A solution for strong authentication in sensor-based healthcare environments / Uma solução de autenticação forte para ambientes de saúde baseados em sensores

Authors

  • Felipe José Carbone Brazilian Journals Publicações de Periódicos, São José dos Pinhais, Paraná
  • Marcelo Antonio Marotta
  • Liane Margarida Rockenbach Tarouco

DOI:

https://doi.org/10.34117/bjdv6n9-744

Keywords:

Strong authentication, Biometry, Location, Wireless Sensor Networks.

Abstract

Medical devices equipped with network interfaces, classified as sensors, transmit sensitive information over the network. This information need to be secured applying security mechaninsms, in order to mitigate vulnerabilities.  Because  of the vulnerabilities, strong means of authentication have been investigated. However, existing strong authentication solutions require user interaction, not respecting their individuality. This paper proposes a strong authentication solution on sensor-based healthcare environments in order to support the authentication process of patients with special needs. The authentication was based on a combination of two methods acquired from sensors  of a healthcare environment: biometrics and location. In addition, standardizations provided by ISO/IEC 27799 and SBIS was followed for a safe development.

 

References

I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “Wireless sensor networks: a survey,” Computer Networks, vol. 38, pp. 393–422, 2002.

U. Varshney, “Pervasive healthcare and wireless health monitoring,” Mob. Netw. Appl., vol. 12, no. 2-3, pp. 113–127, Mar. 2007. [Online]. Available: http://dx.doi.org/10.1007/s11036-007-0017-1

J. P. Walters, Z. Liang, W. Shi, and V. Chaudhary, “Wireless sensor network security: A survey, in book chapter of security,” in in Distributed, Grid, and Pervasive Computing, Yang Xiao (Eds. CRC Press, 2007, pp. 0–849.

CA, “Managing Strong Authentication: A Guide to Creating an Effective Management System,” CA Technologies, Tech. Rep., 2007.

I. O. for Standardization, Health informatics – Information security management in health using ISO/IEC 27002, Std. ISO/IEC 27 799:2008, 2008.

D.Todorov, Mechanics of User Identification and Authentication: Fundamentals of Identity Management,1st ed. AUERBACH, Jun. 2007. [Online]. Available:http://www.amazon.com/exec/obidos/redirect?tag=citeulike07-20&path=ASIN/1420052195

M. Bishop, Introduction to Computer Security. Addison-Wesley Professional, 2004.

M. Das, “Two-factor user authentication in wireless sensor networks,” Wireless Communications, IEEE Transactions on, vol. 8, no. 3, pp. 1086–1090, march 2009.

P. Kumar, S.-G. Lee, and H.-J. Lee, “E-sap: Efficient-strong authentication protocol for healthcare applications using wireless medical sensor networks,” Sensors, vol. 12, no. 2, pp. 1625–1647, 2012. [Online]. Available: http://www.mdpi.com/1424-8220/12/2/1625/

T.-C. Hsiao, Y.-T. Liao, J.-Y. Huang, T.-S. Chen, and G.-B. Horng, “An authentication scheme to healthcare security under wireless sensor networks,” Journal of Medical Systems, vol. 36, pp.3649–3664, 2012, 10.1007/s10916-012-9839-x. [Online]. Available: http://dx.doi.org/10.1007/s10916-012-9839-x

Q. Pu, J. Wang, and R. Zhao, “Strong authentication scheme for telecare medicine information systems,” J. Med. Syst., vol. 36, no. 4, pp. 2609–2619, Aug. 2012. [Online]. Available: http://dx.doi.org/10.1007/s10916-011-9735-9

I. O. for Standardization, Information technology – Security techniques – Code of practice for information security management, Std. ISO/IEC 27 002:2005.

SBIS, Manual de Certificação para Sistemas de Registro Eletrônico em Saúde (S-RES), Std. Version 3.3, 2009.

H. Koyuncu and S. Yang, “A survey of indoor positioning and object locating systems,” IJCSNS International Journal of Computer Science and Network Security, vol. 10, no. 5, pp. 121–128, 2010.

H. Liu, H. Darabi, P. Banerjee, and J. Liu, “Survey of wireless indoor positioning techniques and systems,” Systems, Man, and Cybernetics, Part C: Applications and Reviews, IEEE Transactions on, vol. 37, no. 6, pp. 1067 –1080, nov. 2007.

A. Freier, P. Karlton, and P. Kocher, “The Secure Sockets Layer (SSL) Protocol Version 3.0,” RFC 6101 (Historic), Internet Engineering Task Force, Aug. 2011. [Online]. Available: http://www.ietf.org/rfc/rfc6101.txt

G. Padmavathi and D. Shanmugapriya, “A survey of attacks, security mechanisms and challenges in wireless sensor networks,” CoRR, vol. abs/0909.0576, 2009.

S. Udgata, A. Mubeen, and S. Sabat, “Wireless sensor network security model using zero knowledge protocol,” in Communications (ICC), 2011 IEEE International Conference on, june 2011, pp. 1 –5.

T. Grembowski, R. Lien, K. Gaj, N. Nguyen, P. Bellows, J. Flidr, T. Lehman, and B. Schott, “Comparative analysis of the hardware implementations of hash functions sha-1 and sha-512,” in Information Security, ser. Lecture Notes in Computer Science, A. Chan and V. Gligor, Eds. Springer Berlin Heidelberg, 2002, vol. 2433, pp. 75–89.

E. Gehringer, “Choosing passwords: security and human factors,” in Technology and Society, 2002. (ISTAS’02). 2002 International Symposium on, 2002, pp. 369 – 373.

W. Stallings, Cryptography and Network Security: Principles and Practice, 5th ed. Upper Saddle River, NJ, USA: Prentice Hall Press, 2010.

K. Gill and S.-H. Yang, “A scheme for preventing denial of service attacks on wireless sensor networks,” in Industrial Electronics, 2009.IECON ’09. 35th Annual Conference of IEEE, nov. 2009, pp. 2603 –2609.

X. Lin, “Cat: Building couples to early detect node compromise attack in wireless sensor networks,” in Global Telecommunications Conference, 2009. GLOBECOM 2009. IEEE, 30 2009-dec. 4 2009, pp. 1 –6.

X. Chen, K. Makki, K. Yen, and N. Pissinou, “Node compromise modeling and its applications in sensor networks,” in Computers and Communications, 2007. ISCC 2007. 12th IEEE Symposium on, july 2007, pp. 575 –582.

P. Kumar and H.-J. Lee, “Security issues in healthcare applications using wireless medical sensor networks: A survey,” Sensors, vol. 12,no. 1, pp. 55–91, 2011. [Online]. Available: http://www.mdpi.com/1424-8220/12/1/55

H. Martin, P. Tarrio, A. Bernardos, and J. Casar, “Experimental evaluation of channel modelling and fingerprinting localization techniques for sensor networks,” in International Symposium on Distributed Computing and Artificial Intelligence 2008 (DCAI 2008), ser. Advances in Soft Computing, J. Corchado, S. Rodriguez, J. Llinas, and J. Molina, Eds. Springer Berlin Heidelberg, 2009, vol. 50, pp. 748–756.

F. Seco, A. Jimenez, C. Prieto, J. Roa, and K. Koutsou, “A survey of mathematical methods for indoor localization,” in Intelligent Signal Processing, 2009. WISP 2009. IEEE International Symposium on, aug. 2009, pp. 9 –14.

A. Cavoukian, A. Stoianov, and F. Carter, “Biometric encryption: Technology for strong authentication, security and privacy,” in IFIP International Federation for Information Processing, vol. 261, 2008, pp. 57–77.

S.-D. Bao, Y.-T. Zhang, and L.-F. Shen, “Physiological signal based entity authentication for body area sensor networks and mobile healthcare systems,” in Engineering in Medicine and Biology Society, 2005. IEEE- EMBS 2005. 27th Annual International Conference of the, 2005, pp. 2455 –2458.

C. Poon, Y.-T. Zhang, and S.-D. Bao, “A novel biometrics method to secure wireless body area sensor networks for telemedicine and m- health,” Communications Magazine, IEEE, vol. 44, no. 4, pp. 73 – 81, april 2006.

T. Huston, “Security issues for implementation of e-medical records,” Commun. ACM, vol. 44, no. 9, pp. 89–94, Sep. 2001. [Online]. Available: http://doi.acm.org/10.1145/383694.383712

J. Jensen, I. Tondel, M. Jaatun, P. Meland, and H. Andresen, “Reusable security requirements for healthcare applications,” in Availability, Relia- bility and Security, 2009. ARES ’09. International Conference on, march 2009, pp. 380 –385.

J. Augusto and P. Mccullagh, “Ambient Intelligence: Concepts and applications,” Computer Science and Information Systems, vol. 4, no. 1, pp. 1–27, 2007. [Online]. Available: http://dx.doi.org/10.2298/CSIS0701001A

A. Coronato and G. De Pietro, “Formal design of ambient intelligence applications,” Computer, vol. 43, no. 12, pp. 60 –68, dec. 2010.

W. H. Organization., Neurological disorders : public health challenges. World Health Organization, Geneva :, 2006.

D. Bloom, A. Boersch-Supan, P. McGee, and A. Seike, “Population aging: Facts, challenges and responses,” Benefits and Compensation International, vol. 41, no. 1, p. 22, 2011.

M. Ogawa, T. Tamura, and T. Togawa, “Fully automated biosignal acquisition in daily routine through 1 month,” in Engineering in Medicine and Biology Society, 1998. Proceedings of the 20th Annual International Conference of the IEEE, vol. 4, oct-1 nov 1998, pp. 1947 –1950 vol.4.

W. Ku, N. Conn, D. Borkholder and I. Nwogu, "Novel Biometrics: Analysis of an Unattended Health Monitoring System," 2018 IEEE 9th International Conference on Biometrics Theory, Applications and Systems (BTAS), Redondo Beach, CA, USA, 2018, pp. 1-7, doi: 10.1109/BTAS.2018.8698600.

D. Ekiz, Y. S. Can, Y. C. Dardagan and C. Ersoy, "Can a Smartband be Used for Continuous Implicit Authentication in Real Life," in IEEE Access, vol. 8, pp. 59402-59411, 2020, doi: 10.1109/ACCESS.2020.2982852.

Downloads

Published

2020-10-01

How to Cite

Carbone, F. J., Marotta, M. A., & Tarouco, L. M. R. (2020). A solution for strong authentication in sensor-based healthcare environments / Uma solução de autenticação forte para ambientes de saúde baseados em sensores. Brazilian Journal of Development, 6(9), 73978–73995. https://doi.org/10.34117/bjdv6n9-744

Issue

Section

Original Papers