Abstract
Recently, Chiou et al. proposed a secure authentication scheme which not only ensures message confidentiality and patient anonymity but also provides real telemedicine system implementation. However, in this paper, we found that Chiou et al.’s telemedicine scheme has some security weaknesses such as (1) it fails to protect the confidentiality of patient’s inspection report and doctor’s treatment record, (2) it fails to provide the property of unlinkability. The above-mentioned design flaws in Chiou et al.’s scheme may lead to privacy exposure and malicious outsider can link and discover the sensitive relationship between the patient and the doctor.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Banerjee, A., Agrawal, P., Rajkumar, R.: Design of a cloud based emergency healthcare service model. Int. J. Appl. Eng. Res. 8(19), 2261–2264 (2013)
Chen, C.L., Yang, T.T., Shih, T.F.: A secure medical data exchange protocol based on cloud environments. J. Med. Syst. 38(9), 1–12 (2014). article no. 112
Chen, C.L., Yang, T.T., Chiang, M.L., Shih, T.F.: A privacy authentication scheme based on cloud for medical environments. J. Med. Syst. 38(11), 1–16 (2014). article no. 143
Chiou, S.Y., Ying, Z., Liu, J.: Improvement of a privacy authentication scheme based on cloud for medical environment. J. Med. Syst. 40(4), 1–15 (2016). article no. 101
He, D., Zeadally, S.: Authentication protocol for ambient assisted living system. IEEE Commun. Mag. 35(1), 71–77 (2015)
He, D., Kumar, N., Chen, J.: Robust anonymous authentication protocol for healthcare applications using wireless medical sensor networks. Multimedia Syst. 21(1), 49–60 (2015)
Jiang, Q., Ma, J., Lu, X., Tian, Y.: An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks. Peer-to-Peer Networking Appl. 8(6), 1070–1081 (2015)
Jiang, Q., Wei, F., Fu, S., Ma, J., Li, G., Alelaiwi, A.: Robust extended chaotic maps-based three-factor authentication scheme preserving biometric template privacy. Nonlinear Dyn. 83(4), 2085–2101 (2016)
Li, C.T., Lee, C.C., Wang, C.C., Yang, T.H., Chen, S.J.: Design flaws in a secure medical data exchange protocol based on cloud environments. In: Wang, G., Zomaya, A., Perez, G.M., Li, K. (eds.) ICA3PP 2015. LNCS, vol. 9532, pp. 435–444. Springer, Cham (2015). doi:10.1007/978-3-319-27161-3_39
Li, C.T., Weng, C.Y., Lee, C.C.: A secure RFID tag authentication protocol with privacy preserving in telecare medicine information systems. J. Med. Syst. 39(8), 1–8 (2015). article no. 77
Li, C.T., Weng, C.Y., Lee, C.C., Wang, C.C.: A hash based remote user authentication and authenticated key agreement scheme for the integrated EPR information system. J. Med. Syst. 39(11), 1–11 (2015). article no. 144
Li, C.T., Lee, C.C., Weng, C.Y.: A secure cloud-assisted wireless body area network in mobile emergency medical care system. J. Med. Syst. 40(5), 1–15 (2016). article no. 117
Padhy, R.P., Patra, M.R., Satapathy, S.C.: Design and implementation of a cloud based rural healthcare information system model. Univ. J. Comput. Sci. Eng. Technol. 2(1), 149–157 (2012)
Acknowledgements
The authors would like to thank the anonymous reviewers for their valuable suggestions and comments. In addition, this research was partially supported by the National Science Council, Taiwan, R.O.C., under contract no.: MOST 105-2221-E-165-005 and MOST 105-3114-C-165-001-ES.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Li, CT., Shih, DH., Wang, CC. (2017). On the Security of a Privacy Authentication Scheme Based on Cloud for Medical Environment. In: Kim, K., Joukov, N. (eds) Information Science and Applications 2017. ICISA 2017. Lecture Notes in Electrical Engineering, vol 424. Springer, Singapore. https://doi.org/10.1007/978-981-10-4154-9_28
Download citation
DOI: https://doi.org/10.1007/978-981-10-4154-9_28
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-4153-2
Online ISBN: 978-981-10-4154-9
eBook Packages: EngineeringEngineering (R0)