DOI QR코드

DOI QR Code

웨어러블 장치를 이용한 헬스케어시스템을 위한 안전한 통신 기법에 대한 분석 및 해결책

Cryptanalysis and Solution on Secure Communication Scheme for Healthcare System using Wearable Devices

  • 최해원 (DGIST 기술벤처경영) ;
  • 김상진 (경운대학교 항공컴퓨터학과) ;
  • 류명춘 (경운대학교 항공컴퓨터학과)
  • Choi, Hae-Won (Department of Innovation Management, DGIST) ;
  • Kim, Sangjin (Department of Aerospace & Industrial Computing Security, Kyungwoon University) ;
  • Ryoo, Myungchun (Department of Aerospace & Industrial Computing Security, Kyungwoon University)
  • 투고 : 2018.12.26
  • 심사 : 2019.02.20
  • 발행 : 2019.02.28

초록

기존에 다양한 헬스케어 시스템에 대한 보안 개념이 제시되었다. 하지만 제시된 다양한 프로토콜에서 좀 더 나은 연산의 효율성과 안정성을 갖추기 위한 개선점이 보인다. 본 논문은 Vijayakumar등이 제안한 웨어러블 장치를 이용한 헬스케어시스템을 위한 효율적인 안전한 통신 기법에 대한 보안 분석 및 이에 대한 해결책을 제시한다. 특히, Vijayakumar등의 기법은 서비스거부공격에 취약하고 무결성을 제공하지 못하는 문제점이 있다. 이러한 문제들을 해결하기 위해서 본 논문에서는 새로운 안전한 통신 기법을 제안한다. 새롭게 제안한 기법은 인증 및 무결성을 제공함으로서 Vijayakumar등의 기법에 대한 효율적인 보안 해결책이 될 수 있다. 특히, 제안한 기법은 연산의 오버헤드 관점에서도 장점을 제시한다.

A security company has been proposed for various healthcare systems. However, there are improvements in order to achieve better efficiency and stability in the various protocols presented. The purpose of this paper is to provide cryptanalysis and solution on Vijayakumar et al.'s secure communication scheme for healthcare system using wearable devices. Especially, it is weak against denial of service attack and it does not provide integrity of the transmitted messages. Thereby, this paper proposes a new secure communication scheme to cope from the problems in Vijayakumar et al.'s scheme. It provides authentication and integrity, which could be the security solution against Vijayakumar et al.'s scheme. Furthermore, it also provides a good computational overhead compared to Vijayakumar et al.'s scheme.

키워드

DJTJBT_2019_v17n2_187_f0001.png 이미지

Fig. 1. Vijayakumar et al.‘s Secure Communication Scheme [12]

DJTJBT_2019_v17n2_187_f0002.png 이미지

Fig. 2. Normal Status Phase of Proposed Secure Communication Scheme

DJTJBT_2019_v17n2_187_f0003.png 이미지

Fig. 3. Emergency Status Phase of Proposed Secure Communication Scheme

Table 1. Security Comparison

DJTJBT_2019_v17n2_187_t0001.png 이미지

Table 2. Computational Cost Comparison

DJTJBT_2019_v17n2_187_t0002.png 이미지

참고문헌

  1. H. Kim, E. K. Ryu & S. W. Lee. (2011). Security Considerations on Cognitive Radio based on Body Area Networks for u-Healthcare. Journal of Security Engineering, 10(1), 9-20.
  2. S. Y. Mun, Y. M. Yun, T. H. Han, S. E. Lee, H. J. Chang, S. Y. Song & H. C. Kim. (2017). Public Awareness of Digital Healthcare Services. Journal of Digital Convergence, 15(4), 621-629.
  3. J. E. Song, S. H. Kim, M. A. Chung & K. I, Chung. (2007). Security issues and its technology trends in u-Healthcare. Electronics and Telecommunications Trends, 22(1), 119-129.
  4. T. M. Song & S. H. Jang. (2011). u-Healthcare : Issue and Research Trends. Korea Institute for Health and Social Affairs, 119-129.
  5. C. B. Roh & J. B. Song. (2015). Hybrid Healch Care System Designs in a Wireless Network Environment, Journal of Digital Convergence, 13(3), 457-462. https://doi.org/10.14400/JDC.2015.13.8.457
  6. J. E. Yoon & C. J. Suh. (2018). Research Trend Analysis on Smart Healthcare by using Topic Modeling and Ego Network Analysis. Journal of Digital Convergence, 16(5), 981-993.
  7. L. Mark & F. John. (2011). Remote control of medical devices using instant messaging infrastructure. U.S. Patent CA2718696 A1, Dec. 8.
  8. S. B. Othman & A. Trad. H. (2014). Youssef, Security artchitecture for at-home medical care using wireless sensor network, Proc. of International conference on wireless communications and mobile computing conference 2014, 304-309.
  9. S. Han, S. Q. Li, C. H. Ju & W. Zhou. (2016). PPM-HDA:Privacy-preserving and multifuntional health data aggregation with fault tolerance, IEEE Transactions on Information Forensics and Security, 11(9), 1940-1955. https://doi.org/10.1109/TIFS.2015.2472369
  10. S. Syms & A. D. Kumar. (2016). Secured WBANs for pervasive m-healthcare social networks. Proc. of 10th International Conference on Intelligent Systems and Control.
  11. J. Liu, Z. Zhang & K. S. Kwak. (2014). Certificateless remote anonymous authentication schemes for wireless body area networks. IEEE Transactions on Parallel and Distributed Systems, 25(2), 332-342. https://doi.org/10.1109/TPDS.2013.145
  12. P. Vijayakumar, P. Pandiaraja, M. Kaaruppiah & L. J. Deborah. (2017). An efficient secure communication for healthcare system using wearable devices. Computers and Electrical Engineering, 63, 232-245. https://doi.org/10.1016/j.compeleceng.2017.04.014
  13. Wikipedia, Denial of service attack, https://ko.wikipedia.org/wiki/Denialofserviceattack.
  14. Wikipedia. Data integrity, https://ko.wikipedia.org/wiki/Dataintegrity.
  15. F. Wu, L. Xu, S. Kumari, X. Li, A. K. Das, M. K. Khan, M. Karuppiah & R. Baliyan. (2016). A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks. Security and Communication Networks, 9, 3527-2542. https://doi.org/10.1002/sec.1558