A construction of a conformal Chebyshev chaotic map based authentication protocol for healthcare telemedicine services

Dharminder, Dharminder; Kumar, Uddeshaya; Gupta, Pratik

doi:10.1007/s40747-021-00441-7

Cited by 23 publications

(11 citation statements)

References 40 publications

(41 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The study of chaotic structures and their potential cryptographic designs has sparked much research interest in recent years [1]- [3]. The behaviours of certain cryptographic primitives are fundamentally similar to that of chaotic frameworks, which are represented by their sensitive reliance on random operations and initial situations in the vicinity [4]- [6]. Information security is essential in modern wireless communication systems to protect critical information/data since most people communicate over a public network [7], [8].…”

Section: Introductionmentioning

confidence: 99%

CGST: Provably Secure Lightweight Certificateless Group Signcryption Technique Based on Fractional Chaotic Maps

Meshram¹,

Imoize

Jamal

et al. 2022

IEEE Access

View full text Add to dashboard Cite

In recent years, there has been a lot of research interest in analysing chaotic constructions and their associated cryptographic structures. Compared with the essential combination of encryption and signature, the signcryption scheme has a more realistic solution for achieving message confidentiality and authentication simultaneously. However, the security of such schemes is questionable when deployed in modern safety-critical systems, especially as billions of sensitive user information is transmitted over open communication channels. To address this limitation, a lightweight, provably secure certificateless technique that uses Fractional Chaotic Maps (FCM) for group-oriented signcryption (CGST) is presented. The main feature of the CGST-FCM technique is that any group signcrypter may encrypt data/information with the group manager (GM) and have it sent to the verifier. They can verify the legitimacy of the signcrypted information/data using the public conditions of the group, but they cannot link it to the conforming signcrypter. In this scenario, valid signcrypted information/data cannot be produced by the GM or any signcrypter in that category alone. The GM is allowed to reveal the identity of the signcrypter when there is a legal conflict to restrict repudiation of the signature. The CGST-FCM technique is found to be protected from the indistinguishably chosen ciphertext attack (IND-CCA). The computationally difficult problem has been used to build unlinkability, traceability, robust security, and unforgeability. The security investigation of the presented CGST-FCM technique shows commendable consistency and very high efficiency when used in real-time security applications.

show abstract

Section: Introductionmentioning

confidence: 99%

CGST: Provably Secure Lightweight Certificateless Group Signcryption Technique Based on Fractional Chaotic Maps

Meshram¹,

Imoize

Jamal

et al. 2022

IEEE Access

View full text Add to dashboard Cite

show abstract

“…We compare the proposed scheme with other related schemes in terms of different security attacks and parameters in Table 3. Zhang et al's [29] scheme cannot provide several security features such as fail to resist the stolen verifier attack [34]. Qu et al's [30] scheme focuses on preventing the impersonation attack but suffers from the off-line guessing attack and reply attack.…”

Section: Performance Comparisonmentioning

confidence: 99%

Patient Family Binding and Authentication Scheme with Privacy Protection for E-Health System

Zhang

Huang

Zhu

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

The emergence of the E-health system has brought convenience to many chronically ill patients and elderly people with limited mobility. With the help of the E-health system, patients can upload their physiological data timely and get a diagnosis at home, which is more convenient and efficient as they do not have to line up in hospitals. In order to ensure this convenience while protecting patients’ privacy, many schemes have been proposed which can help patient and medical server authenticate each other. However, considering these patients’ inconvenience, sometimes family members need to participate in the patient’s treatment process. So, the E-health system needs to provide a secure communication platform for the family members. At present, most of the authentication schemes for the E-health system only focus on the secure communication between the patient and the medical server, while ignoring the participation of family members. Moreover, in the E-health system, the permissions of family members and patient should be different, and the medical server needs to distinguish their permissions efficiently. In order to overcome these problems, we propose a patient family binding and authentication privacy protection scheme for the E-health system. In the scheme proposed by us, the medical server can efficiently assign different permissions to the family member and patient. And our scheme can allow patient to authorize their family members freely, and the increase in the number of family members will not impose additional burden on the server. At the same time, the authentication between the family member and the medical server does not require the participation of the patient. In addition, by comparing with other related schemes, we prove that our scheme has suitable efficiency and security performance in the E-health system.

show abstract

“…Based on chaotic maps, secure remote access control methods are introduced in [81] and [82]. However, chaotic map based protocols are susceptible to stolen smartcard, impersonation, identity and password guessing attacks [27]. In addition, the approach in [81] cannot withstand side-channel attacks, while the technique in [82] is vulnerable to offline password guessing and impersonation attacks [83].…”

Section: Related Workmentioning

confidence: 99%

“…These attacks can lead to malicious access, data loss and intellectual property infringement [25]. During the development and implementation of TMIS and HIS, privacy and security should be incorporated in early stages [26], [27]. In addition, interoperability between healthcare systems should be assured so that there is efficient exchange of health records between providers [28].…”

Section: Introductionmentioning

confidence: 99%

Health information systems security: Risks, prospects and frameworks

Odiango¹,

Abeka²,

Liyala³

2022

World J. Adv. Eng. Technol. Sci.

View full text Add to dashboard Cite

Information is the most precious asset of any organization and assessing risk to information is a core mandate of any institutional management to ensure availability of effective controls to protect information assets. The increasing digitization of health information and the ever-changing cyber security threat environment, has led to some public health data breaches and as information security become increasingly important to the continued success for businesses, majority of organizations are searching for an appropriate security framework. Security risk assessment framework enables identification of threats and vulnerabilities. Although numerous frameworks available in the market, selection of the right framework to meet the organization’s need is a challenge due to lack of prescriptiveness, standard, inconsistencies, complexity, compliance, cost, and certifications. To address the gap, this study assessed the security of health information system and privacy risks in addition to existing frameworks and developed an enhanced framework. The study adopted a descriptive cross – sectional design and was conducted in Siaya County, in Kenya. A questionnaire was used to collect data which was analyzed and presented inform of tables, and charts. The results indicated that confidentiality of information is good (use of identifiers and passwords at 96.8% approval rate), availability of physical controls to protect authorized access at 95.2%, availability of policies stating staff responsible for protection of information confidentiality at 91.9%, availability of written policy on patient confidentiality and privacy at 74.2% and use of access privileges at 68.8%. The findings on integrity of information was poor with availability of systems to review data accuracy having 71.9% approval rate, frequency of data review at 81.2%, availability of written description of information security manager’s responsibility at 39.5%, monitoring of electronic systems to detect potential breaches at 40%, creation of audit logs to track system transactions at 54% and frequency of reviewing audit logs at 51.5%. The findings on availability of information was good (availability of inventory of computers at 69.9%), regular updates of inventory at 61.3%, updates of patient data on laptops and desktops at 68.2%, sharing of data confidentiality and security policy at 36%, and regular backups of audited logs at 51% approval rates. Regarding the assessment of existing security frameworks, it was noted that HIPAA has the following shortcomings: lacks complete valid risk analysis, not certifiable, security rule is safeguarding electronic protected health information only, the security does not regulate emails and does not require encryption, and commitment on security is verbal. On the other hand, ISO/IEC 27001 is expensive, requires specific IT budget, special expertise, and more time to apply in public hospitals. Finally, NIPP framework is expensive, and uses consequence’s assessment which is outside the scope of this study.

show abstract

A construction of a conformal Chebyshev chaotic map based authentication protocol for healthcare telemedicine services

Cited by 23 publications

References 40 publications

CGST: Provably Secure Lightweight Certificateless Group Signcryption Technique Based on Fractional Chaotic Maps

CGST: Provably Secure Lightweight Certificateless Group Signcryption Technique Based on Fractional Chaotic Maps

Patient Family Binding and Authentication Scheme with Privacy Protection for E-Health System

Health information systems security: Risks, prospects and frameworks

Contact Info

Product

Resources

About