Page 124 - 2023-Vol19-Issue2
P. 124

120 |                                                                      Rashid et al.

                                                                  method.

                                                                  • DoS Attack: A DoS attack is a type of malicious attack
                                                                    that aims to disrupt the services provided by the server
                                                                    by flooding the network with an inundation of fake
                                                                    login requests.

       Fig. 2. Components of WBAN                                 • Stolen Personal Device: An adversary has the ability to
                                                                    reproduce the user (PDi)-sensitive data and then apply
                                                                    this information to impersonate a genuine patient to
                                                                    destroy the system.

B. System Model                                                        • Forged Sensor: The main function of this attack com-
The proposed scheme consists of biometric sensors (BSi), per-            prises a fake sensor annoying to submit unfitting infor-
sonal devices (PDi), and an authentication server (AS). The              mation using the patient’s identity. It is hazardous to
BSi can collect vital signals from the human body, which have            the health of the patient.
two types: normal and abnormal. A normal signal is sent
to the PDi every 12 hours, whereas any abnormal signal is         D. Security Requirements
sent immediately. This purpose is to conserve the sensor’s        Several security requirements are measured throughout the
energy, which is only used in critical situations. The per-       design progression of all authentication schemes [7, 8, 9, 10,
sonal device submits a complete report of the patient’s health    11, 12, 13, 14, 15, 16, 17]:
condition to the authentication server on the last day. This
report contains the details of the patient’s health status, such       • Mutual Authentication: The main system components
as the duration of his/her stable state, the number of critical          of WBAN should authenticate one another’s identities
incidents he/she experienced, and the number of times his/her            as a first step and then exchange data as a second step
medical practitioner was contacted. This report is carried out           to prevent the risks of attackers.
for archiving and the future study of the patient’s condition.
In the event of an abnormal signal, the PDi either notifies the        • User Anonymity: In the login and authentication phases,
patient of his/her health condition if the patient is in a state         any proposed scheme should avoid eavesdropping or
of consciousness or sends information directly to the server             sniffing the exchanging information between compo-
so that the necessary action can be carried out. The AS sends            nents by applying this feature to their identities.
the details of the patient’s condition to the concerned people,
such as his/her doctor and other practitioners responsible for         • Confidentiality: Sensitive patient information must be
the patient. The PDi includes the health institution authority’s         protected from attackers by using encryption techniques
application, through which the user is logged in. This applica-          for all communication messages between system par-
tion receives the sensor’s signals, interprets them, and sends a         ties.
warning message on the phone screen to the people concerned
as well as a voice alert to notify the user. Additionally, all         • Availability: The patient needs to use/access the re-
components exchange data securely based on strong security               sources of WBAN anytime and anywhere.
features such as mutual authentication, key management, and
password anonymity.                                                    • Forward Secrecy: A session key allows the main parties
                                                                         to use WBAN’s system and should only be used once
                                                                         to access the scheme.

C. Security Issues in A WBAN Environment                                    III. THE PROPOSED SCHEME
As the components of WBAN (Si, PDi, and AS) exist in an
unattended environment, the various ways an attacker can          This scheme has four main phases: setup, registration, au-
penetrate the network must be studied [7]. Below are some         thentication, and healthcare. The components of the proposed
possible malicious attacks on WBAN components [18]:               schemes are patient (P), Health Care Center (HCC), Authenti-
                                                                  cation Server (AS), Personal Device (PDi), and sensors (S).
     • MITM Attack: An attacker has many attempts to dis-         The main difference between a HCC and AS in a WBAN is
       connect the communication channel between a rightful       that the former is responsible for establishing trust between en-
       patient (PDi) and the remote server (AS) by embody-        tities, while the latter is responsible for verifying the identity
       ing a rightful patient or server during a study attack’s   of devices.
   119   120   121   122   123   124   125   126   127   128   129