks. IEEE Wirel. Commun. 16(3):24–32, 2009.
Lu, H., Lane, N. D., Eisenman, S. B., and Campbell, A. T., Bubble-Sensing: Binding Sensing Tasks to the Physical World. Ubiquitous and Mobile Computing 6(1):58–71, 2010a.
Lu, R., Lin, X., Liang, X., Shen, X., Secure Handshake with Symptoms-Matching: The Essential to the Success of Mhealthcare Social Network. In Proc. BodyNets’10, 8–15, 2010b.
Lu, R., Lin, X., Zhu, H., and Shen, X., An Intelligent Secure and Privacy-Preserving Parking Scheme through Vehicular Communications. IEEE Trans. Veh. Technol. 59(6):2772–2785, 2010c.
Lu, R., Lin, X., Liang, X., and Shen, X., A Secure Handshake Scheme with Symptoms-Matching for Mhealthcare Social Network. Mobile Networks and Applications 16(6):683–694, 2011.
Lu, R., Lin, X., and Shen, X., SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency. IEEE Transactions on Parallel and Distributed Systems 24(3):614–624, 2013.
Klasnja, P., and Pratt, W., Healthcare in the pocket: Mapping the space of mobile-phone health interventions. J. Biomed. Inform. 45:184–198, 2012.
Yuce, M. R., Ng, S. W. P., Myo, N. L., Khan, J. Y., and Liu, W., Wireless Body Sensor Network Using Medical Implant Band. J. Med. Syst. 31(6):467–474, 2007.
Poulymenopoulou, M., Malamateniou, F., and Vassilacopoulos, G., Emergency Healthcare Process Automation Using Mobile Computing and Cloud Services. J. Med. Syst. 36:3233–3241, 2012.
Kalem, G., and Turhan, C., Mobile Technology Applications in the Healthcare Industry for Disease Management and Wellness. Procedia Soc. Behav. Sci. 195:2014–2018, 2015.
Choi, B. Y., Blumberg, C., and Williams, K., Mobile Integrated Health Care and Community Paramedicine: An Emerging Emergency Medical Services Concept. Ann. Emerg. Med. 67(3):361–366, 2016.
Wang, D., and Wang, P., Two Birds with One Stone: Two-Factor Authentication with Security Beyond Conventional Bound. IEEE Transactions on Dependable and Secure Computing 15(4):708–722, 2016.
Jiang, Q., Ma, J., Yang, C., Ma, X., Shen, J., and Chaudhry, S. A., Efficient end-to-end authentication protocol for wearable health monitoring systems. Comput. Electr. Eng. 63:182–195, 2017.
Jiang, Q., Qian, Y., Ma, J., Ma, X., Cheng, Q., and Wei, F., User centric three-factor authentication protocol for cloud-assisted wearable devices. Int. J. Commun. Syst.:e3900, 2018.
Jagadeeswari, V., Subramaniyaswamy, V., Logesh, R., and Vijayakumar, V., A study on medical Internet of Things and Big Data in personalized healthcare system. Health Information Science and Systems 6(14), 2018.
Avvenuti, M., Corsini, P., Masci, P., Vecchio, A., Opportunistic Computing for Wireless Sensor Networks. In IEEE Proc. of MASS’07, 1–6, 2007.
Conti, M., Giordano, S., May, M., and Passarella, A., From Opportunistic Networks to Opportunistic Computing. IEEE Commun. Mag. 48(9):126–139, 2010.
Conti, M., and Kumar, M., Opportunities in Opportunistic Computing. IEEE Computer 43(1):42–50, 2010.
Passarella, A., Conti, M., Borgia, E., Kumar, M., Performance Evaluation of Service Execution in Opportunistic Computing. In Proc. of ACM MSWIM'10, 291–298, 2010.
Rault, T., Bouabdallah, A., Challal, Y., and Marin, F., A survey of energy-efficient context recognition systems using wearable sensors for healthcare applications. Ubiquitous and Mobile Computing 37:23–44, 2017.
Silva, B. M. C., Rodrigues, J. J. P. C., Díez, I. d. l. T., López-Coronado, M., and Saleem, K., Mobile-health: A review of current state in 2015. J. Biomed. Inform. 56:265–272, 2015.
Zhou, J., Cao, Z., Dong, X., Lin, X., and Vasilakos, A. V., Securing m-healthcare social networks: challenges, countermeasures and future directions. IEEE Wirel. Commun. 20(4):12–21, 2013.
Amirbekyan, A., Estivill-Castro, V., A New Efficient Privacy-Preserving Scalar Product Protocol. In Proc. of AusDM'07, 209–214, 2007.
Du, W., Atallah, M., Privacy-Preserving Cooperative Statistical Analysis. In Proc. of ACSAC'01, 102–111, 2001.
Masdari, M., and Ahmadzadeh, S., A survey and taxonomy of the authentication schemes in Telecare Medicine Information Systems. J. Netw. Comput. Appl. 87:1–19, 2017.
Vaidya, J., Clifton, C., Privacy Preserving Association Rule Mining in Vertically Partitioned Data. In Proc. of ACM KDD'02, 639–644, 2002.
Meshram, C., Lee, C. C., Li, C. T., and Chen, C. L., A Secure Key Authentication Scheme for Cryptosystems Based on GDLP and IFP. Soft. Comput. 21(24):7285–7291, 2017.
Meshram, C., Powar, P. L., Obaidat, M. S., Lee, C. C., and Meshram, S. G., Efficient online/offline IBSS protocol using partial discrete logarithm for WSNs. IET Networks 7(6):363–367, 2018.
Paillier, P., Public key cryptosystem based on discrete logarithm residues. In Eurocrypt’ 99, Lecture Notes in Computer Science, 1592: 223–238, 1999.
Li, M., Lou, W., and Ren, K., Data Security and Privacy in Wireless Body Area Networks. IEEE Wirel. Commun. 17(1):51–58, 2010.
Lin, X., Lu, R., Shen, X., Nemoto, Y., and Kato, N., Sage: A Strong Privacy-Preserving Scheme against Global Eavesdropping for Ehealth Systems. IEEE Journal on Selected Areas in Communications 27(4):365–378, 2009.
Sun, J., and Fang, Y., Cross-Domain Data Sharing in Distributed Electronic Health Record Systems. IEEE Transactions on Parallel Distributed and Systems 21(6):754–764, 2010.
Boneh, D., Franklin, MK., Identity-Based Encryption from the Weil Pairing. In Proc. of CRYPTO’01, 213–229, 2001.
Lin, X., Sun, X., Ho, P., and Shen, X., Gsis: A Secure and Privacy Preserving Protocol for Vehicular Communications. IEEE Trans. Veh. Technol. 56(6):3442–3456, 2007.
Lu, R., Lin, X., Luan, H., Liang, X., and Shen, X., Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in VANETs. IEEE Trans. Veh. Technol. 61(1):86–96, 2012.
Lee, C. C., and Lai, Y. M., Toward a Secure Batch Verification with Group Testing for VANET. Wirel. Netw 19(6):1441–1449, 2013.
Meshram, C., Lee, C. C., Meshram, S. G., and Khan, M. K., An Identity-based encryption technique using subtree for fuzzy user data sharing under cloud computing environment. Soft. Comput., 2019a. https://doi.org/10.1007/s00500-019-03855-1.
Meshram, C., Lee, C. C., Meshram, S. G., and Li, C. T., An Efficient ID-based Cryptographic Transformation Model for Extended Chaotic-Map-Based Cryptosystem. Soft. Comput. 23(16):6937–6946, 2019b.
Burrows, M., Abadi, M., and Needham, R. M., A Logic of Authentication. Proc. R. Soc. Lond. A 426(1871):233–271, 1989.
Wessels, J., Application of BAN-Logic. CMG Public Sector B.V., 2001, available at http://www.win.tue.nl/ipa/archive/springdays2001/banwessels.pdf, access date: 2012/12/20.
Chen, J. T., Boreli, R., and Sivaraman, V., Improving the Efficiency of Anonymous Routing for MANETs. Comput. Commun. 35(5):619–627, 2012.
Liu, J., Zhang, Z., Chen, X., and Kwak, K., Certificateless remote anonymous authentication schemes for wireless body sensor networks. IEEE Trans. Parallel Distrib. Syst. 25(2):332–342, 2014.
Xue, K., and Hong, P., Security improvement on an anonymous key agreement protocol based on chaotic maps. Commun. Nonlinear Sci. Numer. Simul. 17(7):2969–2977, 2012.
Zhao, Z., An Efficient Anonymous Authentication Scheme for Wireless Body Area Networks Using Elliptic Curve Cryptosystem. J. Med. Syst. 38(13), 2014.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
We declare that we have no conflict of interest.
Human and animal rights
The paper does not contain any studies with human participants or animals performed by any of the authors.
Informed consent
Informed consent was obtained from all individual participants included in the study.
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the Topical Collection on Mobile & Wireless Health
Rights and permissions
About this article
Cite this article
Meshram, C., Lee, CC., Meshram, S.G. et al. An Efficient Mobile-Healthcare Emergency Framework. J Med Syst 44, 58 (2020). https://doi.org/10.1007/s10916-019-1458-3
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10916-019-1458-3