Secure and Efficient Two-Factor User Authentication Scheme with User Anonymity for Network Based E-Health Care Applications

Role of augmented reality and virtual reality from the Indian healthcare education perspective - A systematic review

Augmented reality (AR) and virtual reality (VR), are upcoming technologies with considerable potential to revolutionizing healthcare education, enhancing patient safety, and improving healthcare quality particularly in the Indian context. This review is conducted to view the current scenario of Indian context considering the impact of COVID-19. The current systematic review study was done following PRISMA 2020 guidelines using the key terms "Augmented Reality," "Virtual Reality," "Healthcare," and "India." Only the PubMed database was selected based on its reputation and authenticity, which is the only limitation of this study and strength. Both qualitative and quantitative methods are used for synthesis of results. In Indian context, 12 (1.7%) and 36 (2.2%) articles related to AR and VR were found, respectively. Six abstracts could not be retrieved, and after screening abstracts, three were found not suitable in VR and eight were found duplicate. A total of 30 articles were considered for this review. 18 (50%) were original, 12 (33.3%) were review, and 6 (16.7%) were other articles. 03 (8.3%), 21 (58.3%), and 12 (33.3%) articles were related to AR, VR, and both AR and VR, respectively. Considering the single database search and six unretrievable abstract, AR, VR, mixed reality (MR), soft e-skin, and extended reality (XR) technologies have the potential to revolutionize healthcare education and training, reducing real-life errors and improving patient safety. Although the Indian healthcare sector only contributes 1.7-2.2% to PubMed publications related to AR and VR.. The review was not registered.

Enabling Secure Communication in Wireless Body Area Networks with Heterogeneous Authentication Scheme

Thanks to the widespread availability of Fifth Generation (5G) wireless connectivity, it is now possible to provide preventative or proactive healthcare services from any location and at any time. As a result of this technological improvement, Wireless Body Area Networks (WBANs) have emerged as a new study of research in the field of healthcare in recent years. WBANs, on the one hand, intend to gather and monitor data from the human body and its surroundings; on the other hand, biomedical devices and sensors interact through an open wireless channel, making them exposed to a range of cyber threats. However, WBANs are a heterogeneous-based system; heterogeneous cryptography is necessary, in which the transmitter and receiver can employ different types of public key cryptography. This article proposes an improved and efficient heterogeneous authentication scheme with a conditional privacy-preserving strategy that provides secure communication in WBANs. In the proposed scheme, we employed certificateless cryptography on the client side and Identity-Based Cryptography on the receiver side. The proposed scheme employs Hyperelliptic Curve Cryptography (HECC), a more advanced variation of Elliptic Curve Cryptography (ECC). HECC achieves the same level of security with a smaller key size and a more efficient approach than its counterpart methods. The proposed scheme not only meets the security and privacy standards of WBANs but also enhances efficiency in terms of computation and communication costs, according to the findings of the security and performance analysis.

Secure data authentication and access control protocol for industrial healthcare system

Because of recent COVID-19 epidemic, the Internet-of-Medical-Things (IoMT) has acquired a significant impetus to diagnose patients remotely, regulate medical equipment, and track quarantined patients via smart electronic devices installed at the patient's end. Nevertheless, the IoMT confronts various security and privacy issues, such as entity authentication, confidentiality, and integrity of health-related data, among others, rendering this technology vulnerable to different attacks. To address these concerns, a number of security procedures based on traditional cryptographic approaches, such as discrete logarithm and integer factorization problems, have been developed. All of these protocols, however, are vulnerable to quantum attacks. This paper, in this context, presents a data authentication and access control protocol for IoMT systems that can withstand quantum attacks. A comprehensive formal security assessment demonstrates that the proposed algorithm can endure both current and future threats. In terms of data computing, transmission, and key storage overheads, it also surpasses other related techniques.

Authentication in the Internet of Medical Things: Taxonomy, Review, and Open Issues

The Internet of Medical Things (IoMT) has revolutionized the world of healthcare by remotely connecting patients to healthcare providers through medical devices connected over the Internet. IoMT devices collect patients’ medical data and share them with healthcare providers, who analyze it for early control of diseases. The security of patients’ data is of prime importance in IoMT. Authentication of users and devices is the first layer of security in IoMT. However, because of diverse and resource-constrained devices, authentication in IoMT is a challenging task. Several authentication schemes for IoMT have been proposed in the literature. However, each of them has its own pros and cons. To identify, evaluate and summarize the current literature on authentication in IoMT, we conducted a systematic review of 118 articles published between 2016 and 2021. We also established a taxonomy of authentication schemes in IoMT from seven different perspectives. We observed that most of the authentication schemes use a distributed architecture and public key infrastructure. It was also observed that hybrid cryptography approaches have become popular to overcome the shortcomings of single cryptographic approaches. Authentication schemes in IoMT need to support end-to-end, cross-layer, and cross-domain authentication. Finally, we discuss some open issues and future directions.

Dependable and Provable Secure Two-Factor Mutual Authentication Scheme Using ECC for IoT-Based Telecare Medical Information System

With the recent tremendous growth in technology, the Internet of Things (IoT) Telecare Medicine Information System (TMIS) is the most widely used medical information system with prominent achievements. Authentication schemes, which use Smart cards, offer the best solution for TMIS applications that in turn provide efficiency and security. Furthermore, authentication schemes that combine passwords and smart cards are considered to be an effective solution for the two-factor authentication scheme. Such schemes contribute to high security along with the public-key cryptosystem. In this research work, a two-factor authentication technique that is both efficient and secure, which makes use of Elliptic Curve Cryptography (ECC) with smart cards, has been proposed. Here, we have used the fundamental assumptions of strong and collision free cryptographic Hash function and Elliptic Curve arithmetic. The proposed authentication technique protects user privacy by allowing registered users to change their passwords without revealing their identity to the server. The proposed authentication scheme has been subjected to formal and informal security investigations. In terms of efficiency and performance, the proposed two-factor authentication technique was compared with the existing relevant two-factor authentication schemes based on ECC. This scheme satisfies the two-factor authentication scheme's basic security standards.

An efficient mutual authentication and privacy prevention scheme for e-healthcare monitoring

The progressive development in online healthcare monitoring may facilitate better service for recovered patients from some pandemic diseases like the novel Covid-19 and even in well-known diseases such as cancer, heart attack, and many more. This paper brings a mutual authentication protocol for the e-healthcare monitoring system using the telecare medical information system with body sensors. This scheme comes with a secure platform for communication by using three phases: patient data upload phase, treatment phase, and report delivery phase. The patient’s medical information is susceptible and must be protected from any modification. The two security issues (secure communication and privacy of patient information) are essential for the transmission over the public channel. The proposed protocol uses mobile characteristics that allow the recovered patients to use medical facilities effectively. The well-known traditional informal security analysis like the Man-in-the-middle attack, patient anonymity, doctor anonymity, and many more are validated to judge the security aspect of the proposed protocol. In addition, the widely accepted formal security analysis (both Burrows–Abadi–Needham (BAN) logic and Real-or-Random Model (ROR)) are investigated for the session-key security. Finally, the proposed e-healthcare monitoring protocol provides an efficient characteristic in terms of communication, computation, and storage cost compared to existing literature.

E-Health Practices and Technologies: A Systematic Review from 2014 to 2019

E-health can be defined as a set of technologies applied with the help of the internet, in which healthcare services are provided to improve quality of life and facilitate healthcare delivery. As there is a lack of similar studies on the topic, this analysis uses a systematic literature review of articles published from 2014 to 2019 to identify the most common e-health practices used worldwide, as well as the main services provided, diseases treated, and the associated technologies that assist in e-health practices. Some of the key results were the identification of the four most common practices used (mhealth or mobile health; telehealth or telemedicine; technology; and others) and the most widely used technologies associated with e-health (IoT, cloud computing, Big Data, security, and systems).

Mutual Authentication Protocol for D2D Communications in a Cloud-Based E-Health System

The development of the Internet of Things (IoT) predicts several new applications, some of which are designed to be incorporated into e-health systems, and some technologies, like cloud computing and device-to-device communication (D2D), are promising for use in the support of resource-constrained devices employed in Mobile-health (m-health) and Telecare Medicine Information Systems (TMIS). In a scenario with billions of devices predicted for the IoT, it is essential to avoid performance and security problems, among others. Security is fundamental for the achievement of optimal performance regarding the sensibility of e-health shared data and, especially, the anonymity of patients and other entities, while it is also essential to consider the scarcity of bandwidth in wireless networks. This paper proposes a new mutual authentication protocol for m-health systems, which supports D2D communication, ensuring security and surpassing the performance and security of other authentication procedures reported in the literature.

AGE: authentication in gadget-free healthcare environments

Mobile and sensor related technologies are significantly revolutionizing the medical and healthcare sectors. In current healthcare systems, gadgets are the prominent way of acquiring medical services. However, the recent technological advancements in smart and ambient environments are offering users new ways to access the healthcare services without using any explicit gadgets. One of the key challenges in such gadget-free environments is performing secure user authentication with the intelligent surroundings. For example, a secure, efficient and user-friendly authentication mechanism is essential for elderly/disabled people or patients in critical conditions requiring medical services. Hence, modern authentication systems should be sophisticated enough to identify such patients without requiring their physical efforts or placing gadgets on them. This paper proposes an anonymous and privacy-preserving biometrics based authentication scheme for such gadget-free healthcare environment. We performed formal security verification of our proposed scheme using CDVT /AD tool and our results indicate that the proposed scheme is secure for such smart and gadget-free environments. We verify that the proposed scheme can resist against various well-known security attacks. Moreover, the proposed system showed better performance as compared with existing biometrics based remote user authentication schemes.

Design of a Secure Three-Factor Authentication Scheme for Smart Healthcare

Now-a-days, the society is witnessing a keen urge to enhance the quality of healthcare services with the intervention of technology in the health sector. The main focus in transforming traditional healthcare to smart healthcare is on facilitating the patients as well as medical professionals. However, this changover is not easy due to various issues of security and integrity associated with it. Security of patients's personal health record and privacy can be handled well by permitting only authorized access to the confidential health-data via suitably designed authentication scheme. In pursuit to contribute in this direction, we came across the role of Universal Serial Bus (USB), the most widely accepted interface, in enabling communication between peripheral devices and a host controller like laptop, personal computer, smart phone, tablet etc. In the process, we analysed a recently proposed a three-factor authentication scheme for consumer USB Mass Storage Devices (MSD) by He et al. In this paper, we demonstrate that He et al.'s scheme is vulnerable to leakage of temporary but session specific information attacks, late detection of message replay, forward secrecy attacks, and backward secrecy attacks. Then motivated with the benefits of USB, we propose a secure three-factor authentication scheme for smart healthcare.

A Standard Mutual Authentication Protocol for Cloud Computing Based Health Care System

Telecare Medical Information System (TMIS) supports a standard platform to the patient for getting necessary medical treatment from the doctor(s) via Internet communication. Security protection is important for medical records (data) of the patients because of very sensitive information. Besides, patient anonymity is another most important property, which must be protected. Most recently, Chiou et al. suggested an authentication protocol for TMIS by utilizing the concept of cloud environment. They claimed that their protocol is patient anonymous and well security protected. We reviewed their protocol and found that it is completely insecure against patient anonymity. Further, the same protocol is not protected against mobile device stolen attack. In order to improve security level and complexity, we design a light weight authentication protocol for the same environment. Our security analysis ensures resilience of all possible security attacks. The performance of our protocol is relatively standard in comparison with the related previous research.