Submitted Successfully!
To reward your contribution, here is a gift for you: A free trial for our video production service.
Thank you for your contribution! You can also upload a video entry or images related to this topic.
Version Summary Created by Modification Content Size Created at Operation
1
Abdullah M. Almuhaideb
 -- 1492 2022-08-25 13:53:33 |
2 format correction
Dean Liu
Meta information modification 1492 2022-08-26 02:49:49 |

Video Upload Options

Do you have a full video?
Send video materials Upload full video

Confirm

Are you sure to Delete?
Yes No
Cite
If you have any further questions, please contact Encyclopedia Editorial Office.
Almuhaideb, A.M.;  Alghamdi, H.A. WBAN Authentication Protocols for Intra-BAN Tier. Encyclopedia. Available online: https://encyclopedia.pub/entry/26504 (accessed on 16 May 2024).
Almuhaideb AM,  Alghamdi HA. WBAN Authentication Protocols for Intra-BAN Tier. Encyclopedia. Available at: https://encyclopedia.pub/entry/26504. Accessed May 16, 2024.
Almuhaideb, Abdullah M., Huda A. Alghamdi. "WBAN Authentication Protocols for Intra-BAN Tier" Encyclopedia, https://encyclopedia.pub/entry/26504 (accessed May 16, 2024).
Almuhaideb, A.M., & Alghamdi, H.A. (2022, August 25). WBAN Authentication Protocols for Intra-BAN Tier. In Encyclopedia. https://encyclopedia.pub/entry/26504
Almuhaideb, Abdullah M. and Huda A. Alghamdi. "WBAN Authentication Protocols for Intra-BAN Tier." Encyclopedia. Web. 25 August, 2022.
WBAN Authentication Protocols for Intra-BAN Tier
Edit
This entry is adapted from the peer-reviewed paper 10.3390/jsan11030044

Telecare medical information system (TMIS) is a technology used in a wireless body area network (WBAN), which has a crucial role in healthcare services. TMIS uses wearable devices with sensors to collect patients’ data and transmit the data to the controller node via a public channel.

WBAN emergency authentication protocol periodic authentication protocol

1. Introduction

A WBAN is being utilized effectively in healthcare services remotely because of the fast progress of wireless communication technology. TMIS is one of the WBAN technologies that can provide a variety of healthcare services to patients remotely through telecare servers [1][2][3].
In the TMIS environment, patients can wear wearable devices with many sensors to continuously monitor patients’ physical conditions and collect sensitive health data, such as the temperature of the body, heart rate, pressure, sugar of the blood, and other data [4][5]. The health data are transmitted to patients’ mobile devices and then transferred to medical servers at any time and from any location. Thus, patients can save time and cost by utilizing numerous healthcare services remotely. Due to these advantages, TMIS offers better healthcare services compared to traditional healthcare services [6]. However, despite the advantages of TMIS, sensitive medical data concerning patients must be protected from malicious attacks as they are transmitted through unsecured channels. Thus, secure mutual authentication is essential for secure data transmission [7].
The transmitted messages include emergency medical reports and periodic medical reports. The emergency medical report occurs when a sensor detects an emergency in the body of a patient, which is needed to be sent as soon as the emergency is detected. The periodic medical report occurs when the sensor nodes are requested to collect the patient’s health data and send them to take an appropriate diagnosis at a specific time.

2. Requirements of Authentication Schemes in WBAN

The authentication schemes in the WBAN must satisfy the following requirements:
  • Emergency and periodic authentication protocols: The emergency authentication occurs when a sensor detects an emergency in the patient’s body, and it needs to initiate the authentication request for sending the emergency report securely. Periodic authentication occurs when the controller node requests to collect the patient’s data from a sensor node at a specific time, and the controller initiates the periodic authentication request to the sensor node for transmitting the data securely.
  • Replay attack: An attacker can obtain messages when transmissions occur via unsecured channels. However, the attacker is unable to perform a replay attack if the message contains a timestamp.
  • Session key disclosure attack: If an attacker tries to obtain the session key, the attacker cannot obtain secret values using messages sent via a public channel. Thus, the session key cannot be calculated by the attacker.
  • Impersonation attack: An attacker cannot produce an authentication message to impersonate the legitimate entity.
  • Controller node/mobile device stolen attack: If an attacker obtains a legitimate patient’s mobile device, the attacker is unable to extract any information stored on it and is unable to generate a legitimate message.
  • Off-line guessing attack: An attacker has the ability to guess either identity or a password, but not both at the same time.
  • Perfect forward/backward secrecy: Future keys will not be attacked, and previous keys will not be misused (future/past key secrecy).
  • Known session-specific temporary information attack: In case an attacker gets the secret values that are created randomly through the session, the session key cannot be calculated.
  • Anonymity and unlinkability: This refers to an attacker being unable to obtain the identity of a legitimate entity through message eavesdropping and being unable to trace a legitimate entity using messages sent during previous sessions.
  • Desynchronization attack: The solution should prevent the risk of a desynchronization attack that blocks communication between two parties and render them unable to proceed with authentication.
  • Secure password change: This refers to an attacker being unable to arbitrarily change the password of a legitimate mobile device because the identity and password of the legitimate entity are unknown to the attacker.
  • Performance: Authentication protocols must be cost-effective in terms of computation and communication.

3. The Existing Authentication Schemes in WBAN

The authors of [8] suggested a WBAN authentication protocol for the intra-BAN tier. Their scheme provides a group key generated by a controller node to many sensor nodes. The authentication protocol ensures forward secrecy only in the case of adding or deleting at least one sensor node where the group key is changed. However, it does not ensure forward secrecy when the sensor nodes are constant.
The scheme in [9] presented a WBAN authentication protocol for the interaction among sensor nodes and a controller device. It creates a group key between the controller device and many sensor nodes. The scheme ensures perfect forward secrecy where a new group key is generated for each session even if the sensor nodes are unchanged. However, the scheme has high communication and computation costs do not support node anonymity/unlinkability and are vulnerable to desynchronization attacks, stolen mobile device attacks, and a replay attack [10].
The authors of [11][12] suggested a lightweight WBAN authentication protocol to transmit data on a public channel securely. It relies on XOR operation and hash function to achieve low computation and communication costs. However, it presents security weaknesses such as a stolen mobile device/controller node attack, where an attacker can obtain the sensitive data within the controller device if the attacker can steal it. This allows for establishing the session key between the attacker and the sensor node.
The scheme in [13] presented an authentication protocol for the intra-BAN tier. It prevents node impersonation, MITM, and session key disclosure attacks, and it ensures forward secrecy, node anonymity, and node unlinkability. However, it has high computation and communication costs and does not prevent the risk of a desynchronization attack. The scheme adopts elliptic curve cryptography (ECC) with a point multiplication operation on the sensors and controller side, along with a hash function and XOR operation. However, the point multiplication operation is considered complex for the first tier given the resource constraints of the sensor nodes.
The authors of [14] suggested a lightweight WBAN authentication scheme to transmit sensitive data on a public channel securely. It relies on XOR operation and hash function to enhance performance. In addition, it creates biometric keys by extracting features from physiological signals, such as ECG signals. However, it presents security weaknesses such as a stolen controller device attack. If an attacker steals the controller device, the attacker can extract the secret key of the controller node, the secret key of the sensor node, and the identity of the sensor node, which represents the secret information. Thus, the session key between the attacker and a sensor node may be established.
The authors of [15] suggested a WBAN authentication protocol for the intra-BAN tier. The scheme has suitable computation and communication costs for a WBAN. Moreover, it provides some security features, such as protection from replay attacks, session key disclosure attacks, impersonation attacks, and desynchronization attacks and it ensures perfect forward/backward secrecy and node anonymity/unlinkability. However, it is prone to a stolen mobile device/controller node attack. If an attacker steals the controller device, the attacker can obtain the secret key of the controller device and the sensor node’s identity and then compute the sensor node’s secret key.
Ding et al. [10] and Abiramy and Sudha [16] (pp. 287–296) proposed a WBAN authentication protocol for interaction between sensor nodes and a controller node. The controller node can create a session key and distribute it to the sensor nodes in a group, which means all sensor nodes in the same group can use the same session key with the controller node. In addition, the schemes ensure perfect forward secrecy.
The scheme in [17] worked on establishing mutual authentication for the intra-BAN tier. The scheme prevents node impersonation, man-in-the-middle, and desynchronization attacks and it ensures forward/backward secrecy, node anonymity, and node unlinkability.
The authors of [18] suggested an authentication protocol for the intra-BAN tier. The scheme ensures forward/backward secrecy, node anonymity, and node unlinkability.
The scheme in [19] proposed an authentication protocol for the intra-BAN tier. Their scheme achieves integrity, confidentiality, authentication, and access control over sensitive data.
The first one occurs when a sensor detects an emergency in the patient’s body and needs to initiate an authentication to send the emergency medical report as soon as the emergency is detected. In contrast, the second one occurs when the controller node needs to initiate an authentication to collect the patient’s data from sensor nodes at specific times. Furthermore, most schemes were designed with the assumption that a patient’s mobile device/controller is trusted, but in reality, an attacker can steal the patient’s mobile device and extract the sensitive information stored on it. As a result, they did not protect against the risk of a stolen mobile device/controller attack. Based on analyzing the previous WBAN authentication protocols, it was found that working on improving the existing schemes may lead to secure and efficient authentication protocols in a WBAN.

References

  1. Hsu, C.L.; Le, T.V.; Hsieh, M.C.; Tsai, K.Y.; Lu, C.F.; Lin, T.W. Three-Factor UCSSO Scheme with Fast Authentication and Privacy Protection for Telecare Medicine Information Systems. IEEE Access 2020, 8, 196553–196566.
  2. Son, S.; Lee, J.; Kim, M.; Yu, S.; Das, A.K.; Park, Y. Design of Secure Authentication Protocol for Cloud-Assisted Telecare Medical Information System Using Blockchain. IEEE Access 2020, 8, 192177–192191.
  3. Ryu, J.; Oh, J.; Kwon, D.; Son, S.; Lee, J.; Park, Y.; Park, Y. Secure ECC-Based Three-Factor Mutual Authentication Protocol for Telecare Medical Information System. IEEE Access 2022, 10, 11511–11526.
  4. Poongodi, T.; Rathee, A.; Indrakumari, R.; Suresh, P. IoT Sensing Capabilities: Sensor Deployment and Node Discovery, Wearable Sensors, Wireless Body Area Network (WBAN), Data Acquisition. Intell. Syst. Ref. Libr. 2020, 174, 127–151.
  5. Taleb, H.; Nasser, A.; Andrieux, G.; Charara, N.; Motta Cruz, E. Wireless Technologies, Medical Applications and Future Challenges in WBAN: A Survey. Wirel. Netw. 2021, 27, 5271–5295.
  6. Deebak, B.D.; Al-Turjman, F. Smart Mutual Authentication Protocol for Cloud Based Medical Healthcare Systems Using Internet of Medical Things. IEEE J. Sel. Areas Commun. 2021, 39, 346–360.
  7. Wazid, M.; Das, A.K.; Vasilakos, A.V. Authenticated Key Management Protocol for Cloud-Assisted Body Area Sensor Networks. J. Netw. Comput. Appl. 2018, 123, 112–126.
  8. Shen, J.; Chang, S.; Shen, J.; Liu, Q.; Sun, X. A Lightweight Multi-Layer Authentication Protocol for Wireless Body Area Networks. Futur. Gener. Comput. Syst. 2018, 78, 956–963.
  9. Liu, X.; Jin, C.; Li, F. An Improved Two-Layer Authentication Scheme for Wireless Body Area Networks. J. Med. Syst. 2018, 42, 1–14.
  10. Ding, Y.; Xu, H.; Zhao, M.; Liang, H.; Wang, Y. Group Authentication and Key Distribution for Sensors in Wireless Body Area Network. Int. J. Distrib. Sens. Netw. 2021, 17, 15501477211044338.
  11. Ur Rehman, Z.; Altaf, S.; Iqbal, S. An Efficient Lightweight Key Agreement and Authentication Scheme for WBAN. IEEE Access 2020, 8, 175385–175397.
  12. Chen, C.M.; Xiang, B.; Wu, T.Y.; Wang, K.H. An Anonymous Mutual Authenticated Key Agreement Scheme for Wearable Sensors in Wireless Body Area Networks. Appl. Sci. 2018, 8, 1074.
  13. Wan, T.; Wang, L.; Liao, W.; Yue, S. A Lightweight Continuous Authentication Scheme for Medical Wireless Body Area Networks. Peer-to-Peer Netw. Appl. 2021, 14, 3473–3487.
  14. Rehman, Z.U.; Altaf, S.; Ahmad, S.; Huda, S.; Al-Shayea, A.M.; Iqbal, S. An Efficient, Hybrid Authentication Using Ecg and Lightweight Cryptographic Scheme for Wban. IEEE Access 2021, 9, 133809–133819.
  15. Li, X.; Ibrahim, M.H.; Kumari, S.; Kumar, R. Secure and Efficient Anonymous Authentication Scheme for Three-Tier Mobile Healthcare Systems with Wearable Sensors. Telecommun. Syst. 2018, 67, 323–348.
  16. Abiramy, N.V.; Sudha, S.V. A secure and lightweight authentication protocol for multiple layers in wireless body area network. Smart Intell. Comput. Appl. 2019, 104, 287–296.
  17. Koya, A.M.; Deepthi, P.P. Deepthi. Anonymous Hybrid Mutual Authentication and Key Agreement Scheme for Wireless Body Area Network. Comput. Netw. 2018, 140, 138–151.
  18. Arfaoui, A.; ben Letaifa, A.; Kribeche, A.; Senouci, S.M.; Hamdi, M. Adaptive Anonymous Authentication for Wearable Sensors in Wireless Body Area Networks. In Proceedings of the 2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC), Limassol, Cyprus, 25–29 June 2018; pp. 606–611.
  19. Morales-Sandoval, M.; De-La-Parra-Aguirre, R.; Galeana-Zapien, H.; Galaviz-Mosqueda, A. A Three-Tier Approach for Lightweight Data Security of Body Area Networks in E-Health Applications. IEEE Access 2021, 9, 146350–146365.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license; additional terms may apply. By using this site, you agree to the Terms and Conditions and Privacy Policy.
Upload a video for this entry
Information
Subjects: Computer Science, Cybernetics
Contributors MDPI registered users' name will be linked to their SciProfiles pages. To register with us, please refer to https://encyclopedia.pub/register :
Abdullah M. Almuhaideb
,
Huda A. Alghamdi
View Times: 570
Revisions: 2 times (View History)
Update Date: 26 Aug 2022
Table of Contents
    1000/1000
    Hot Most Recent
    Feedback