A survey on wireless body area networks: architecture, security challenges and research opportunities.

In the era of communication technologies, wireless healthcare networks enable innovative applications to enhance the quality of patients’ lives, provide useful monitoring tools for caregivers, and allows timely intervention. However, due to the sensitive information within the Wireless Body Area Networks (WBANs), insecure data violates the patients’ privacy and may consequently lead to improper medical diagnosis and/or treatment. Achieving a high level of security and privacy in WBAN involves various challenges due to its resource limitations and critical applications. In this paper, a comprehensive survey of the WBAN technology is provided, with a particular focus on the security and privacy concerns along with their countermeasures, followed by proposed research directions and open issues

Certificateless Algorithm for Body Sensor Network and Remote Medical Server Units Authentication over Public Wireless Channels

Wireless sensor networks process and exchange mission-critical data relating to patients’ health status. Obviously, any leakages of the sensed data can have serious consequences which can endanger the lives of patients. As such, there is need for strong security and privacy protection of the data in storage as well as the data in transit. Over the recent past, researchers have developed numerous security protocols based on digital signatures, advanced encryption standard, digital certificates and elliptic curve cryptography among other approaches. However, previous studies have shown the existence of many security and privacy gaps that can be exploited by attackers to cause some harm in these networks. In addition, some techniques such as digital certificates have high storage and computation complexities occasioned by certificate and public key management issues. In this paper, a certificateless algorithm is developed for authenticating the body sensors and remote medical server units. Security analysis has shown that it offers data privacy, secure session key agreement, untraceability and anonymity. It can also withstand typical wireless sensor networks attacks such as impersonation, packet replay and man-in-the-middle. On the other hand, it is demonstrated to have the least execution time and bandwidth requirements

Data Auditing and Security in Cloud Computing: Issues, Challenges and Future Directions

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discussed

Data auditing and security in cloud computing: issues, challenges and future directions

Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discusse

Multifactor Authentication Key Management System based Security Model Using Effective Handover Tunnel with IPV6

In the current modern world, the way of life style is being completely changed due to the emerging technologies which are reflected in treating the patients too. As there is a tremendous growth in population, the existing e-Healthcare methods are not efficient enough to deal with numerous medical data. There is a delay in caring of patient health as communication networks are poor in quality and moreover smart medical resources are lacking and hence severe causes are experienced in the health of patient. However, authentication is considered as a major challenge ensuring that the illegal participants are not permitted to access the medical data present in cloud. To provide security, the authentication factors required are smart card, password and biometrics. Several approaches based on these are authentication factors are presented for e-Health clouds so far. But mostly serious security defects are experienced with these protocols and even the computation and communication overheads are high. Thus, keeping in mind all these challenges, a novel Multifactor Key management-based authentication by Tunnel IPv6 (MKMA- TIPv6) protocol is introduced for e-Health cloud which prevents main attacks like user anonymity, guessing offline password, impersonation, and stealing smart cards. From the analysis, it is proved that this protocol is effective than the existing ones such as Pair Hand (PH), Linear Combination Authentication Protocol (LCAP), Robust Elliptic Curve Cryptography-based Three factor Authentication (RECCTA) in terms storage cost, Encryption time, Decryption time, computation cost, energy consumption and speed. Hence, the proposed MKMA- TIPv6 achieves 35bits of storage cost, 60sec of encryption time, 50sec decryption time, 45sec computational cost, 50% of energy consumption and 80% speed

Secure pairing-free two-party certificateless authenticated key agreement protocol with minimal computational complexity

Key agreement protocols play a vital role in maintaining security in many critical applications due to the importance of the secret key. Bilinear pairing was commonly used in designing secure protocols for the last several years; however, high computational complexity of this operation has been the main obstacle towards its practicality. Therefore, implementation of Elliptic-curve based operations, instead of bilinear pairings, has become popular recently, and pairing-free key agreement protocols have been explored in many studies. A considerable amount of literatures has been published on pairing-free key agreement protocols in the context of Public Key Cryptography (PKC). Simpler key management and non-existence of key escrow problem make certificateless PKC more appealing in practice. However, achieving certificateless pairing-free two-party authenticated key agreement protocols (CL-AKA) that provide high level of security with low computational complexity, remains a challenge in the research area. This research presents a secure and lightweight pairingfree CL-AKA protocol named CL2AKA (CertificateLess 2-party Authenticated Key Agreement). The properties of CL2AKA protocol is that, it is computationally lightweight while communication overhead remains the same as existing protocols of related works. The results indicate that CL2AKA protocol is 21% computationally less complex than the most efficient pairing-free CL-AKA protocol (KKC-13) and 53% less in comparison with the pairing-free CL-AKA protocol with highest level of security guarantee (SWZ-13). Security of CL2AKA protocol is evaluated based on provable security evaluation method under the strong eCK model. It is also proven that the CL2AKA supports all of the security requirements which are necessary for authenticated key agreement protocols. Besides the CL2AKA as the main finding of this research work, there are six pairing-free CL-AKA protocols presented as CL2AKA basic version protocols, which were the outcomes of several attempts in designing the CL2AKA

A reliable trust-aware reinforcement learning based routing protocol for wireless medical sensor networks.

Interest in the Wireless Medical Sensor Network (WMSN) is rapidly gaining attention thanks to recent advances in semiconductors and wireless communication. However, by virtue of the sensitive medical applications and the stringent resource constraints, there is a need to develop a routing protocol to fulfill WMSN requirements in terms of delivery reliability, attack resiliency, computational overhead and energy efficiency. This doctoral research therefore aims to advance the state of the art in routing by proposing a lightweight, reliable routing protocol for WMSN. Ensuring a reliable path between the source and the destination requires making trustaware routing decisions to avoid untrustworthy paths. A lightweight and effective Trust Management System (TMS) has been developed to evaluate the trust relationship between the sensor nodes with a view to differentiating between trustworthy nodes and untrustworthy ones. Moreover, a resource-conservative Reinforcement Learning (RL) model has been proposed to reduce the computational overhead, along with two updating methods to speed up the algorithm convergence. The reward function is re-defined as a punishment, combining the proposed trust management system to defend against well-known dropping attacks. Furthermore, with a view to addressing the inborn overestimation problem in Q-learning-based routing protocols, we adopted double Q-learning to overcome the positive bias of using a single estimator. An energy model is integrated with the reward function to enhance the network lifetime and balance energy consumption across the network. The proposed energy model uses only local information to avoid the resource burdens and the security concerns of exchanging energy information. Finally, a realistic trust management testbed has been developed to overcome the limitations of using numerical analysis to evaluate proposed trust management schemes, particularly in the context of WMSN. The proposed testbed has been developed as an additional module to the NS-3 simulator to fulfill usability, generalisability, flexibility, scalability and high-performance requirements

Optimizing a Password Hashing Function with Hardware-Accelerated Symmetric Encryption

Password-based key derivation functions (PBKDFs) are commonly used to transform user passwords into keys for symmetric encryption, as well as for user authentication, password hashing, and preventing attacks based on custom hardware. We propose two optimized alternatives that enhance the performance of a previously published PBKDF. This design is based on (1) employing a symmetric cipher, the Advanced Encryption Standard (AES), as a pseudo-random generator and (2) taking advantage of the support for the hardware acceleration for AES that is available on many common platforms in order to mitigate common attacks to password-based user authentication systems. We also analyze their security characteristics, establishing that they are equivalent to the security of the core primitive (AES), and we compare their performance with well-known PBKDF algorithms, such as Scrypt and Argon2, with favorable results.Research partially supported by the Spanish Government under Project Grant TEC2014-54110-R (CASUS)

Public auditing with privacy protection in a multi-user model of cloud-assisted body sensor networks.

Wireless Body Sensor Networks (WBSNs) are gaining importance in the era of the Internet of Things (IoT). The modern medical system is a particular area where the WBSN techniques are being increasingly adopted for various fundamental operations. Despite such increasing deployments of WBSNs, issues such as the infancy in the size, capabilities and limited data processing capacities of the sensor devices restrain their adoption in resource-demanding applications. Though providing computing and storage supplements from cloud servers can potentially enrich the capabilities of the WBSNs devices, data security is one of the prevailing issues that affects the reliability of cloud-assisted services. Sensitive applications such as modern medical systems demand assurance of the privacy of the users' medical records stored in distant cloud servers. Since it is economically impossible to set up private cloud servers for every client, auditing data security managed in the remote servers has necessarily become an integral requirement of WBSNs' applications relying on public cloud servers. To this end, this paper proposes a novel certificateless public auditing scheme with integrated privacy protection. The multi-user model in our scheme supports groups of users to store and share data, thus exhibiting the potential for WBSNs' deployments within community environments. Furthermore, our scheme enriches user experiences by offering public verifiability, forward security mechanisms and revocation of illegal group members. Experimental evaluations demonstrate the security effectiveness of our proposed scheme under the Random Oracle Model (ROM) by outperforming existing cloud-assisted WBSN models.N/