مشخصات مقاله | |
ترجمه عنوان مقاله | LACO: احراز هویت سه عاملی سبک وزن، کنترل دسترسی و طرح انتقال مالکیت برای سیستم های سلامت الکترونیکی در اینترنت اشیا (IoT) |
عنوان انگلیسی مقاله | LACO: Lightweight Three-Factor Authentication, Access Control and Ownership Transfer Scheme for E-Health Systems in IoT |
انتشار | مقاله سال 2019 |
تعداد صفحات مقاله انگلیسی | 40 صفحه |
هزینه | دانلود مقاله انگلیسی رایگان میباشد. |
پایگاه داده | نشریه الزویر |
نوع نگارش مقاله |
مقاله پژوهشی (Research Article) |
مقاله بیس | این مقاله بیس نمیباشد |
نمایه (index) | Scopus – Master Journals List – JCR |
نوع مقاله | ISI |
فرمت مقاله انگلیسی | |
ایمپکت فاکتور(IF) |
7.007 در سال 2018 |
شاخص H_index | 93 در سال 2019 |
شاخص SJR | 0.835 در سال 2018 |
شناسه ISSN | 0167-739X |
شاخص Quartile (چارک) | Q1 در سال 2018 |
رشته های مرتبط | مهندسی کامپیوتر، مهندسی فناوری اطلاعات |
گرایش های مرتبط | هوش مصنوعی، امنیت اطلاعات، شبکه های کامپیوتری |
نوع ارائه مقاله |
ژورنال |
مجله / کنفرانس | سیستم های کامپیوتری نسل آینده-Future Generation Computer Systems |
دانشگاه | Department of Information Technology Engineering, Faculty of Computer Engineering, University of Isfahan, Isfahan 81746-73441, Iran |
کلمات کلیدی | سیستم های سلامت الکترونیکی، اینترنت اشیا، امنیت سایبری، داده شخصی، پروتکل احراز هویت سه عاملی، پروتکل انتقال مالکیت |
کلمات کلیدی انگلیسی | E-Health Systems, Internet of things (IoT), Cybersecurity, Personal data, Three-factor authentication protocol, Ownership transfer protocol |
شناسه دیجیتال – doi |
https://doi.org/10.1016/j.future.2019.02.020 |
کد محصول | E12077 |
وضعیت ترجمه مقاله | ترجمه آماده این مقاله موجود نمیباشد. میتوانید از طریق دکمه پایین سفارش دهید. |
دانلود رایگان مقاله | دانلود رایگان مقاله انگلیسی |
سفارش ترجمه این مقاله | سفارش ترجمه این مقاله |
فهرست مطالب مقاله: |
Abstract 1. Introduction 2. Related work 3. Preliminaries and notations 4. Review of ZZTL scheme 5. Security analysis of the ZZTL protocol 6. Proposed LACO protocol 7. Security analysis of the proposed scheme 8. Performance comparison 9. Conclusion and future works References |
بخشی از متن مقاله: |
Abstract
The use of the Internet of Things (IoT) in the electronic health (e-health) management systems brings with it many challenges, including secure communications through insecure radio channels, authentication and key agreement schemes between the entities involved, access control protocols and also schemes for transferring ownership of vital patient information. Besides, the resource-limited sensors in the IoT have real difficulties in achieving this goal. Motivated by these considerations, in this work we propose a new lightweight authentication and ownership transfer protocol for e-health systems in the context of IoT (LACO in short). The goal is to propose a secure and energy-efficient protocol that not only provides authentication and key agreement but also satisfies access control and preserves the privacy of doctors and patients. Moreover, this is the first time that the ownership transfer of users is considered. In the ownership transfer phase of the proposed scheme, the medical server can change the ownership of patient information. In addition, the LACO protocol overcomes the security flaws of recent authentication protocols that were proposed for e-health systems, but are unfortunately vulnerable to traceability, de-synchronization, denial of service (DoS), and insider attacks. To avoid past mistakes, we present formal (i.e., conducted on ProVerif language) and informal security analysis for the LACO protocol. All this ensures that our proposed scheme is secure against the most common attacks in IoT systems. Compared to the predecessor schemes, the LACO protocol is both more efficient and more secure to use in e-health systems. Introduction Health-care is an indispensable part of human life. In addition, in recent decades there has been an increase in life expectancy. Because of this, there has been an increase in the population over the age of 65 who regularly demand medical services of some kind. Due to the large number of patients, the provision of high-quality care to at-risk patients may be interrupted or the quality of service may deteriorate. While technology cannot reduce the demand for health services, it can at least offer potential solutions by integrating traditional health-care systems with electronic devices [1]. Recent health-care systems, called e-health systems, are supported by electronic devices with wireless connectivity, which are currently communicated through a central device (gateway) which usually transmits the collected data to a cloud [2, 3] –in the future, the devices will be able to communicate directly with each other. The use of these systems provides virtual consultations to patients such that the vast majority of them can rest at home and be treated with telemedicine, which is provided by doctors and hospitals [4, 1]. With advances in the Internet of Things (IoT) systems, many medical and wearable devices, equipped with sensors and placed in or on the patient’s body, can collect the vital real-time data and transmit it to a base station [5, 6]. This base station could be a kind of smartphone or tablet carried by the patient and would send the collected information to the hospital server [7, 8]. Finally, authorized users such as doctors and nurses can access these data to do or decide the best. As for the user’s connection to the medical server, the user must be authenticated at an early stage, usually using a smart card [9]. Likewise, for some devices communication is bi-directional and authorized entities such as physicians can change the reprogramming of patient devices [10, 11]. |