Image based ECC Mutual Authentication Scheme for Cloud Assisted TMIS

In this modern era, cloud-based services like e-commerce, e-gate, and so on provide immense services to humans.    Healthcare centers are gradually moving to cloud-based services. In which, both the hospital and patients are connected remotely online and patient gets treatment quickly. Increasing the demand in Telecare Medical Information System (TMIS) needs to ensure the security and privacy of the healthcare centers and patients’ information. In this paper, we have proposed an e?cient and provably secure Elliptic Curve cryptography image based mutual authentication scheme for cloud assisted TMIS. The proposed authentication schemes ensure the secured treatment provided to patients from healthcare center through online. The patient can upload their health condition data to cloud via mobile device for the treatment.  The proposed authentication scheme required minimum computational cost with minimum communication overhead. The proposed authentication scheme preserves patient anonymity and withstands the known and chosen plaintext attack. The security analysis for the proposed scheme shows that the proposed authentication scheme is more secure. It shows that the proposed authentication scheme is performing well compare to the related authentication schemes

Cryptanalysis of a Markov Chain Based User Authentication Scheme

Session key agreement protocol using smart card is extremely popular in client-server environment for secure communication. Remote user authentication protocol plays a crucial role in our daily life such as e-banking, bill-pay, online games, e-recharge, wireless sensor network, medical system, ubiquitous devices etc. Recently, Djellali et al. proposed a session key agreement protocol using smart card for ubiquitous devices. The main focus of this paper is to analyze security pitfalls of smart card and password based user authentication scheme. We have carefully reviewed Djellali et al.\u27s scheme and found that the same scheme suffers from several security weaknesses such as off-line password guessing attack, privileged insider attack. Moreover, we demonstrated that the Djellali et al.\u27s scheme does not provide proper security protection on the secret key of the server and presents inefficient password change phase

Key-Based Cookie-Less Session Management Framework for Application Layer Security

The goal of this study is to extend the guarantees provided by the secure transmission protocols such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS) and apply them to the application layer. This paper proposes a comprehensive scheme that allows the unification of multiple security mechanisms, thereby removing the burden of authentication, mutual authentication, continuous authentication, and session management from the application development life-cycle. The proposed scheme will allow creation of high-level security mechanisms such as access control and group authentication on top of the extended security provisions. This scheme effectively eliminates the need for session cookies, session tokens and any similar technique currently in use. Hence reducing the attack surface and nullifying a vast group of attack vectors

Analysis of Key Establishment Techniques for Secure D2D Communication in Emerging 5G Cellular Networks

Device-to-Device (D2D) communication as part of emerging 5G wireless networks presents a new paradigm for enhancing the performance of traditional cellular networks. The number of devices connected over the internet is dramatically increasing, and cellular operators are struggling to harness the overwhelming data traffic on their networks. D2D communication in a cellular network allows two cellular devices in close proximity to communicate directly with each other without going through the base station. D2D communication faces various challenges that include device discovery, resource allocation, interference and security; however, the security aspects of D2D are not sufficiently addressed. Due to limited computing capability and energy-constrained D2D devices, effective and lightweight security solutions are required for enabling successful D2D capability. To secure D2D communication, session key establishment is the most vital task. Public Key Cryptography (PKC) is the most widely used cryptosystem and have numerous security applications such as encryption, digital signature, and key exchange. This work analyses the performance of three PKC protocols that are commonly used for session key establishment and exchange, namely, Diffie-Hellman (DH), Rivest-Shamir-Adleman (RSA) and Elliptic Curve Diffie-Hellman (ECDH), with a focus on D2D communication. We performed extensive simulations for DH, RSA and ECDH, in D2D communication scenarios using OMNET++ simulator and explored the effect of various network factors on key establishment delays such as network size, the impact of interference between D2D pairs and the effect of interference from cellular users upon D2D users as well. The results reported in this paper can provide significant insight in assessing the suitability of DH, RSA and ECDH for the key establishment for D2D in 5G networks

Healthcare professionals’ perception of security of personal health devices

With the rapid advances in the capabilities of telehealth devices and their increasing connection to the Internet, security is becoming an issue of major concern. Therefore, the perceptions of the healthcare professional regarding security are of interest, as the patients trust them to make informed decisions on issues concerning their privacy, data and health. Eight healthcare professionals were interviewed to determine their perceptions and knowledge of security in healthcare. The research further examines one specific aspect of security which was considered of significant concern; the authenticity of a device being from the actual manufacturer and not a counterfeit. This research proposes device registration together with digital signatures and One-time Passwords (OTP) to address the issue of counterfeit remote patient monitoring devices and identify and authenticate the user of the device

Efficient and secure business model for content centric network using elliptic curve cryptography

https://onlinelibrary.wiley.com/doi/full/10.1002/dac.3839Initially, Internet has evolved as a resource sharing model where resources are identified by IP addresses. However, with rapid technological advancement, resources/hardware has become cheap and thus, the need of sharing hardware over Internet is reduced. Moreover, people are using Internet mainly for information exchange and hence, Internet has gradually shifted from resource sharing to information sharing model. To meet the recent growing demand of information exchange, Content Centric Network (CCN) is envisaged as a clean‐slate future network architecture which is specially destined for smooth content distribution over Internet. In CCN, content is easily made available using network caching mechanism which is misaligned with the existing business policy of content providers/publishers in IP‐based Internet. Hence, the transition from contemporary IP‐based Internet to CCN demands attention for redesigning the business policy of the content publishers/providers. In this paper, we have proposed efficient and secure communication protocols for flexible CCN business model to protect the existing business policies of the content publisher while maintaining the salient CCN features like in‐network content caching and Interest packet aggregation. To enhance the efficiency and security, the Elliptic Curve Cryptography (ECC) is used. The proposed ECC‐based scheme is analyzed to show that it is resilient to relevant existing cryptographic attacks. The performance analysis in terms of less computation and communication overheads and increased efficiency is given. Moreover, a formal security verification of the proposed scheme is done using widely used AVISPA simulator and BAN logic that shows our scheme is well secured

Recent Developments in Smart Healthcare

Medicine is undergoing a sector-wide transformation thanks to the advances in computing and networking technologies. Healthcare is changing from reactive and hospital-centered to preventive and personalized, from disease focused to well-being centered. In essence, the healthcare systems, as well as fundamental medicine research, are becoming smarter. We anticipate significant improvements in areas ranging from molecular genomics and proteomics to decision support for healthcare professionals through big data analytics, to support behavior changes through technology-enabled self-management, and social and motivational support. Furthermore, with smart technologies, healthcare delivery could also be made more efficient, higher quality, and lower cost. In this special issue, we received a total 45 submissions and accepted 19 outstanding papers that roughly span across several interesting topics on smart healthcare, including public health, health information technology (Health IT), and smart medicine