Design of a Secure Dynamic Identity Authentication Scheme for Health Internet of Things

International Journal of Security and Its Applications Pub Date : 2017-09-30 DOI:10.14257/IJSIA.2017.11.9.04

Chengqi Wang, Xiao Zhang, Lijia Xie, Zhiming Zheng

引用次数: 0

Abstract

To satisfy the security requirements of patients’ privacy and data’s security for health Internet of Things (IoT), various authentication schemes are proposed as guaranteed countermeasures. In particular, Wang et al. built an identity-based authentication scheme with extended Chebyshev chaotic maps. Nevertheless, considering service misuse attack and Denial-of-Service attack, Wang et al.’s method works inadequately. Also it is insufficient to provide efficient password change phase, fast error detection and session key agreement. As a remedy, we propose a novel dynamic identity authenticated key agreement scheme. Our scheme achieves resistance to the known attacks in order to meet the desirable security requirements. Furthermore, the presented scheme practically enables both user revocation/re-registration and biometric information protection, which are significant features ignored by most previous schemes. We confirm the effectiveness of our scheme via comprehensive comparisons in terms of resistance, functionality and performance.

查看原文本刊更多论文

健康物联网安全动态身份认证方案设计

为了满足医疗物联网对患者隐私和数据安全的安全需求，提出了多种认证方案作为保障对策。特别是，Wang等人构建了一个基于身份的认证方案，该方案具有扩展的Chebyshev混沌映射。然而，考虑到服务滥用攻击和拒绝服务攻击，Wang等人的方法并不适用。此外，它还不足以提供高效的密码更改阶段、快速的错误检测和会话密钥协议。为此，我们提出了一种新的动态身份认证密钥协议方案。我们的方案实现了对已知攻击的抵抗，以满足期望的安全需求。此外，该方案实际地实现了用户撤销/重新注册和生物特征信息保护，这是大多数方案忽略的重要特征。我们通过在阻力，功能和性能方面的综合比较来确认我们方案的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Security and Its Applications COMPUTER SCIENCE, INFORMATION SYSTEMS-

自引率

0.00%

发文量

期刊介绍： IJSIA aims to facilitate and support research related to security technology and its applications. Our Journal provides a chance for academic and industry professionals to discuss recent progress in the area of security technology and its applications. Journal Topics: -Access Control -Ad Hoc & Sensor Network Security -Applied Cryptography -Authentication and Non-repudiation -Cryptographic Protocols -Denial of Service -E-Commerce Security -Identity and Trust Management -Information Hiding -Insider Threats and Countermeasures -Intrusion Detection & Prevention -Network & Wireless Security -Peer-to-Peer Security -Privacy and Anonymity -Secure installation, generation and operation -Security Analysis Methodologies -Security assurance -Security in Software Outsourcing -Security products or systems -Security technology -Systems and Data Security