한국통신학회논문지 (The Journal of Korean Institute of Communications and Information Sciences)

  • 제37권5C호
  • /
  • Pages.410-419
  • /
  • 2012
  • /
  • 1226-4717(pISSN)
  • /
  • 2287-3880(eISSN)
한국통신학회 (The Korean Institute of Commucations and Information Sciences)
권호 표지
DOI QR코드

DOI QR Code

병원 실내 위치기반 의료정보 푸쉬 서비스를 위한 익명 인증 스킴

An Anonymous Authentication Scheme for Health Information Push Service Based on Indoor Location in Hospital

  • 안해순 (대구대학교 기초교육원 컴퓨터과정) ;
  • 윤은준 (경일대학교 사이버보안학과) ;
  • 남인길 (대구대학교 컴퓨터.IT공학부)
  • 투고 : 2012.01.27
  • 심사 : 2012.04.23
  • 발행 : 2012.05.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

본 논문에서는 병원 실내 위치기반 의료정보 푸쉬 서비스를 위한 안전하고 효율적인 익명 인증 스킴을 제안한다. 제안한 스킴은 다음과 같은 장점들을 가진다. (1)안전한 일방향 해쉬 함수(secure one-way hash function)를 사용하여 의료 서비스 사용자와 의료 관리센터 사이에 연산 복잡성을 최소화 하였다. (2)의료 관리센터 측에 삽입공격(insertion attacks) 및 훔친 검증자 공격(stolen-verifier attacks) 등 다양한 암호학적 공격들에 대한 대상이 될 수 있는 민감한 정보를 저장하는 검증 테이블(verification table)을 전혀 필요로 하지 않는다. (3)안전한 상호 인증과 키 설정(secure mutual authentication and key establishment), 기밀 통신(confidential communication), 사용자 프라이버시(user's privacy), 간단한 키 관리(simple key management), 세션 키 독립성 (session key independence)등을 보장하여 높은 보안 수준을 제공한다. 결론적으로 제안한 스킴은 병원 내 실내 위치기반 의료정보 푸쉬 서비스 환경에서 의료 서비스 사용자와 의료 관리센터 사이에서 아주 낮은 연산 오버헤드를 제공하기 때문에 스마트폰과 같은 경량 디바이스를 이용한 다양한 위치기반 의료정보 서비스 환경에 매우 실용적으로 활용될 수 있다.

This paper proposes a secure and efficient anonymous authentication scheme for health information push service based on indoor location in hospital. The proposed scheme has the following benefits: (1)It is just based on a secure one-way hash function for avoiding complex computations for both health care operations users and health care centers. (2)It does not require sensitive verification table which may cause health care centers to become an attractive target for numerous attacks(e.g., insertion attacks and stolen-verifier attacks), (3)It provides higher security level (e.g., secure mutual authentication and key establishment, confidential communication, user's privacy, simple key management, and session key independence). As result, the proposed scheme is very suitable for various location-based medical information service environments using lightweight-device(e.g., smartphone) because of very low computation overload on the part of both health care operations users and health care centers.

키워드

참고문헌

  1. Gostin LO, Turek-Brezina J, Powers M, Kozloff R, Faden R, Steinauer DD. Privacy and Security of Personal Information in a New Health Care System. JAMA. 270(20), 2487-2493 (1993) https://doi.org/10.1001/jama.1993.03510200093038
  2. J. Kim, A. R. Beresford, and F. Stajano, Towards a Security Policy for Ubiquitous Healthcare Systems, Proc. 1st International Conference on Ubiquitous Convergence Technology, 263-272 (2006)
  3. S.-D. Bao, Y.-T. Zhang, and L.-F. Shen, Physiological Signal Based Entity Authentication for Body Area Sensor Networks and Mobile Healthcare Systems, Proc. 27th Annual International Conference of Engineering in Medicine and Biology Society, 2455-2458 (2005)
  4. M. Markovic, Z. Savic, and B. Kovacevic, Secure mobile health systems: principles and solutions, M-Health: Emerging Mobile Health Systems, Kluwer Academic Publishers, 81-106 (2007)
  5. A. Boukerche and R. Yonglin, A secure mobile healthcare system using trust-based multicast scheme. IEEE J. Selected Areas Comm. 27(4), 387-399 (2009) https://doi.org/10.1109/JSAC.2009.090504
  6. B Schneier, Applied Cryptography, 2nd edn. (Wiley, New York, 1996)
  7. N. Koblitz, Elliptic curve cryptosystems, in Mathematics of Computation 48, 203-209 (1987) https://doi.org/10.1090/S0025-5718-1987-0866109-5
  8. C Ellison, B Schneier, Ten risks of PKI: what you're not being told about public-key infrastructure. Comput. Secur. J. 16(1), 1-7 (2000)
  9. H. Wang, B. Sheng, Q. Li, Elliptic curve cryptographybased access control in sensor networks, Int. J. Security and Networks. 1(3/4), 127-137 (2006) https://doi.org/10.1504/IJSN.2006.011772
  10. X. H. Le, S. Lee, I. Butun, M. Khalid, R. Sankar, M. Kim, M-H. Han, Y-K. Lee, H. Lee. An Energy-Efficient Access Control Scheme for Wireless Sensor Networks based on Elliptic Curve Cryptography. Journal of Communications and Networks. 11(6), 599-606 (2009) https://doi.org/10.1109/JCN.2009.6388413
  11. F. Amin, A. H. Jahangir, and H. Rasifard. Analysis of Public-Key Cryptography for Wireless Sensor Networks Security. World Academy of Science, Engineering and Technology 41, 529-534 (2008)
  12. X. H. Le, R. Sankar, M. Khalid, and S. Lee, Public Key Cryptography - based Security Scheme for Wireless Sensor Networks in Healthcare, 4th International Conference on Ubiquitous Information Management and Communication (ICUIMC), Suwon, Korea, (January 2010)
  13. W. Joppe, M. Kaihara, T. Kleinjung, A. K. Lenstra, and P. Montgomery, On the Security of 1024-bit RSA and 160-bit Elliptic Curve Cryptography Cryptology, Report on Cryptology ePrint Archive, 389 (2009)
  14. HJ Lee, SH Lee, KS Ha, HC Jang, WY Chung, JY Kim, YS Chang, DH Yoo. Ubiquitous healthcare service using Zigbee and mobile phone for elderly patients. International Journal of Medical Informatics. 78(3), 193-198 (2009) https://doi.org/10.1016/j.ijmedinf.2008.07.005
  15. A. Boukerche, Ren. Yonglin. A secure mobile healthcare system using trust-based multicast scheme. IEEE Journal on Selected Areas in Communications. 27(4), 387-399 (2009) https://doi.org/10.1109/JSAC.2009.090504
  16. TH Chen, WB Lee, HB Chen, A self-verification authentication mechanism for mobile satellite communication systems. Comput. Electr. Eng. 35(1), 41-48 (2009) https://doi.org/10.1016/j.compeleceng.2008.05.003
  17. GA Safdar, MP O'Neill, Performance analysis of novel randomly shifted certification authority authentication protocol for MANETs. EURASIP J. Wirel. Commun. Netw. 2009 Article ID 243956, 1-11 (2009)
  18. R Jian, L Yun, L Tongtong, SPM: source privacy for mobile ad hoc networks. EURASIP J. Wirel. Commun. Netw. 2010 Article ID 534712, 1-10 (2010)
  19. V Vijay, O Diethelm, S Jaleel, JH Antoni, J Sanjay, Broadcast secrecy via key-chain-based encryption in single-hop wireless sensor networks. EURASIP J. Wirel. Commun. Netw. 2011 Article ID 695171, 1-12 (2011)
  20. JM Li, YH Park, X Li, A USIM-based uniform access authentication framework in mobile communication. EURASIP J. Wirel. Commun. Netw. 2011 Article ID 867315, 1-12 (2011)
  21. JY Huang, IE Liao, HW Tang, A forward authentication key management scheme for heterogeneous sensor networks. EURASIP J. Wirel. Commun. Netw. 2011 Article ID 296704, 1-10 (2011)
  22. EJ Yoon, KY Yoo, JW Hong, SY Yoon, DI Park, MJ Choi. An efficient and secure anonymous authentication scheme for mobile satellite communication systems. EURASIP Journal on Wireless Communications and Networking. 86, 1-15 (2011)
  23. N Sklavos, O Koufopavlou, Implementation of the SHA-2 hash family standard using FPGAs. J. Supercomput. 31(3), 227{248 (2005) https://doi.org/10.1007/s11227-005-0086-5
  24. R Oppliger, R Hauser, D Basin, SSL/TLS session-aware user authentication. IEEE Comput. 41(3), 59{65 (March 2008)