Skip to main content
SpringerLink
Log in

Machine learning and smart card based two-factor authentication scheme for preserving anonymity in telecare medical information system (TMIS)

  • S.I. : Machine Learning Applications for Security
  • Published:
Neural Computing and Applications Aims and scope Submit manuscript

Abstract

Telecare medical information system (TMIS) is used to connect patients and doctors who are at a different location from each other. The authentication of the user and system is very crucial as the medical data of the user is stored on the server. Many systems have been developed in order to achieve this goal. We show some vulnerabilities of existing systems in this paper. We then propose a secure authentication mechanism to achieve the same goal. Machine learning and the nonce-based system is used for authentication of the entity and to prove the freshness of transmitted messages. Smart card blocking mechanisms have been included in each phase of the proposed system to prevent unauthorized access of data. The proposed system has been evaluated formally with the AVISPA tool. Then the proposed model has also been checked against different attacks and evaluated for different functionalities. We provide relative analysis with some recently proposed models and show our proposed system is relatively more efficient and secure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig.11
Fig. 12
Fig. 13
Fig. 14

Similar content being viewed by others

References

  1. Bai T, Lin J, Li G, Wang H, Ran P, Li Z, Li D, Pang Y, Wu W, Jeon G (2019) A lightweight method of data encryption in BANsusing electrocardiogram signal. Futur Gener Comput Syst 92:800–811

    Article  Google Scholar 

  2. Bhatt Y, Bhatt C (2017) Internet of things in healthcare. In: Internet of things and big data technologies for next generation HealthCare. Springer, Cham, pp 13–33

    Chapter  Google Scholar 

  3. Shen J, Gui Z, Ji S, Shen J, Tan H, Tang Y (2018) Cloud-aided lightweight certificateless authentication protocol with anonymity for wireless body area networks. J Netw Comput Appl 106:117–123

    Article  Google Scholar 

  4. Wang J, Han K, Alexandridis A, Zilic Z, Pang Y, Lin J (2018) An ASIC implementation of security scheme for body area networks. In: 2018 IEEE international symposium on circuits and systems (ISCAS), pp 1–5

  5. Wang J, Han K, Alexandridis A, Zilic Z, Pang Y, Wu W, Din S, Jeon G (2018) A novel security scheme for Body Area Networks compatible with smart vehicles. Comput Netw 143:74–81

    Article  Google Scholar 

  6. Wazid M, Das AK, Kumar N, Conti M, Vasilakos AV (2018) A novel authentication and key agreement scheme for implantable medical devices deployment. IEEE J Biomed Health Inform 22(4):1299–1309

    Article  Google Scholar 

  7. Amin R, Biswas GP (2015) A novel user authentication and key agreement protocol for accessing multi-medical server usable in tmis. J Med Syst 39(3):33

    Article  Google Scholar 

  8. Xu D, Chen J, Zhang S, Liu Q (2018) Privacy-preserving and efficient truly three-factor authentication scheme for telecare medical information systems. J Med Syst 42(11):219

    Article  Google Scholar 

  9. Amin R, Islam SH, Biswas GP, Khan MK, Li X (2015) Cryptanalysis and enhancement of anonymity preserving remote user mutual authentication and session key agreement scheme for e-health care systems. J Med Syst 39(11):140

    Article  Google Scholar 

  10. Guo C, Chang C-C (2013) Chaotic maps-based password-authenticated key agreement using smart cards. Commun Nonlinear Sci Numer Simul 18(6):1433–1440

    Article  MathSciNet  MATH  Google Scholar 

  11. Hao X, Wang J, Yang Q, Yan X, Li P (2013) A chaotic map-based authentication scheme for telecare medicine information systems. J Med Syst 37(2):9919. https://doi.org/10.1007/s10916-012-9919-y

    Article  Google Scholar 

  12. Jiang Q, Ma J, Lu X, Tian Y (2014) Robust chaotic map-based authentication and key agreement scheme with strong anonymity for telecare medicine information systems. J Med Syst 38(2):12

    Article  Google Scholar 

  13. Lee C-C, Hsu C-W, Lai Y-M, Vasilakos A (2013) An enhanced mobile-healthcare emergency system based on extended chaotic maps. J Med Syst 37(5):9973

    Article  Google Scholar 

  14. Lee T-F (2013) An efficient chaotic maps-based authentication and key agreement scheme using smartcards for telecare medicine information systems. J Med Syst 37(6):9985

    Article  Google Scholar 

  15. Li C-T, Lee C-C, Weng C-Y (2014) A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems. J Med Syst 38(9):77

    Article  Google Scholar 

  16. Das AK, Goswami A (2013) A secure and efficient uniqueness-and- anonymity-preserving remote user authentication scheme for connected health care. J Med Syst 37(3):9948

    Article  Google Scholar 

  17. Jiang Q, Ma J, Ma Z, Li G (2013) A privacy enhanced authentication scheme for telecare medical information systems. J Med Syst 37(1):9897

    Article  Google Scholar 

  18. Li X, Xiong Y, Ma J, Wang W (2012) An efficient and securitydynamic identity based authentication protocol for multi-server architecture using smart cards. J Netw Comput Appl 35(2):763–769

    Article  Google Scholar 

  19. Xue K, Hong P, Ma C (2014) A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture. J Comput Syst Sci 80(1):195–206

    Article  MathSciNet  MATH  Google Scholar 

  20. Wei J, Hu X, Liu W (2012) An improved authentication scheme for telecare medicine information systems. J Med Syst 36(6):3597–3604

    Article  Google Scholar 

  21. Kocher P, Jaffe J, Jun B (1999) Differential power analysis. In: Annual international cryptology conference, pp 388–397

  22. Messerges TS, Dabbish EA, Sloan RH (2002) Examiningsmart-card security under the threat of power analysis attacks. IEEE Trans Comput 51(5):541–552

    Article  MathSciNet  MATH  Google Scholar 

  23. Chang Y-F, Yu S-H, Shiao D-R (2013) A uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care. J Med Syst 37(2):9902. https://doi.org/10.1007/s10916-012-9902-7

    Article  Google Scholar 

  24. Choudhury B, Then P, Issac B, Raman V, Haldar MK (2018) A survey on biometrics and cancelable biometrics systems. Int J Image Graph 18(1):1850006

    Article  Google Scholar 

  25. Jiang Q, Khan MK, Lu X, Ma J, He D (2016) A privacy preserving three-factor authentication protocol for e-Health clouds. J Supercomput 72(10):3826–3849

    Article  Google Scholar 

  26. Wu F, Xu L, Kumari S, Li X (2015) A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks. Comput Electr Eng 45:274–285

    Article  Google Scholar 

  27. Chaudhry SA, Naqvi H, Khan MK (2018) An enhanced lightweight anonymous biometric based authentication scheme for TMIS. Multimed Tools Appl 77(5):5503–5524

    Article  Google Scholar 

  28. Mir O, Nikooghadam M (2015) A secure biometrics based authentication with key agreement scheme in telemedicine networks for e-health services. Wirel Pers Commun 83(4):2439–2461

    Article  Google Scholar 

  29. Jiang Q, Chen Z, Li B, Shen J, Yang L, Ma J (2018) Security analysis and improvement of bio-hashing based three-factor authentication scheme for telecare medical information systems. J Ambient Intell Hum Comput 9(4):1061–1073

    Article  Google Scholar 

  30. Das AK (2011) Analysisandimprovementonanefficientbiometric-based remote user authentication scheme using smart cards. IET Inf Secur 5(3):145–151

    Article  Google Scholar 

  31. Madhusudhan R, Nayak CS (2018) A robust authentication scheme for telecare medical information systems. Multimed Tools Appl 78(11):1–19

    Google Scholar 

  32. Li C-T, Lee C-C, Weng C-Y, Chen S-J (2016) A secure dynamic identity and chaotic maps based user authentication and key agreement scheme for e-healthcare systems. J Med Syst 40(11):233

    Article  Google Scholar 

  33. The AVISPA Project, Avispa-project.org. [Online] Available: http://www.avispa-project.org/. Accessed 10 June 2021

  34. Gupta BB, Quamara M (2018) A taxonomy of various attacks on smart card-based applications and countermeasures. Concurr Comput: Pract Exp 33(7):e4993

    Google Scholar 

  35. Yin X, He J, Guo Y, Han D, Li KC, Castiglione A (2020) An efficient two-factor authentication scheme based on the Merkle tree. Sensors 20(20):5735

    Article  Google Scholar 

  36. Castiglione A, DAmbrosio C, De Santis A, Castiglione A, Palmieri F (2013). On secure data management in health-care environment. In: 2013 7th international conference on innovative mobile and internet services in ubiquitous computing. IEEE, pp 666–671

  37. Masud M, Gaba GS, Alqahtani S, Gupta BB et al (2020) A lightweight and robust secure key establishment protocol for internet of medical things in COVID-19 patients care. IEEE Internet Things J. https://doi.org/10.1109/JIOT.2020.3047662

    Article  Google Scholar 

  38. Rahman MA, Hossain MS, Alrajeh NA et al (2021) A multimodal, multimedia point-of-care deep learning framework for COVID-19 diagnosis. ACM Trans Multimid Comput Commun Appl 17(1s):1–24

    Article  Google Scholar 

  39. Gupta BB, Li KC, Leung VC, Psannis KE, Yamaguchi S (2021) Blockchain-assisted secure fine-grained searchable encryption for a cloud-based healthcare cyber-physical system. IEEE/CAA J Autom Sin. https://doi.org/10.1109/JAS.2021.1004003

    Article  Google Scholar 

  40. Yu C, Li J, Li X, Ren X et al (2018) Four-image encryption scheme based on quaternion Fresnel transform, chaos and computer generated hologram. Multimed Tools Appl 77(4):4585–4608

    Article  Google Scholar 

  41. Esposito C, Ficco M, Gupta BB (2021) Blockchain-based authentication and authorization for smart city applications. Inf Process Manag 58(2):102468

    Article  Google Scholar 

  42. Sedik A, Hammad M, Abd El-Samie FE, Abd El-Latif AA et al (2021) Efficient deep learning approach for augmented detection of Coronavirus disease. Neural Comput Appl. https://doi.org/10.1007/s00521-020-05410-8

    Article  Google Scholar 

  43. Peng J, Abd El-Latif AA, Li Q, Niu X (2014) Multimodal biometric authentication based on score level fusion of finger biometrics. Optik 125(23):6891–6897

    Article  Google Scholar 

  44. Dwivedi RK, Kumar R, Buyya R (2021) Secure healthcare monitoring sensor cloud with attribute-based elliptical curve cryptography. Int J Cloud Appl Comput (IJCAC) 11(3):1–18

    Google Scholar 

  45. Kavitha A (2018) Investigations on the brain connectivity parameters for co-morbidities of autism using EEG. Int J Softw Sci Comput Intell (IJSSCI) 10(2):50–65

    Article  Google Scholar 

  46. Wang H, Li Z, Li Y et al (2020) Visual saliency guided complex image retrieval. Pattern Recogn Lett 130:64–72

    Article  Google Scholar 

  47. Wang N, Li Q, Abd El-Latif AA, Peng J, Niu X (2013) Multibiometrics fusion for identity authentication: dual iris, visible and thermal face imagery. Int J Secur Appl 7(3):33–44

    Google Scholar 

  48. Abd-El-Atty B, Iliyasu AM, Alaskar H, El-Latif A, Ahmed A (2020) A robust quasi-quantum walks-based steganography protocol for secure transmission of images on cloud-based E-healthcare platforms. Sensors 20(11):3108

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. National Institute of Technology Kurukshetra, Kurukshetra, Haryana, 136119, India

    B. B. Gupta & Varun Prajapati

  2. Asia University, Taichung, Taiwan

    B. B. Gupta

  3. State University of Rio de Janeiro, Rio de Janeiro, Brazil

    Nadia Nedjah

  4. University College of Engineering Tindivanam, Anna University Chennai, Melpakkam, India

    P. Vijayakumar

  5. Menoufia University Egypt, Shebeen El-Kom, Egypt

    Ahmed A. Abd El-Latif

  6. Monash University Clayton Campus, Clayton, VIC, Australia

    Xiaojun Chang

Authors
  1. B. B. Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Varun Prajapati
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Nadia Nedjah
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. P. Vijayakumar
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ahmed A. Abd El-Latif
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Xiaojun Chang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to B. B. Gupta.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gupta, B.B., Prajapati, V., Nedjah, N. et al. Machine learning and smart card based two-factor authentication scheme for preserving anonymity in telecare medical information system (TMIS). Neural Comput & Applic 35, 5055–5080 (2023). https://doi.org/10.1007/s00521-021-06152-x

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00521-021-06152-x

Keywords

Search

Navigation