Cover
Vol. 18 No. 1 (2022)

Published: June 30, 2022

Pages: 71-81

Original Article

Secure Patient Authentication Scheme in the Healthcare System Using Symmetric Encryption

Naba M. Hamed 1 Ali A. Yassin 2
1College of Computer Science and Information Technology, University of Basrah, Basrah, 61004, Iraq
2Department of Computer science, Education College for Pure Sciences, University of Basrah, Basrah, 61004, Iraq
History
  • Received: January 31, 2022
  • Revised: February 21, 2022
  • Accepted: February 22, 2022
  • Available Online: March 3, 2022
DOI

https://doi.org/10.37917/ijeee.18.1.9

Abstract

Recently, the incorporation of state-of-the-art technology such as Electronic Healthcare Records (EHRs), networks, and cloud computing has transformed the traditional healthcare system. However, security problems have arisen as a result of the integration of technology. Secure remote user authentication is a core part of the healthcare system to validate the user's identification via an unsecure communication network. Since then, several remote user authentication schemes have been presented, each with its own set of pros and limitations. As a result, security, malicious attacks and privacy concerns are considered one of the main challenges related to the healthcare system. In this paper, we propose a safe user authentication scheme for patients in the healthcare system that overcomes these flaws and confirms the security of the proposed work using scyther, a formal security tool. In the healthcare environment, our work provides an effective means to construct an environment capable of setting, registering, storing, searching, analyzing, authentication, and verifying electronic healthcare information in order to protect the information of patients. Furthermore, our suggested scheme uses symmetric encryption based on the crypto- hash function for accessing the anomaly of the patient's identity and One-Time Password (OTP). Towards the end of the study, the performance analysis results indicate a delicate balance of security and performance that is frequently lacking in previous works.

Keywords

References

  1. Y. Zhuang, L. R. Sheets, Y.-W. Chen, Z.-Y. Shae, J. J. Tsai, and C.-R. Shyu, "A patient-centric health information exchange framework using blockchain technology," IEEE journal of biomedical and health informatics, vol. 24, no. 8, pp. 2169-2176, 2020.
  2. E. T. Jasim and H. A. Younis, "Cryptanalysis and Security Enhancement of a Khan et al.'s Scheme," IOSR Journal of Computer Engineering, vol. 17, no. 2, pp. 08-16, 2015.
  3. V. Jaiman and V. Urovi, "A consent model for blockchain- based health data sharing platforms," IEEE Access, vol. 8, pp. 143734-143745, 2020.
  4. M. T. Chen and T. H. Lin, "A Provable and Secure Patient Electronic Health Record Fair Exchange Scheme for Health Information Systems," Applied Sciences, vol. 11, no. 5, p. 2401, 2021.
  5. S. Vishnu, S. J. Ramson, and R. Jegan, "Internet of medical things (IoMT)-An overview," in 2020 5th international conference on devices, circuits and systems (ICDCS), 2020: IEEE, pp. 101-104. Hamed & Yassin
  6. T. Chakraborty, S. Jajodia, J. Katz, A. Picariello, G. Sperli, and V. Subrahmanian, "FORGE: A fake online repository generation engine for cyber deception," IEEE Transactions on Dependable and Secure Computing, 2019.
  7. D. He, N. Kumar, M. K. Khan, and J.-H. Lee, "Anonymous two-factor authentication for consumer roaming service in global mobility networks," IEEE Transactions on Consumer Electronics, vol. 59, no. 4, pp. 811-817, 2013.
  8. R. Fazal, M. A. Shah, H. A. Khattak, H. T. Rauf, and F. Al- Turjman, "Achieving data privacy for decision support systems in times of massive data sharing," Cluster Computing, pp. 1-13, 2022.
  9. J. Kaur, R. A. Dara, C. Obimbo, F. Song, and K. Menard, "A comprehensive keyword analysis of online privacy policies," Information Security Journal: A Global Perspective, vol. 27, no. 5-6, pp. 260-275, 2018.
  10. S. K. Mukhiya and Y. Lamo, "An HL7 FHIR and GraphQL approach for interoperability between heterogeneous Electronic Health Record systems," Health Informatics Journal, vol. 27, no. 3, p. 14604582211043920, 2021.
  11. P. C. Paul, J. Loane, F. McCaffery, and G. Regan, "Towards Design and Development of a Data Security and Privacy Risk Management Framework for WBAN Based Healthcare Applications," Applied System Innovation, vol. 4, no. 4, p. 76, 2021.
  12. S. T. Webb, "Hardening the Healthcare Industry Against Ransomware Attacks," Utica College, 2021.
  13. L. Faulconer, "The Danger of Dealer's Choice: Why State- by-State Regulation of Online Sports Betting Is Not Enough," NCJL & Tech., vol. 21, p. 137, 2019.
  14. B. S. Dias, "Blip on The Radar: School Safety Synergy Through Early Warning and Information Sharing," Naval Postgraduate School, 2020.
  15. S. R. Oh, Y. D. Seo, E. Lee, and Y. G. Kim, "A Comprehensive Survey on Security and Privacy for Electronic Health Data," International Journal of Environmental Research and Public Health, vol. 18, no. 18, p. 9668, 2021.
  16. Q. Dong, "Cloud-Connected Medical Devices for Personalized Medicine: An ECG Ring Sensor and a Home Air Pollution Sensor," The George Washington University, 2021.
  17. B. A. Mensah, "Implementing Blockchain Technology to Develop a National Electronic Data Exchange System for Medical Records," Colorado Technical University, 2021.
  18. J. Katz and Y. Lindell, Introduction to modern cryptography. CRC press, 2020.
  19. C. Thomas and R. T. Jose, "A comparative study on different hashing algorithms," International Journal of Innovative Research in Computer and Communication Engineering, vol. 3, no. 7, pp. 170-175, 2015.
  20. R. A. Muhajjar, "Use of genetic algorithm in the cryptanalysis of transposition ciphers," Basrah Journal of Scienec A, vol. 28, no. 1, pp. 49-57, 2010.
  21. G. Ganapathy and G. Kang, "An Efficient Multi-Layer Encryption Framework with Authentication for EHR in Mobile Crowd Computing," International journal of advanced smart convergence, vol. 8, no. 2, pp. 204-210, 2019.
  22. I. Chiuchisan, D.-G. Balan, O. Geman, I. Chiuchisan, and I. Gordin, "A security approach for health care information systems," in 2017 E-health and bioengineering conference (EHB), 2017: IEEE, pp. 721-724.
  23. B. Drohan, C. A. Roche, J. C. Cusack, and K. S. Hughes, "Hereditary breast and ovarian cancer and other hereditary syndromes: using technology to identify carriers," Annals of surgical oncology, vol. 19, no. 6, pp. 1732-1737, 2012.
  24. S. Shafqat, S. Kishwer, R. U. Rasool, J. Qadir, T. Amjad, and H. F. Ahmad, "Big data analytics enhanced healthcare systems: a review," The Journal of Supercomputing, vol. 76, no. 3, pp. 1754-1799, 2020.
  25. F. Shafqat, M. N. A. Khan, and S. Shafqat, "SmartHealth: IoT-Enabled Context-Aware 5G Ambient Cloud Platform," in IoT in Healthcare and Ambient Assisted Living: Springer, 2021, pp. 43-67.
  26. A. K. Das and A. Goswami, "A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care," Journal of medical systems, vol. 37, no. 3, pp. 1-16, 2013.
  27. D. He, N. Kumar, J. Chen, C.-C. Lee, N. Chilamkurti, and S.-S. Yeo, "Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks," Multimedia Systems, vol. 21, no. 1, pp. 49-60, 2015.
  28. R. Amin, S. H. Islam, G. Biswas, M. K. Khan, and N. Kumar, "A robust and anonymous patient monitoring system using wireless medical sensor networks," Future Generation Computer Systems, vol. 80, pp. 483-495, 2018.
  29. L. Zhang, Y. Zhang, S. Tang, and H. Luo, "Privacy protection for e-health systems by means of dynamic authentication and three-factor key agreement," IEEE Transactions on Industrial Electronics, vol. 65, no. 3, pp. 2795-2805, 2017.
  30. S. D. Kaul, V. K. Murty, and D. Hatzinakos, "Secure and privacy preserving biometric based user authentication with data access control system in the healthcare environment," in 2020 International Conference on Cyberworlds (CW), 2020: IEEE, pp. 249-256.
  31. H. Liu, H. Ning, Y. Yue, Y. Wan, and L. T. Yang, "Selective disclosure and yoking-proof based privacy- preserving authentication scheme for cloud assisted wearable devices," Future Generation Computer Systems, vol. 78, pp. 976-986, 2018.
  32. C. T. Li, C. C. Lee, and C. Y. Weng, "A secure cloud- assisted wireless body area network in mobile emergency medical care system," Journal of medical systems, vol. 40, no. 5, p. 117, 2016.
  33. X. Cheng, F. Chen, D. Xie, H. Sun, and C. Huang, "Design of a secure medical data sharing scheme based on blockchain," Journal of medical systems, vol. 44, no. 2, pp. 1-11, 2020.
  34. M. H. Ibrahim, S. Kumari, A. K. Das, M. Wazid, and V. Odelu, "Secure anonymous mutual authentication for star Hamed & Yassin | 81 two-tier wireless body area networks," Computer methods and programs in biomedicine, vol. 135, pp. 37-50, 2016.
  35. A. Mehmood, I. Natgunanathan, Y. Xiang, H. Poston, and Y. Zhang, "Anonymous authentication scheme for smart cloud based healthcare applications," IEEE access, vol. 6, pp. 33552-33567, 2018.
  36. X. Liu and W. Ma, "ETAP: Energy-efficient and traceable authentication protocol in mobile medical cloud architecture," IEEE Access, vol. 6, pp. 33513-33528, 2018.
  37. N. El Madhoun and G. Pujolle, "A secure cloud-based NFC payment architecture for small traders," in 2016 3rd Smart Cloud Networks & Systems (SCNS), 2016: IEEE, pp. 1-6.
  38. M. Kompara, S. H. Islam, and M. Hölbl, "A robust and efficient mutual authentication and key agreement scheme with untraceability for WBANs," Computer networks, vol. 148, pp. 196-213, 2019.
  39. A. A. Yassin, J. Yao, and S. Han, "Strong authentication scheme based on hand geometry and smart card factors," Computers, vol. 5, no. 3, p. 15, 2016.
  40. B. H. Taher, L. H. Wei, and A. A. Yassin, "Flexible and Efficient Authentication of IoT Cloud Scheme Using Crypto Hash Function," in Proceedings of the 2018 2nd International Conference on Computer Science and Artificial Intelligence, 2018, pp. 487-494.
  41. M. H. Alzuwaini and A. A. Yassin, "An Efficient Mechanism to Prevent the Phishing Attacks," Iraqi Journal for Electrical & Electronic Engineering, vol. 17, no. 1, 2021.