The study addresses the pressing need for secure, user-friendly authentication protocols in mobile e-health systems, with a focus on overcoming vulnerabilities in existing password-based methods. By leveraging a comprehensive analysis of mobile e-health architectures and current authentication strategies, this research identifies significant gaps in security, particularly in the context of Wireless Sensor Networks (WSN) and the Internet of Things (IoT) in healthcare. A two-tier mobile e-health network architecture is proposed, aimed at eliminating the dependency on third-party servers and reducing risks associated with node cloning and data breaches. This protocol incorporates a unique, non-regenerated identity for each e-health sensor node, validated through a robust cryptographic boot process. Formal security analysis conducted using AVISPA and SPAN tools demonstrates resilience against common threats such as replay attacks and impersonation. This approach not only reduces the complexity of managing cryptographic keys but also enhances energy efficiency, making it suitable for resource-constrained environments. The findings underscore the potential of a passwordless authentication framework to significantly enhance data security and simplify user interaction, particularly for elderly users, in mobile e-health applications. This framework sets the stage for a more secure and scalable mobile e-health infrastructure, offering improved protection of sensitive health data and a streamlined experience for both patients and healthcare providers.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Authentication Strategies for Modern Healthcare Systems

  • Nazhatul Hafizah Kamarudin,
  • Yusnani Mohd Yussoff,
  • Tutut Herawan

摘要

The study addresses the pressing need for secure, user-friendly authentication protocols in mobile e-health systems, with a focus on overcoming vulnerabilities in existing password-based methods. By leveraging a comprehensive analysis of mobile e-health architectures and current authentication strategies, this research identifies significant gaps in security, particularly in the context of Wireless Sensor Networks (WSN) and the Internet of Things (IoT) in healthcare. A two-tier mobile e-health network architecture is proposed, aimed at eliminating the dependency on third-party servers and reducing risks associated with node cloning and data breaches. This protocol incorporates a unique, non-regenerated identity for each e-health sensor node, validated through a robust cryptographic boot process. Formal security analysis conducted using AVISPA and SPAN tools demonstrates resilience against common threats such as replay attacks and impersonation. This approach not only reduces the complexity of managing cryptographic keys but also enhances energy efficiency, making it suitable for resource-constrained environments. The findings underscore the potential of a passwordless authentication framework to significantly enhance data security and simplify user interaction, particularly for elderly users, in mobile e-health applications. This framework sets the stage for a more secure and scalable mobile e-health infrastructure, offering improved protection of sensitive health data and a streamlined experience for both patients and healthcare providers.