RAMHU: A new robust lightweight scheme for mutual users authentication in healthcare applications

Al-Zubaidie, Mishall and Zhang, Zhongwei ORCID: https://orcid.org/0000-0001-6622-0346 and Zhang, Ji (2019) RAMHU: A new robust lightweight scheme for mutual users authentication in healthcare applications. Security and Communication Networks, 2019:3263902. pp. 1-26. ISSN 1939-0114

Text (Published Version) RAMHU Paper.pdf Available under License Creative Commons Attribution 4.0. Download (5MB)

Abstract

Providing a mechanism to authenticate users in healthcare applications is an essential security requirement to prevent both external and internal attackers from penetrating patients’ identities and revealing their health data. Many schemes have been developed to provide authentication mechanisms to ensure that only legitimate users are authorised to connect, but these schemes still suffer from vulnerable security. Various attacks expose patients’ data for malicious tampering or destruction. Transferring health-related data and information between users and the health centre makes them exposed to penetration by adversaries as they may move through an insecure channel. In addition, previous mechanisms have suffered from the poor protection of users’ authentication information. To ensure the protection of patients’ information and data, we propose a scheme that authenticates users based on the information of both the device and the legitimate user. In this paper, we propose a Robust Authentication Model for Healthcare Users (RAMHU) that provides mutual authentication between the server and clients. This model utilizes an Elliptic Curve Integrated Encryption Scheme (ECIES) and PHOTON to achieve strong security and good overall performance. RAMHU relies on multiple-pseudonym, physical address, and one-time password mechanisms to authenticate legitimate users. Moreover, extensive informal and formal security analysis with the automated validation of Internet security protocols and applications (AVISPA) tool demonstrate that our model offers a high level of security in repelling a wide variety of possible attacks.

Statistics for this ePrint Item

Item Type:	Article (Commonwealth Reporting Category C)
Refereed:	Yes
Item Status:	Live Archive
Faculty/School / Institute/Centre:	Historic - Faculty of Health, Engineering and Sciences - School of Agricultural, Computational and Environmental Sciences (1 Jul 2013 - 5 Sep 2019)
Faculty/School / Institute/Centre:	Historic - Faculty of Health, Engineering and Sciences - School of Agricultural, Computational and Environmental Sciences (1 Jul 2013 - 5 Sep 2019)
Date Deposited:	23 Apr 2019 05:12
Last Modified:	07 Jun 2021 00:39
Uncontrolled Keywords:	Authentication information; Authentication mechanisms; Authentication models; Data and information; Formal security analysis; Health care application; Mutual authentication; Security requirements
Fields of Research (2008):	08 Information and Computing Sciences > 0805 Distributed Computing > 080503 Networking and Communications 11 Medical and Health Sciences > 1117 Public Health and Health Services > 111799 Public Health and Health Services not elsewhere classified 08 Information and Computing Sciences > 0804 Data Format > 080402 Data Encryption 08 Information and Computing Sciences > 0806 Information Systems > 080609 Information Systems Management
Fields of Research (2020):	46 INFORMATION AND COMPUTING SCIENCES > 4606 Distributed computing and systems software > 460609 Networking and communications 42 HEALTH SCIENCES > 4299 Other health sciences > 429999 Other health sciences not elsewhere classified 46 INFORMATION AND COMPUTING SCIENCES > 4604 Cybersecurity and privacy > 460401 Cryptography 46 INFORMATION AND COMPUTING SCIENCES > 4609 Information systems > 460908 Information systems organisation and management
Identification Number or DOI:	https://doi.org/10.1155/2019/3263902
URI:	http://eprints.usq.edu.au/id/eprint/36210

Actions (login required)

Archive Repository Staff Only