Cloud Centric Authentication for Wearable Healthcare Monitoring System

Abstract:

Security and privacy are the major concerns in cloud computing as users have limited access on the stored
data at the remote locations managed by different service providers. These become more challenging
especially for the data generated from the wearable devices as it is highly sensitive and heterogeneous in
nature. Most of the existing techniques reported in the literature are having high computation and
communication costs and are vulnerable to various known attacks, which reduce their importance for
applicability in real-world environment. Hence, in this paper, we propose a new cloud based user
authentication scheme for secure authentication of medical data. After successful mutual authentication
between a user and wearable sensor node, both establish a secret session key that is used for future secure
communications. The extensively-used Real-Or-Random (ROR) model based formal security analysis
and the broadly-accepted Automated Validation of Internet Security Protocols and Applications
(AVISPA) tool based formal security verification show that the proposed scheme provides the session-
key security and protects active attacks. The proposed scheme is also informally analyzed to show its
resilience against other known attacks. Moreover, we have done a detailed comparative analysis for the
communication and computation costs along with security and functionality features which proves its
efficiency in comparison to the other existing schemes of its category.

Existing System:

Most of the existing techniques reported in the literature are having high computation and communication
costs and are vulnerable to various known attacks, which reduce their importance for applicability in real-
world environment. Hence, in this paper, we propose a new cloud based user authentication scheme for
secure authentication of medical data. After successful mutual authentication between a user and
wearable sensor node, both establish a secret session key that is used for future secure communications.
The extensively-used Real-Or-Random (ROR) model based formal security analysis and the broadly-
accepted Automated Validation of Internet Security Protocols and Applications (AVISPA) tool based
formal security verification show that the proposed scheme provides the session-key security and protects
active attacks. The proposed scheme is also informally analyzed to show its resilience against other
known attacks. Moreover, we have done a detailed comparative analysis for the communication and
computation costs along with security and functionality features which proves its efficiency in
comparison to the other existing schemes of its category.

Proposed System:

we mainly focus on the security issue where the real-time data collected by the wearable sensors deployed
in a patient’s body can be scanned/monitored by a healthcare professional (e.g., a doctor or a medical
advisor). To achieve this goal, we propose a secure user authentication scheme where a user can access
the real-time data directly from the wearable devices provided that he/she is authorized. A doctor, who is
performing some surgery, can wear the google glass, and the vision of the glass can be provided in real-
time to the audience (for example, other doctors, relatives of patients, etc.).

Conclusion:
we provided a new user authentication scheme in which a legal user registered at the BRC will be able to
mutually authenticate with an accessible wearable sensor node with the help of the CoT C. At the end of
successful mutual authentication between user and wearable sensor node, both establish a secret session
key that is further used for future secure communications. The formal security using ROR model,
informal security and formal security verification using AVISPA tool can give high confidence that
several potential passive and active attacks performed by an adversary can be protected in the proposed
scheme. In addition, a detailed comparative analysis for the communication and computation costs, and
security and functionality features shows that there is a better trade-off among these components in the
proposed scheme as compared to those for other schemes. The future work includes evaluating the
proposed scheme in a real-world wearable devices deployment that will permit us to fine-tune the
scheme, if necessary, to offer better performance as well as security.

REFERENCES

[1] J. Zhou, Z. Cao, X. Dong, and X. Lin, “Security and privacy in cloudassisted wireless wearable
communications: Challenges, solutions, and future directions,” IEEE Wireless Communications, vol. 22,
no. 2, pp. 136–144, April 2015.

[2] A. K. Das, M. Wazid, N. Kumar, M. K. Khan, K. K. R. Choo, and Y. Park, “Design of Secure and
Lightweight Authentication Protocol for Wearable Devices Environment,” IEEE Journal of Biomedical
and Health Informatics, 2017, DOI: 10.1109/JBHI.2017.2753464.

[3] J. C. S. dos Anjos, M. D. Assuno, J. Bez, C. Geyer, E. P. de Freitas, A. Carissimi, J. P. C. L. Costa, G.

Fedak, F. Freitag, V. Markl, P. Fergus, and R. Pereira, “SMART: An Application Framework for Real
Time Big Data Analysis on Heterogeneous Cloud Environments,” in IEEE International Conference on
Computer and Information Technology; Ubiquitous Computing and Communications; Dependable,
Autonomic and Secure Computing; Pervasive Intelligence and Computing, Liverpool, UK, Oct 2015, pp.
199–206.

[4] S. Challa, M. Wazid, A. K. Das, and M. K. Khan, “Authentication Protocols for Implantable Medical
Devices: Taxonomy, Analysis and Future Directions,” IEEE Consumer Electronics Magazine, vol. 7, no.
1, pp. 57–65, Jan 2018.

[5] J. Wu, H. Li, S. Cheng, and Z. Lin, “The promising future of healthcare services: When big data
analytics meets wearable technology,” Information & Management, vol. 53, no. 8, pp. 1020–1033, 2016.

[6] “Information Matters. The Business of Data and the Internet of Things (IoT),”
http://informationmatters.net/internet-of-things-statistics/. Accessed on August 2017.

[7] M. D. Assuno, R. N. Calheiros, S. Bianchi, M. A. Netto, and R. Buyya, “Big Data computing and
clouds: Trends and future directions,” Journal of Parallel and Distributed Computing, vol. 79-80, pp. 3 –
15, 2015.

[8] R. Alguliyev and Y. Imamverdiyev, “Big Data: Big Promises for Information Security,” in IEEE 8th
International Conference on Application of Information and Communication Technologies (AICT),
Astana, Kazakhstan, 2014, pp. 1–4.
[9] M. Chen, Y. Ma, Y. Li, D. Wu, Y. Zhang, and C. H. Youn, “Wearable 2.0: Enabling Human-Cloud
Integration in Next Generation Healthcare Systems,” IEEE Communications Magazine, vol. 55, no. 1, pp.
54–61, January 2017.

[10] W. Liu, H. Liu, Y. Wan, H. Kong, and H. Ning, “The yoking-proof-based authentication protocol for
cloud-assisted wearable devices,” Personal and Ubiquitous Computing, vol. 20, no. 3, pp. 469–479, 2016.

[11] A. K. Das, S. Zeadally, and M. Wazid, “Lightweight authentication protocols for wearable devices,”
Computers and Electrical Engineering, vol. 63, pp. 196–208, 2017.

[12] D. Dolev and A. Yao, “On the security of public key protocols,” IEEE Transactions on Information
Theory, vol. 29, no. 2, pp. 198–208, 1983.

[13] T. S. Messerges, E. A. Dabbish, and R. H. Sloan, “Examining smart-card security under the threat of
power analysis attacks,” IEEE Transactions on Computers, vol. 51, no. 5, pp. 541–552, 2002.

[14] P. Kocher, J. Jaffe, and B. Jun, “Differential power analysis,” in Advances in Cryptology–
CRYPTO’99. Santa Barbara, California, USA: Springer, 1999, pp. 789–789.

[15] A. Dua, N. Kumar, A. K. Das, and W. Susilo, “Secure Message Communication Protocol among
Vehicles in Smart City,” IEEE Transactions on Vehicular Technology, 2017, DOI:
10.1109/TVT.2017.2780183.