A robust authentication and access control protocol for securing wireless healthcare sensor networks


Ali Z., Ghani A., Khan I., Chaudhry S. A., Islam S. H., Giri D.

Journal of Information Security and Applications, vol.52, 2020 (SCI-Expanded) identifier

  • Publication Type: Article / Article
  • Volume: 52
  • Publication Date: 2020
  • Doi Number: 10.1016/j.jisa.2020.102502
  • Journal Name: Journal of Information Security and Applications
  • Journal Indexes: Science Citation Index Expanded (SCI-EXPANDED), Scopus
  • Keywords: Access and control, Authentication, AVISPA, BAN Logic, Elliptic curve cryptography, Formal security, Healthcare system, Wireless sensor network
  • Istanbul Gelisim University Affiliated: Yes

Abstract

© 2020 Elsevier LtdWireless Healthcare Sensor Network (WHSN) has become one of the major research fields over the past decades that play a very prominent role in the medical field. Due to the rapid growth of technology in wireless communication, different security challenges have been raised in WHSN. Authentication protocols are used to secure the information transferred over the public channels by WHSN. For this prospect recently, Liu & Chung proposed an authentication and data transmission mechanism for WHSN. However, Challa et al. identified that Liu-Chung's scheme is vulnerable to stolen smart-card, offline password guessing, privileged insider, and user impersonation attacks. Challa et al. then proposed an enhanced scheme to overcome beforehand stated flaws. This paper denotes out that in accession to before mentioned attacks, Liu-Chung's scheme is also prone to users’ private key leakage and user impersonation attacks towards sensors. Moreover, Challa et al.’s scheme suffers from incorrectness, broadcasting problem, lack of authentication between Trusted Authority (TA) and sensor nodes, replay attack, Denial of Service (DoS) attack, forgery attack and delay in communication due to the involvement of the TA. Using the elliptic curve cryptography and bilinear paring, an improved scheme is proposed in this paper, to mitigate the weaknesses of Challah et al. and Liu-Chang schemes. The formal security analysis using simulation tool AVISPA and BAN logic demonstrate that the proposed scheme is secure. The rigorous informal security analysis also attests that our scheme is safe against well-known attacks.