The digitization of patient health information has brought many benefits and challenges for both the patients and physicians. However, security and privacy preservation have remained important challenges for remote health monitoring systems. Since a patient’s health information is sensitive and the communication channel (i.e. the Internet) is insecure, it is important to protect them against unauthorized entities. Otherwise, failure to do so will not only lead to compromise of a patient’s privacy, but will also put his/her life at risk. How to provide for confidentiality, patient anonymity and un-traceability, access control to a patient’s health information and even key exchange between a patient and her physician are critical issues that need to be addressed if a wider adoption of remote health monitoring systems is to be realized. This paper proposes an authenticated privacy preserving pairing-based scheme for remote health monitoring systems. The scheme is based on the concepts of bilinear paring, identity-based cryptography and non-interactive identity-based key agreement protocol. The scheme also incorporates an efficient batch signature verification scheme to reduce computation cost during multiple simultaneous signature verifications.
References
[1]
An Aging World, 2013. http://www.census.gov/prod/2009pubs/p95-09-1.pdf
[2]
Borger, C., Smith, S., Truffer, C., Keehan, S., Sisko, A., Posal, J. and Clement, M.K. (2006) Health Spending Projections through 2015: Changes on the Horizon. Health Affairs Web Exclusive, 25, W61-W73.
[3]
Kumar, P. and Lee, H.J. (2012) Security Issues in Healthcare Applications Using Wireless Medical Sensor Networks: A Survey. Sensors, 12, 55-91.
https://doi.org/10.3390/s120100055
[4]
Aging Heart and Arteries (2013) A Scientific Quest.
http://www.nia.nih.gov/health/publication/aging-hearts-and-arteries-scientific-quest
[5]
Gaddam, A., Mukhopadhyay, S.C. and Gupta, G.S. (2011) Elder Care Based on Cognitive Sensor Network. IEEE Sensors Journal, 11, 574-581.
https://doi.org/10.1109/JSEN.2010.2051425
[6]
Tablado, A., Illarramendi, A., Bermudez, J. and Goni, A. (2003) Intelligent Monitoring of Elderly People. In: Proceedings of the 4th Annual IEEE EMBS Special Topic Conference on Information Technology Applications in Biomedicine, 24-26 April 2003. https://doi.org/10.1109/itab.2003.1222447
[7]
Mtonga, K., Paul, A. and Rho, S. (2014) Time-and-Id-Based Proxy Re-Encryption Scheme. Journal of Applied Mathematics, 2014, Article ID: 329198.
https://doi.org/10.1155/2014/329198
[8]
Mtonga, K., Yoon, E.J. and Kim, H. (2014) A Pairing Based Authentication and Key establishment Scheme for Remote Monitoring Systems. e-Infrastructure and eServices for Developing Countries, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 135, 79-89.
https://doi.org/10.1007/978-3-319-08368-1_9
[9]
Ko, J., Lu, C., Srivaslava, M.B., Terzis, A. and Welsh, M. (2009) Wireless Sensor Networks for Healthcare. Proceedings of the IEEE, 98, 1947-1960.
https://doi.org/10.1109/JPROC.2010.2065210
[10]
Varshney, U. (2003) Pervasive Healthcare. IEEE Computer, 36, 138-140.
https://doi.org/10.1109/mc.2003.1250897
[11]
Ng, H.S., Sim, M.L. and Tan, C.M. (2006) Security Issues of Wireless Sensor Networks in Healthcare Applications. BT Technology Journal, 24, 138-144.
https://doi.org/10.1007/s10550-006-0051-8
[12]
Huang, Q., Yang, X. and Li, S. (2011) Identity Authentication and Context Privacy Preservation in Wireless Health Monitoring System. International Journal of Computer Network and Information Security, 3, 53-60.
https://doi.org/10.5815/ijcnis.2011.04.08
[13]
Gong, L., Lomas, T.M.A., Needham, R.M. and Saltzer, J.H. (1993) Protecting Poorly Chosen Secrets from Guessing Attacks. IEEE Journal on Selected Areas in Communications, 11, 648-656. https://doi.org/10.1109/49.223865
[14]
Layouni, M., Verslype, K. and Sandikkaya, M.T. (2009) Privacy-Preserving Telemonitoring for eHealth. Data and Applications Security. IFIP Annual Conference on Data and Applications Security and Privacy, Montreal, 12-15 July 2009, 95-110.
[15]
Hasque, M.M., Pathan, A.K. and Hong, C.S. (2008) Securing U-Healthcare Sensor Networks Using Public Key Based Scheme. 10th International Conference on Advanced Communication Technology, Gangwon-Do, 17-20 February 2008, 1108-1111.
[16]
Yang, Y., Deng, R.H. and Bao, F. (2006) Fortifying Password Authentication in Integrated Healthcare Delivery Systems. Proceedings of the ACM Symposium on Information, Computer and Communications Security, Taipei, 21-24 March 2006, 255-265.
[17]
Health Insurance Portability Accountability Act (HIPAA).
[18]
Boneh, D. and Franklin, M. (2001) Identity-Based Encryption from the Weil Pairing. Proceedings of Crypto 2001, Santa Barbara, 19-23 August 2001, 213-229.
[19]
Sakai, R. and Kasahara, M. (2000) Cryptosystems Based on Pairings. Proceedings of the 2000 Symposium on Cryptography and Information Security, Okinawa, January 2000.
[20]
Dupont, R. and Enge, A. (2006) Provably Secure Non-Interactive Key Distribution Based on Pairings. Discrete Applied Mathematics, 154, 270-276.
https://doi.org/10.1016/j.dam.2005.03.024
[21]
He, D., Chen, C., Chan, S. and Bu, J. (2002) Secure and Efficient Handover Authentication Based on Bilinear Pairing Functions. IEEE Transactions on Wireless Communications, 11, 48-53. https://doi.org/10.1109/TWC.2011.110811.111240
[22]
National Research Council (NRC) for the Record (1997) Protecting Electric Health Information. National Academy Press, Washington DC.
[23]
Dixon, P. (2006) Medical Identity Theft: The Information Crime That Can Kill You. The World Privacy Forum.
[24]
Alan, W.M. (2006) Buying Prescription Drugs on the Internet: Promises and Pitfalls. Cleveland Clinic Journal of Medicine, 73, 282-288.
https://doi.org/10.3949/ccjm.73.3.282
[25]
Liang, X., Chan, L., Lu, R., Lin, X. and Shen, X. (2011) PEC: A Privacypreserving Emergency Call Scheme for Mobile Healthcare Social Networks. IEEE/KICS Journal Communications and Networks, 13, 102-112.
https://doi.org/10.1109/JCN.2011.6157409
[26]
Freudiger, J., Manshaei, M., Hubaux, J.P. and Parkes, D. (2009) On Noncooperative Location Privacy: A Game-Theoretic Analysis. Proceedings of the 16th ACM Conference on Computer and Communications Security, Chicago, 9-13 November 2009, 324-337.
[27]
Lu, R., Lin, X., Luan, H., Liang, X. and Shen, X. (2012) Pseudonym Changing at Social Spots: An Effective Strategy for Location Privacy in Vanets. IEEE Transactions on Vehicular Technology, 61, 86-96. https://doi.org/10.1109/TVT.2011.2162864
