Recently, the incorporation of state-of-the-art technology such as Electronic Healthcare Records (EHRs), networks, and cloud computing has transformed the traditional healthcare system. However, security problems have arisen as a result of the integration of technology. Secure remote user authentication is a core part of the healthcare system to validate the user's identification via an unsecure communication network. Since then, several remote user authentication schemes have been presented, each with its own set of pros and limitations. As a result, security, malicious attacks and privacy concerns are considered one of the main challenges related to the healthcare system. In this paper, we propose a safe user authentication scheme for patients in the healthcare system that overcomes these flaws and confirms the security of the proposed work using scyther, a formal security tool. In the healthcare environment, our work provides an effective means to construct an environment capable of setting, registering, storing, searching, analyzing, authentication, and verifying electronic healthcare information in order to protect the information of patients. Furthermore, our suggested scheme uses symmetric encryption based on the crypto- hash function for accessing the anomaly of the patient's identity and One-Time Password (OTP). Towards the end of the study, the performance analysis results indicate a delicate balance of security and performance that is frequently lacking in previous works.
Radio frequency identification (RFID) technology is being used widely in the last few years. Its applications classifies into auto identification and data capturing issues. The purpose of this paper is to design and implement RFID active tags and reader using microcontroller ATmega328 and 433 MHz RF links. The paper also includes a proposed mutual authentication protocol between RFID reader and active tags with ownership transfer stage. Our protocol is a mutual authentication protocol with tag’s identifier updating mechanism. The updating mechanism has the purpose of providing forward security which is important in any authentication protocol to prevent the attackers from tracking the past transactions of the compromised tags. The proposed protocol gives the privacy and security against all famous attacks that RFID system subjected for due to the transfer of data through unsecure wireless channel, such as replay, denial of service, tracking and cloning attacks. It also ensures ownership privacy when the ownership of the tag moves to a new owner.
Preserving privacy and security plays a key role in allowing each component in the healthcare system to access control and gain privileges for services and resources. Over recent years, there have been several role-based access control and authentication schemes, but we noticed some drawbacks in target schemes such as failing to resist well-known attacks, leaking privacy-related information, and operational cost. To defeat the weakness, this paper proposes a secure electronic healthcare record scheme based on Schnorr Signcryption, crypto hash function, and Distributed Global Database (DGDB) for the healthcare system. Based on security theories and the Canetti-Krawczyk model (CK), we notice that the proposed scheme has suitable matrices such as scalability, privacy preservation, and mutual authentication. Furthermore, findings from comparisons with comparable schemes reveal that the suggested approach provides greater privacy and security characteristics than the other schemes and has enough efficiency in computational and communicational aspects.
A wireless body area network (WBAN) connects separate sensors in many places of the human body, such as clothes, under the skin. WBAN can be used in many domains such as health care, sports, and control system. In this paper, a scheme focused on managing a patient’s health care is presented based on building a WBAN that consists of three components, biometric sensors, mobile applications related to the patient, and a remote server. An excellent scheme is proposed for the patient’s device, such as a mobile phone or a smartwatch, which can classify the signal coming from a biometric sensor into two types, normal and abnormal. In an abnormal signal, the device can carry out appropriate activities for the patient without requiring a doctor as a first case. The patient does not respond to the warning message in a critical case sometimes, and the personal device sends an alert to the patient’s family, including his/her location. The proposed scheme can preserve the privacy of the sensitive data of the patient in a protected way and can support several security features such as mutual authentication, key management, anonymous password, and resistance to malicious attacks. These features have been proven depending on the Automated Validation of Internet Security Protocols and Applications. Moreover, the computation and communication costs are efficient compared with other related schemes.
In the world of modern technology and the huge spread of its use, it has been combined with healthcare systems and the establishment of electronic health records (EHR) to follow up on patients. This merging of technology with healthcare has allowed for more accurate EHRs that follow a patient to different healthcare facilities. Timely exchange of electronic health information (EHR) between providers is critical for aiding medical research and providing fast patient treatment. As a result, security issues and privacy problems are viewed as significant difficulties in the healthcare system. Several remote user authentication methods have been suggested. In this research, we present a feasible patient EHR migration solution for each patient. finally, each patient may securely delegate their current hospital’s information system to a hospital certification authority in order to receive migration proof that can be used to transfer their EHR to a different hospital. In addition, the proposed scheme is based on crypto-hash functions and asymmetric cryptosystems by using homomorphic cryptography. The proposed scheme carried out two exhaustive formal security proofs for the work that was provided. Using Scyther, a formal security tool, we present a secure user authentication technique in the proposed healthcare scheme that ensures security and informal analysis.
Address Resolution Protocol (ARP) is used to resolve a host’s MAC address, given its IP address. ARP is stateless, as there is no authentication when exchanging a MAC address between the hosts. Hacking tactics using ARP spoofing are constantly being abused differently; many previous studies have prevented such attacks. However, prevention requires modification of the underlying network protocol or additional expensive equipment, so applying these methods to the existing network can be challenging. In this paper, we examine the limitations of previous research in preventing ARP spoofing. In addition, we propose a defence mechanism that does not require network protocol changes or expensive equipment. Before sending or receiving a packet to or from any device on the network, our method checks the MAC and IP addresses to ensure they are correct. It protects users from ARP spoofing. The findings demonstrate that the proposed method is secure, efficient, and very efficient against various threat scenarios. It also makes authentication safe and easy and ensures data and users’ privacy, integrity, and anonymity through strong encryption techniques.
For many uses, biometric systems have gained considerable attention. Iris identification was One of the most powerful sophisticated biometrical techniques for effective and confident authentication. The current iris identification system offers accurate and reliable results based on near-infrared light (NIR) images when images are taken in a restricted area with fixed- distance user cooperation. However, for the color eye images obtained under visible wavelength (VW) without collaboration among the users, the efficiency of iris recognition degrades because of noise such as eye blurring images, eye lashing, occlusion, and reflection. This work aims to use the Gray-Level Co-occurrence Matrix (GLCM) to retrieve the iris's characteristics in both NIR iris images and visible spectrum. GLCM is second-order Statistical-Based Methods for Texture Analysis. The GLCM- based extraction technology was applied after the preprocessing method to extract the pure iris region's characteristics. The Energy, Entropy, Correlation, Homogeneity, and Contrast collection of second-order statistical features are determined from the generated co-occurrence matrix, Stored as a vector for numerical features. This approach is used and evaluated on the CASIA v1and ITTD v1 databases as NIR iris image and UBIRIS v1 as a color image. The results showed a high accuracy rate (99.2 %) on CASIA v1, (99.4) on ITTD v1, and (87%) on UBIRIS v1 evaluated by comparing to the other methods.
This work addresses the critical need for secure and patient-controlled Electronic Health Records (EHR) migration among healthcare hospitals’ cloud servers (HHS). The relevant approaches often lack robust access control and leave data vulnerable during transfer. Our proposed scheme empowers patients to delegate EHR migration to a trusted Third-Party Hospital (TTPH); which is the Certification Authority (CA) while enforcing access control. The system leverages asymmetric encryption utilizing the Elliptic Curve Digital Signature Algorithm (ECDSA), EEC and ECDSA added robust security and lightness EHR sharing. Patient and user privacy is managed due to anonymity through cryptographic hashing for data protection and utilizes mutual authentication for secure communication. Formal security analysis using the Scyther tool and informal analysis was conducted to validate the system’s robustness. The proposed scheme achieved EHR integrity due to the verification of the communicated HHS and ensuring the integrity of the HHS digital certificate during EHR migration. Ultimately, the result achieved in the proposed work demonstrated the scheme’s high balance between data security and accuracy of communication, where the best result obtained represented 7.7/ ms as computational cost and 1248 /bits as communication cost compared with the relevant approaches.
The demand for a secured web storage system is increasing daily for its reliability which ensures data privacy and confidentiality. The proposed paper aims to find the most secure ways to maintain integrity and protect privacy and security in healthcare management systems. The Advanced Encryption Standard (AES) algorithm is used to encrypt data transferred by providing a means to check the integrity of information transmitted and make it more immune to cyberattack techniques, this was implemented by using Keyed-Hash Message Authentication Code (HMAC) and Secured Hash Algorithm-256 (SHA-256). The risk of exposure to attackers can be avoided by using honeypot systems combined with Intrusion detection systems (IDSs) as a firewall system is not effective against such attacks alone. The experimental results evaluate the proposed security health information management system by comparing the performance of the encryption algorithm based on encryption time, memory and CPU usage, and entropy for different plaintext lengths. In addition, it can be seen that when changing the AES key size, more memory and time are required the longer the key size is used. The 128 bits AES key is therefore advised if the system must operate in hard real-time.
Vehicle Ad-hoc Network (VANET) is a type of wireless network that enables communication between vehicles and Road Side Units (RSUs) to improve road safety, traffic efficiency, and service delivery. However, the widespread use of vehicular networks raises serious concerns about users’ privacy and security. Privacy in VANET refers to the protection of personal information and data exchanged between vehicles, RSUs, and other entities. Privacy issues in VANET include unauthorized access to location and speed information, driver and passenger identification, and vehicle tracking. To ensure privacy in VANET, various technologies such as pseudonymization, message authentication, and encryption are employed. When vehicles frequently change their identity to avoid tracking, message authentication ensures messages are received from trusted sources, and encryption is used to prevent unauthorized access to messages. Therefore, researchers have presented various schemes to improve and enhance the privacy efficiency of vehicle networks. This survey article provides an overview of privacy issues as well as an in-depth review of the current state-of-the-art pseudonym-changing tactics and methodologies proposed.
Vehicular network security had spanned and covered a wide range of security related issues. However solar energy harvesting Road Side Unit (RSU) security was not defined clearly, it is this aspect that is considered in this paper. In this work, we will suggest an RSU security model to protect it against different internal and external threats. The main goal is to protect RSU specific data (needed for its operation) as well as its functionality and accessibility. The suggested RSU security model must responds to many objectives, it should ensure that the administrative information exchanged is correct and undiscoverable (information authenticity and privacy), the source (e.g., VANET server) is who he claims to be (message integrity and source authentication) and the system is robust and available (using Intrusion Detection System (IDS)). In this paper, we suggest many techniques to strength RSU security and they were prototyped using an experimental model based on Ubicom IP2022 network processor development kit .
Automatic signature verification methods play a significant role in providing a secure and authenticated handwritten signature in many applications, to prevent forgery problems, specifically institutions of finance, and transections of legal papers, etc. There are two types of handwritten signature verification methods: online verification (dynamic) and offline verification (static) methods. Besides, signature verification approaches can be categorized into two styles: writer dependent (WD), and writer independent (WI) styles. Offline signature verification methods demands a high representation features for the signature image. However, lots of studies have been proposed for WI offline signature verification. Yet, there is necessity to improve the overall accuracy measurements. Therefore, a proved solution in this paper is depended on deep learning via convolutional neural network (CNN) for signature verification and optimize the overall accuracy measurements. The introduced model is trained on English signature dataset. For model evaluation, the deployed model is utilized to make predictions on new data of Arabic signature dataset to classify whether the signature is real or forged. The overall obtained accuracy is 95.36% based on validation dataset.
The phenomenal rise of the Internet in recent years, as well as the expansion of capacity in today’s networks, have provided both inspiration and incentive for the development of new services that combine phone, video, and text ”over IP.” Although unicast communications have been prevalent in the past, there is an increasing demand for multicast communications from both Internet Service Providers (ISPs) and content or media providers and distributors. Indeed, multicasting is increasingly being used as a green verbal exchange mechanism for institution-oriented programmers on the Internet, such as video conferencing, interactive college games, video on demand (VoD), TV over the Internet, e-learning, software programme updates, database replication, and broadcasting inventory charges. However, the lack of security within the multicast verbal exchange model prevents the effective and large-scale adoption of such important company multi-celebration activities. This situation prompted a slew of research projects that addressed a variety of issues related to multicast security, including confidentiality, authentication, watermarking, and access control. These issues should be viewed within the context of the safety regulations that work in the specific conditions. For example, in a public inventory charge broadcast, while identification is a vital necessity, secrecy is not. In contrast, video-convention programme requires both identification and confidentiality. This study gives a complete examination and comparison of the issues of group key management. Both network-dependent and network-independent approaches are used. The study also addresses the advantages, disadvantages, and security problems of various protocols.
Nowadays, the Wireless Sensor Network (WSN) has materialized its working areas, including environmental engineering, agriculture sector, industrial, business applications, military, intelligent buildings, etc. Sensor networks emerge as an attractive technology with great promise for the future. Indeed, issues remain to be resolved in the areas of coverage and deployment, scalability, service quality, size, energy consumption and security. The purpose of this paper is to present the integration of WSNs for IoT networks with the intention of exchanging information, applying security and configuration. These aspects are the challenges of network construction in which authentication, confidentiality, availability, integrity, network development. This review sheds some light on the potential integration challenges imposed by the integration of WSNs for IoT, which are reflected in the difference in traffic features.