Abstract
Telecare medical information system (TMIS) is used to connect patients and doctors who are at a different location from each other. The authentication of the user and system is very crucial as the medical data of the user is stored on the server. Many systems have been developed in order to achieve this goal. We show some vulnerabilities of existing systems in this paper. We then propose a secure authentication mechanism to achieve the same goal. Machine learning and the nonce-based system is used for authentication of the entity and to prove the freshness of transmitted messages. Smart card blocking mechanisms have been included in each phase of the proposed system to prevent unauthorized access of data. The proposed system has been evaluated formally with the AVISPA tool. Then the proposed model has also been checked against different attacks and evaluated for different functionalities. We provide relative analysis with some recently proposed models and show our proposed system is relatively more efficient and secure.
Similar content being viewed by others
References
Bai T, Lin J, Li G, Wang H, Ran P, Li Z, Li D, Pang Y, Wu W, Jeon G (2019) A lightweight method of data encryption in BANsusing electrocardiogram signal. Futur Gener Comput Syst 92:800–811
Bhatt Y, Bhatt C (2017) Internet of things in healthcare. In: Internet of things and big data technologies for next generation HealthCare. Springer, Cham, pp 13–33
Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Y (2018) Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J Netw Comput Appl 106:117–123
Wang J, Han K, Alexandridis A, Zilic Z, Pang Y, Lin J (2018) An ASIC implementation of security scheme for body area networks. In: 2018 IEEE international symposium on circuits and systems (ISCAS), pp 1–5
Wang J, Han K, Alexandridis A, Zilic Z, Pang Y, Wu W, Din S, Jeon G (2018) A novel security scheme for Body Area Networks compatible with smart vehicles. Comput Netw 143:74–81
Wazid M, Das AK, Kumar N, Conti M, Vasilakos AV (2018) A novel authentication and key agreement scheme for implantable medical devices deployment. IEEE J Biomed Health Inform 22(4):1299–1309
Amin R, Biswas GP (2015) A novel user authentication and key agreement protocol for accessing multi-medical server usable in tmis. J Med Syst 39(3):33
Xu D, Chen J, Zhang S, Liu Q (2018) Privacy-preserving and efficient truly three-factor authentication scheme for telecare medical information systems. J Med Syst 42(11):219
Amin R, Islam SH, Biswas GP, Khan MK, Li X (2015) Cryptanalysis and enhancement of anonymity preserving remote user mutual authentication and session key agreement scheme for e-health care systems. J Med Syst 39(11):140
Guo C, Chang C-C (2013) Chaotic maps-based password-authenticated key agreement using smart cards. Commun Nonlinear Sci Numer Simul 18(6):1433–1440
Hao X, Wang J, Yang Q, Yan X, Li P (2013) A chaotic map-based authentication scheme for telecare medicine information systems. J Med Syst 37(2):9919. https://doi.org/10.1007/s10916-012-9919-y
Jiang Q, Ma J, Lu X, Tian Y (2014) Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J Med Syst 38(2):12
Lee C-C, Hsu C-W, Lai Y-M, Vasilakos A (2013) An enhanced mobile-healthcare emergency system based on extended chaotic maps. J Med Syst 37(5):9973
Lee T-F (2013) An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J Med Syst 37(6):9985
Li C-T, Lee C-C, Weng C-Y (2014) A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J Med Syst 38(9):77
Das AK, Goswami A (2013) A secure and efficient uniqueness-and- anonymity-preserving remote user authentication scheme for connected health care. J Med Syst 37(3):9948
Jiang Q, Ma J, Ma Z, Li G (2013) A privacy enhanced authentication scheme for telecare medical information systems. J Med Syst 37(1):9897
Li X, Xiong Y, Ma J, Wang W (2012) An efficient and securitydynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769
Xue K, Hong P, Ma C (2014) A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J Comput Syst Sci 80(1):195–206
Wei J, Hu X, Liu W (2012) An improved authentication scheme for telecare medicine information systems. J Med Syst 36(6):3597–3604
Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Annual international cryptology conference, pp 388–397
Messerges TS, Dabbish EA, Sloan RH (2002) Examiningsmart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552
Chang Y-F, Yu S-H, Shiao D-R (2013) A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J Med Syst 37(2):9902. https://doi.org/10.1007/s10916-012-9902-7
Choudhury B, Then P, Issac B, Raman V, Haldar MK (2018) A survey on biometrics and cancelable biometrics systems. Int J Image Graph 18(1):1850006
Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-Health clouds. J Supercomput 72(10):3826–3849
Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45:274–285
Chaudhry SA, Naqvi H, Khan MK (2018) An enhanced lightweight anonymous biometric based authentication scheme for TMIS. Multimed Tools Appl 77(5):5503–5524
Mir O, Nikooghadam M (2015) A secure biometrics based authentication with key agreement scheme in telemedicine networks for e-health services. Wirel Pers Commun 83(4):2439–2461
Jiang Q, Chen Z, Li B, Shen J, Yang L, Ma J (2018) Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems. J Ambient Intell Hum Comput 9(4):1061–1073
Das AK (2011) Analysisandimprovementonanefficientbiometric-based remote user authentication scheme using smart cards. IET Inf Secur 5(3):145–151
Madhusudhan R, Nayak CS (2018) A robust authentication scheme for telecare medical information systems. Multimed Tools Appl 78(11):1–19
Li C-T, Lee C-C, Weng C-Y, Chen S-J (2016) A secure dynamic identity and chaotic maps based user authentication and key agreement scheme for e-healthcare systems. J Med Syst 40(11):233
The AVISPA Project, Avispa-project.org. [Online] Available: http://www.avispa-project.org/. Accessed 10 June 2021
Gupta BB, Quamara M (2018) A taxonomy of various attacks on smart card-based applications and countermeasures. Concurr Comput: Pract Exp 33(7):e4993
Yin X, He J, Guo Y, Han D, Li KC, Castiglione A (2020) An efficient two-factor authentication scheme based on the Merkle tree. Sensors 20(20):5735
Castiglione A, DAmbrosio C, De Santis A, Castiglione A, Palmieri F (2013). On secure data management in health-care environment. In: 2013 7th international conference on innovative mobile and internet services in ubiquitous computing. IEEE, pp 666–671
Masud M, Gaba GS, Alqahtani S, Gupta BB et al (2020) A lightweight and robust secure key establishment protocol for internet of medical things in COVID-19 patients care. IEEE Internet Things J. https://doi.org/10.1109/JIOT.2020.3047662
Rahman MA, Hossain MS, Alrajeh NA et al (2021) A multimodal, multimedia point-of-care deep learning framework for COVID-19 diagnosis. ACM Trans Multimid Comput Commun Appl 17(1s):1–24
Gupta BB, Li KC, Leung VC, Psannis KE, Yamaguchi S (2021) Blockchain-assisted secure fine-grained searchable encryption for a cloud-based healthcare cyber-physical system. IEEE/CAA J Autom Sin. https://doi.org/10.1109/JAS.2021.1004003
Yu C, Li J, Li X, Ren X et al (2018) Four-image encryption scheme based on quaternion Fresnel transform, chaos and computer generated hologram. Multimed Tools Appl 77(4):4585–4608
Esposito C, Ficco M, Gupta BB (2021) Blockchain-based authentication and authorization for smart city applications. Inf Process Manag 58(2):102468
Sedik A, Hammad M, Abd El-Samie FE, Abd El-Latif AA et al (2021) Efficient deep learning approach for augmented detection of Coronavirus disease. Neural Comput Appl. https://doi.org/10.1007/s00521-020-05410-8
Peng J, Abd El-Latif AA, Li Q, Niu X (2014) Multimodal biometric authentication based on score level fusion of finger biometrics. Optik 125(23):6891–6897
Dwivedi RK, Kumar R, Buyya R (2021) Secure healthcare monitoring sensor cloud with attribute-based elliptical curve cryptography. Int J Cloud Appl Comput (IJCAC) 11(3):1–18
Kavitha A (2018) Investigations on the brain connectivity parameters for co-morbidities of autism using EEG. Int J Softw Sci Comput Intell (IJSSCI) 10(2):50–65
Wang H, Li Z, Li Y et al (2020) Visual saliency guided complex image retrieval. Pattern Recogn Lett 130:64–72
Wang N, Li Q, Abd El-Latif AA, Peng J, Niu X (2013) Multibiometrics fusion for identity authentication: dual iris, visible and thermal face imagery. Int J Secur Appl 7(3):33–44
Abd-El-Atty B, Iliyasu AM, Alaskar H, El-Latif A, Ahmed A (2020) A robust quasi-quantum walks-based steganography protocol for secure transmission of images on cloud-based E-healthcare platforms. Sensors 20(11):3108
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Gupta, B.B., Prajapati, V., Nedjah, N. et al. Machine learning and smart card based two-factor authentication scheme for preserving anonymity in telecare medical information system (TMIS). Neural Comput & Applic 35, 5055–5080 (2023). https://doi.org/10.1007/s00521-021-06152-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00521-021-06152-x