Currently, continuous monitoring on patients with the help of small devices (or sensors), is easy for doctors/nurses to check patients. Due to privacy issues, data collected from devices should be protected. Thus, a lightweight mutual authentication and key agreement protocol is required among doctors/nurses, trusted servers, sensors and patients. In this paper, we provide a secure protocol which could support continuous monitoring on patients. Firstly, user's biometrics will be used to verify users by means of continuous monitoring of physiological data (e.g., ECG signals) in which verification of the patient identity. This could prevent device theft attacks. In addition, dynamic identity is taken to provide user anonymity and mitigate against user traceability. Later, we provide informal and formal security analysis to prove that our protocol can establish a session key between the user and sensor after successfully mutually authentication. Performance analysis proved our scheme to be competitive in comparison to existing schemes relative to the added security benefits it provides.

中文翻译：

---

用于医疗传感器网络的连续监控的有效身份验证协议

当前，借助小型设备（或传感器）对病人进行连续监测，对于医生/护士来说很容易检查病人。由于隐私问题，应保护从设备收集的数据。因此，在医生/护士，可信服务器，传感器和患者之间需要轻量级的相互认证和密钥协商协议。在本文中，我们提供了一种安全协议，该协议可支持对患者进行连续监测。首先，将通过对患者身份进行验证的生理数据（例如ECG信号）的连续监控，使用用户的生物特征来验证用户。这样可以防止设备被盗。另外，采用动态身份来提供用户匿名性并减轻用户的可追溯性。之后，我们提供非正式和正式的安全性分析，以证明我们的协议在成功进行相互身份验证之后可以在用户和传感器之间建立会话密钥。性能分析证明，相对于现有方案，我们的方案在提供安全性方面具有竞争优势。