nach oben

Wireless Personal Communications

Erschienen in:

20.01.2020

Security Enhanced RFID Authentication Protocols for Healthcare Environment

verfasst von: Shaohao Xie, Fangguo Zhang, Rong Cheng

Erschienen in: Wireless Personal Communications | Ausgabe 1/2021

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

RFID technology, which is concerned as one of the core technologies of Internet of Things, has been widely deployed in healthcare environment and brings a lot of convenience for people’s daily life. However, the security and privacy challenges of RFID authentication protocols are receiving more and more attention. One of the problems is that the current RFID protocols usually use a backend server to store the detailed information of tagged objects, which may lead to the issue of information leakage if the server is hacked or attacked by the adversary. To address this challenge, in this paper, we propose a security enhanced RFID authentication protocol for healthcare environment using the technique of indistinguishability obfuscation, which prevents the leakage of sensitive data from the backend server. Meanwhile, we extend the protocol to fit for the scenario of cloud environment where the tags’ information is stored in the cloud server. To our knowledge, our protocols are the first applications of indistinguishability obfuscation in the field of RFID authentication system. Moreover, our protocols are scalable and practical, and they are analyzed to achieve most of the security properties of the RFID system.

Vorheriger Artikel A Provably Secure and Lightweight Patient-Healthcare Authentication Protocol in Wireless Body Area Networks

Nächster Artikel An Optimized Integrated Framework of Big Data Analytics Managing Security and Privacy in Healthcare Data

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Finkenzeller, K. (2010). RFID handbook: Fundamentals and applications in contactless smart cards, radio frequency identification and near-field communication. Hoboken: Wiley.CrossRef

Anandhi, S., Anitha, R., & Sureshkumar, V. (2019). IoT enabled RFID authentication and secure object tracking system for smart logistics. Wireless Personal Communications, 104(2), 543–560.CrossRef

Lee, Y. K., Batina, L., & Verbauwhede, I. (2008). EC-RAC (ECDLP based randomized access control): Provably secure RFID authentication protocol. In 2008 IEEE international conference on RFID (pp. 97–104). IEEE.

Want, R. (2006). An introduction to RFID technology. IEEE Pervasive Computing, 5(1), 25–33.CrossRef

Lin, X., Lu, R., Kwan, D., & Shen, X. S. (2010). REACT: An RFID-based privacy-preserving children tracking scheme for large amusement parks. Computer Networks, 54(15), 2744–2755.CrossRef

Wyld, D. (2010). Preventing the worst case scenario: An analysis of rfid technology and infant protection in hospitals. The Internet Journal of Healthcare Administration, 7(1), 6.

Wang, S. W., Chen, W. H., Ong, C. S., Liu, L., & Chuang, Y. W. (2006). RFID application in hospitals: A case study on a demonstration RFID project in a Taiwan hospital. In Proceedings of the 39th annual Hawaii international conference on system sciences (HICSS’06) (Vol. 8, pp. 184a–184a). IEEE.

Katz, J. E., & Rice, R. E. (2009). Public views of mobile medical devices and services: A US national survey of consumer sentiments towards RFID healthcare technology. International Journal of Medical Informatics, 78(2), 104–114.CrossRef

Pérez, M. M., Cabrero-Canosa, M., Hermida, J. V., García, L. C., Gómez, D. L., González, G. V., et al. (2012). Application of RFID technology in patient tracking and medication traceability in emergency care. Journal of Medical Systems, 36(6), 3983–3993.CrossRef

10.

Ohsaga, A., & Kondoh, K. (2013). Bedside medication safety management system using a PDA and RFID tags. In 2013 7th international symposium on medical information and communication technology (ISMICT) (pp. 85–89). IEEE.

11.

Sandler, S. G., Langeberg, A., DeBandi, L., Gibble, J., Wilson, C., & Feldman, C. L. (2007). Radiofrequency identification technology can standardize and document blood collections and transfusions. Transfusion, 47(5), 763–770.CrossRef

12.

Liao, Y. T., Chen, T. L., Chen, T. S., Zhong, Z. H., & Hwang, J. H. (2016). The application of RFID to healthcare management of nursing house. Wireless Personal Communications, 91(3), 1237–1257.CrossRef

13.

Fan, K., Jiang, W., Li, H., & Yang, Y. (2018). Lightweight RFID protocol for medical privacy protection in IoT. IEEE Transactions on Industrial Informatics, 14(4), 1656–1665.CrossRef

14.

Feldhofer, M., Dominikus, S., & Wolkerstorfer, J. (2004). Strong authentication for RFID systems using the AES algorithm. In International workshop on cryptographic hardware and embedded systems (pp. 357–370). Springer, Berlin, Heidelberg.

15.

Pham, T. A., Hasan, M. S., & Yu, H. (2012). A RFID mutual authentication protocol based on AES algorithm. In Proceedings of 2012 UKACC international conference on control (pp. 997–1002). IEEE.

16.

Rahman, F., Hoque, M. E., & Ahamed, S. I. (2017). Anonpri: A secure anonymous private authentication protocol for RFID systems. Information Sciences, 379, 195–210.CrossRef

17.

Rahman, F., Bhuiyan, M. Z. A., & Ahamed, S. I. (2017). A privacy preserving framework for RFID based healthcare systems. Future Generation Computer Systems, 72, 339–352.CrossRef

18.

Tsudik, G. (2007). A family of dunces: Trivial RFID identification and authentication protocols. In International workshop on privacy enhancing technologies (pp. 45–61). Springer, Berlin, Heidelberg.

19.

Shamir, A. (2008). SQUASH-A new MAC with provable security properties for highly constrained devices such as RFID tags. In International workshop on fast software encryption (pp. 144–157). Springer, Berlin, Heidelberg.

20.

Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M. J., & Seurin, Y. (2008). Hash functions and RFID tags: Mind the gap. In International workshop on cryptographic hardware and embedded systems (pp. 283–299). Springer, Berlin, Heidelberg.

21.

Cho, J. S., Yeo, S. S., & Kim, S. K. (2011). Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value. Computer Cmmunications, 34(3), 391–397.

22.

Benssalah, M., Djeddou, M., & Drouiche, K. (2017). Security analysis and enhancement of the most recent RFID authentication protocol for telecare medicine information system. Wireless Personal Communications, 96(4), 6221–6238.CrossRef

23.

Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., & Waters, B. (2016). Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM Journal on Computing, 45(3), 882–929.MathSciNetCrossRef

24.

Bitansky, N., & Vaikuntanathan, V. (2018). Indistinguishability obfuscation from functional encryption. Journal of the ACM (JACM), 65(6), 39.MathSciNetCrossRef

25.

Ramchen, K., & Waters, B. (2014). Fully secure and fast signing from obfuscation. In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security (pp. 659–673). ACM.

26.

Sahai, A., & Waters, B. (2014). How to use indistinguishability obfuscation: Deniable encryption, and more. In Proceedings of the forty-sixth annual ACM symposium on Theory of computing (pp. 475–484). ACM.

27.

Hohenberger, S., Koppula, V., & Waters, B. (2015). Universal signature aggregators. In Annual international conference on the theory and applications of cryptographic techniques (pp. 3–34). Springer, Berlin, Heidelberg.

28.

Boneh, D., Gupta, D., Mironov, I., & Sahai, A. (2015). Hosting services on an untrusted cloud. In Annual international conference on the theory and applications of cryptographic techniques (pp. 404–436). Springer, Berlin, Heidelberg.

29.

Cheng, R., Yan, J., Guan, C., Zhang, F., & Ren, K. (2015). Verifiable searchable symmetric encryption from indistinguishability obfuscation. In Proceedings of the 10th ACM symposium on information, computer and communications security (pp. 621–626). ACM.

30.

He, D., & Zeadally, S. (2014). An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet of Things Journal, 2(1), 72–83.CrossRef

31.

Weis, S. A., Sarma, S. E., Rivest, R. L., & Engels, D. W. (2004). Security and privacy aspects of low-cost radio frequency identification systems. In Security in pervasive computing (pp. 201–212). Springer, Berlin, Heidelberg.

32.

Molnar, D., & Wagner, D. (2004). Privacy and security in library RFID: Issues, practices, and architectures. In Proceedings of the 11th ACM conference on computer and communications security (pp. 210–219). ACM.

33.

Perrin, R. A., & Simpson, N. (2004). RFID and bar codes-critical importance in enhancing safe patient care. Journal of Healthcare Information Management: JHIM, 18(4), 33–39.

34.

Sun, P. R., Wang, B. H., & Wu, F. (2008). A new method to guard inpatient medication safety by the implementation of RFID. Journal of Medical Systems, 32(4), 327–332.CrossRef

35.

Yao, W., Chu, C. H., & Li, Z. (2012). The adoption and implementation of RFID technologies in healthcare: A literature review. Journal of Medical Systems, 36(6), 3507–3525.CrossRef

36.

Rosenbaum, B. P. (2014). Radio frequency identification (RFID) in health care: Privacy and security concerns limiting adoption. Journal of Medical Systems, 38(3), 19.CrossRef

37.

Srivastava, K., Awasthi, A. K., Kaul, S. D., & Mittal, R. C. (2015). A hash based mutual RFID tag authentication protocol in telecare medicine information system. Journal of Medical Systems, 39(1), 153.CrossRef

38.

Li, C. T., Weng, C. Y., & Lee, C. C. (2015). A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. Journal of MedicalSystems, 39(8), 77.

39.

Maurya, P. K., & Bagchi, S. (2018). A secure PUF-based unilateral authentication scheme for RFID system. Wireless Personal Communications, 103(2), 1699–1712.CrossRef

40.

Xie, W., Xie, L., Zhang, C., Zhang, Q., & Tang, C. (2013). Cloud-based RFID authentication. In 2013 IEEE international conference on RFID (RFID) (pp. 168–175). IEEE.

41.

Kardas, S., Çelik, S., Bingöl, M. A., & Levi, A. (2013). A new security and privacy framework for RFID in cloud computing. In 2013 IEEE 5th international conference on cloud computing technology and science (Vol. 1, pp. 171–176). IEEE.

42.

Chen, S. M., Wu, M. E., Sun, H. M., & Wang, K. H. (2014). CRFID: An RFID system with a cloud database as a back-end server. Future Generation Computer Systems, 30, 155–161.CrossRef

43.

Lin, I. C., Hsu, H. H., & Cheng, C. Y. (2015). A cloud-based authentication protocol for RFID supply chain systems. Journal of Network and Systems Management, 23(4), 978–997.CrossRef

44.

Wu, F., Xu, L., Kumari, S., Li, X., Das, A. K., & Shen, J. (2018). A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications. Journal of Ambient Intelligence and Humanized Computing, 9(4), 919–930.CrossRef

45.

Fan, K., Jiang, W., Luo, Q., Li, H., & Yang, Y. (2019). Cloud-based RFID mutual authentication scheme for efficient privacy preserving in IoV. Journal of the Franklin Institute. https://doi.org/10.1016/j.jfranklin.2019.02.023.CrossRef

46.

Boneh, D., & Waters, B. (2013). Constrained pseudorandom functions and their applications. In International conference on the theory and application of cryptology and information security (pp. 280–300). Springer, Berlin, Heidelberg.

47.

Boyle, E., Goldwasser, S., & Ivan, I. (2014). Functional signatures and pseudorandom functions. In International workshop on public key cryptography (pp. 501–519). Springer, Berlin, Heidelberg.

48.

Hohenberger, S., Koppula, V., & Waters, B. (2015). Adaptively secure puncturable pseudorandom functions in the standard model. In International conference on the theory and application of cryptology and information security (pp. 79–102). Springer, Berlin, Heidelberg.

Titel: Security Enhanced RFID Authentication Protocols for Healthcare Environment
verfasst von: Shaohao Xie
Fangguo Zhang
Rong Cheng
Publikationsdatum: 20.01.2020
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 1/2021
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-020-07042-6

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Arbeitszeit/© granata68 / Fotolia, E-Autos im Fuhrpark: Lohnt sich das noch?/© Petair / stock.adobe.com, Kryptowährungen/© gopixa / Getty Images / iStock, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2021

An Efficient Data Delivery Scheme in WBAN to Deal with Shadow Effect due to Postural Mobility

An Enhanced and Secure Cloud Infrastructure for e-Health Data Transmission

Securing E-health Networks from Counterfeit Medicine Penetration Using Blockchain

Personalized Recommendation Method for Preventing Elderly People from Cardiovascular Disease Complication Using Integrated Objective Distance

Securing IoT Applications with Smart Objects: Framework and a Socially Assistive Robots Case Study

An Energy Efficient QoS Supported Optimized Transmission Rate Technique in WBANs

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.