SCHEME OF AUTHENTICATION OF HEALTH MONITORING
SYSTEM BASED ON CREDIT CARD MECHANISM
Qiming Huang, Qilei Hao, Chao Guo and Shuang Li
School of Computer and Communication Engineering, University of Science and Technology Beijing
No.30 Xueyuan Road, Beijing, P.R. China
Keywords: Health monitoring system, Credit card mechanism, Authentication and Key Agreement (AKA), Identity-
Based Cryptograph (IBC).
Abstract: Health monitoring systems are not just supported by local hospitals, but also supported by other province’s
hospitals. How to share the patient’s health data by different hospitals? Similarly, a user first applies for a
credit card with a bank whereby to buy goods at any merchant accepting credit cards. Merchants need not
establish agreements with each other, but just need to have a trust relationship with one or a few banks that
accept payments from credit-card users and pay merchants. After designing the logic hierarchical diagram
of the health monitoring system, the credit card mechanism is applied to establish mutual authentication
scheme with Identity-Based Cryptograph (IBC), which are used by clients in referral care between different
hospitals of different provinces and between different hospitals of the same province. The authentication
scheme ability has been analyzed to resist for Anti-counterfeit attacks, location privacy attacks and replay
attacks.
1 INTRODUCTION
With the development of the aging problem in our
country, research on the health monitoring system
becomes one of the focuses. The confidentiality of
patients’ health information and the modes of
authentication are the leading factors of protecting
the safety and privacy of patients. Patients wear
sensor nodes which measure health data such as
heart rate and blood pressure. The sensor signals are
transmitted to hospital through the mobile
communication system (ETSI, 1993; Perkins, 2002)
by the portable mobile communication networks
access point sensor (such as mobile phone). Doctors
read the patient's data, and emergency is disposed in
time. Meanwhile the health care monitoring system
can be also used to collect the physiological data of
one person for a long time.
The security of medical data is a very important
factor of the healthcare system. It is very significant
to establish a safe cross-realm authentication
mechanism of the medical data. The coordination
opportunities between hospitals are increasingly
more and more, and identities of clients need to be
certificated when clients transmit between different
hospitals. We propose a medical data certification
schemes based on credit card mechanism for the
problems of data authentication between different
hospitals of different provinces and between
different hospitals of the same province. This
program applies encryption mechanisms to protect
sensitive patient information, and the signature
mechanism is use between partners completes cross-
domain authentication.
Medical information security in IHE IT
Infrastructure Technical Framework proposed audit
trail and node authentication (ATNA), cross-
enterprise user authentication (XUA) and digital
signature guideline (DSG) and other technical
specifications (Jianhu et al., 2008). ATNA, CUA
and DSG can be shared in addressing security issues
medical information. They are good references and
technical guidelines to solve the sharing and security
problem of medical information. This paper
proposes an authentication mechanism based on
credit card authentication system for the
characteristics of the healthcare system in China,
and puts audit trail and node authentication (ATNA),
cross-enterprise user authentication (XUA) as
references. We introduce the importance of security
350
Huang Q., Hao Q., Guo C. and Li S..
SCHEME OF AUTHENTICATION OF HEALTH MONITORING SYSTEM BASED ON CREDIT CARD MECHANISM.
DOI: 10.5220/0003605103500354
In Proceedings of the 13th International Conference on Enterprise Information Systems (ICEIS-2011), pages 350-354
ISBN: 978-989-8425-55-3
Copyright
c
2011 SCITEPRESS (Science and Technology Publications, Lda.)
of medical data and propose a medical data
certification schemes based on credit card
mechanism in the first section. Then analyze the
health monitoring system hierarchy in the second
section. To carry out Authentication of Health
monitoring system, three system models and their
respective parameters are proposed. What’s more,
the method of an authentication and key agreement
(AKA) are also included in the third section. At last
we explicate the ability to resist for attacks in fourth
section and reach a decision in the last section.
2 BASICS OF AUTHENTICATION
SYSTEM
2.1 The Definition of Bilinear
Let
1
G
denote a cyclic additive group of some large
prime order
q
and
2
G
a cyclic multiplicative group
of the same order. Assume that the discrete
logarithm problem (DLP) is hard in both
1
G
and
2
G
(Mathis, 1956). For us, a pairing is a map e:G
1
×
G
2
→G
2
such that for all P, Q∈
and all
Nba ,
e
(
aP,bQ
)
=e
(
aP,Q
)
=e
(
P,bQ
)
=e
(
P,Q
)

This paper meets the demand of confidentiality
of data, using the discrete logarithm problem (DLP)
in additive group (Mao, 2004). This means that
choose two figure P, Q∈
freely. It is difficult to
find an integer a∈
which can fulfil
Q
aP
=
.
2.2 The Medical System Model
Medical health system can be divided into the
following several levels, Ministry of Health, hospital
and patient. The corresponding system of medical
and health information is consist of three layers,
which are provincial Ministry of Health information
processing system (MoH), hospital information
processing system (H), mobile communication
network access point (A). And sensor systems of
client connect with access point. Each provincial
Ministry of Health and its affiliated form a domain.
It is as shown below:
Figure 1: The logic diagram of the health monitoring
system hierarchy.
3 HEALTHCARE SYSTEM
MODEL
3.1 Trust Model
This trust model for the health monitoring system
bases on a credit card mechanism (TPM). The
Broker, Operator and User in network correspond to
the banks, merchants and users, in the credit card
mechanism. And they correspond to the provincial
Ministry of Health information processing system
(MoH), hospital information processing system (H),
mobile communication network access point (Ak)
and sensor systems. To ensure the transmission of
patient data in the Credit card mechanisms, users
first to apply for permits from the bank. After
passing authentication, the bank issued an electronic
permit to the patient. Trust relationship is
established between the user and the bank.
Businesses only need to verify the user's permit.
We use
1
MoH
and
k
H
on behalf of Broker1
and the Operator k respectively. We use
,
Kn
C
to
identification the unique client n enrolled in
k
H
. In
addition,
,
A
kn
refers to the mobile communication
network access point n in
k
H
..
,
PASSAk n
is a pass
of
,
kn
A
, signed by
1
MoH
.And
,
Ak n
K
is a pass-
based key signed by
1
MoH
. Similarly
k
PASSH
and
Hk
K
are the pass and the pass-based key of
k
H
respectively. They are signed by
1
MoH
.
Furthermore, (
,

,
,

) refers to a
temporary client (pass, pass-key) pair which
1
MoH
issues to a served client.
3.2 Trust-domain Initialization
1) Generate the pairing parameters
<,G
,G
,̂,P,H>, where
q
is a generator; Let
1
G
denote a cyclic additive group of some large
SCHEME OF AUTHENTICATION OF HEALTH MONITORING SYSTEM BASED ON CREDIT CARD
MECHANISM
351
prime order
q
and
2
G
a cyclic multiplicative group
of the same order.
e
is a bilinear map; P is a
generator of
1
G
; Hash function is:{0,1}
→
2) Pick a random β∈Z
as the domain-secret
whereby to compute a domain-public-key as
pub
PP
b=
.The public trust-domain parameters is
defined as follows:
Domain parameter-
group parameter, domain public key=- --()
=(<,G
,G
,̂,P,H>,P

)
In the first layer, the secret
b
in each provincial
Ministry of Health domain is saved secretly and the
domain parameters can be published. Since the
difficulty of calculation about the discrete logarithm
problem in additive group, it is not feasible to
calculate
b
from
(, )
pub
PP
.
3.3 Pass Model
The pass of medical security system structure uses
ID-based cryptography (IBC) (Zhang and Fang,
2006; Zhu et al., 2008). This pass only use dozens of
bits, compared with 1 KB length pass of X.509
Digital Certificate (Shamir, 1984). It saves much
bandwidth resources. There are three types of passes
in medical security system: Hospital passes(H-
PASSes), Access point passes (A-PASSes), and
temporary client passes (T-PASSes; ITU-T, 1989).
1) Issuance of H-PASSes:
The Ministry of Health information processing
system (MoH1) issues an H-PASS as well as a pass-
based key to hospital information processing system
to
k
H
:
k
PASSHk H
=
K


H

(PASSH
)
Hereβ

is
k
H
’s domain secret, H

is the
hash function of domain-parameter of H
.
2) Issuance of A-PASSes:
To ensure the clients can access to hospital
information processing system, a user have to be
registered with the local provincial Ministry of
Health . Pass and pass-based key are as follows:
PASSA
,
=A
,
KA


H

(PASSA
,
)
Hereβ

is H

’s domain secret, H

is
the hash function of domain-parameter of MoH1 .
3) Issuance temporary client passes (T-PASSes):
Temporary client passes (T-PASSes) passes is
issued by hospital information processing system.
The client which has T-PASSes is authenticated by
current domain. Pass and pass-based key are as
follows:

,

=(A
,

,expirytime)
,


H

(
,

)
Here β

is operator MoH1’s domain secret,
H

is the hash function of domain-parameter of
MoH1.
3.4 Authentication and Key Agreement
The authentication of the cross-domain in health
monitoring system is include authentication and key
agreement (AKA) between different hospitals of
different provinces and between different hospitals
of the same province. .
Different hospitals of different provinces AKA
When a user moves from one hospital to another
hospital in different provinces, the Different
hospitals of different provinces AKA occurs.
Without loss of generality, we take
,
im
A
and
k
H
as an example to explain the AKA process. User
access point
,
im
A
used to belong to a provincial
MoH2 care range of hospital Hi. For some reason,
the care information need to be transferred to the
hospital Hk in other provincial MoH1. The
application information sent by users should include
the network address of hospital HK and the address
of the access point AK. The protocol works in the
following three steps.
H
→A
,
:
PASSH
,domain −params

,S

(t
)
(1)
A
,
→H
:PASSA
,
,S
,
(t
)
(2)
H
→A
,
:PASS
,

,

,
,k
,

(3)
Hospital information processing system Hk
sends (1). A i,m checks whether the difference
between timestamp
1t
and his local clock time is
within an acceptance window, when it receives (1).
Then check
1()
kk
H
St
with
Hk
PASS
and domain-
MoH1
p
arams
. And use domain-
MoH1
p
arams
to verify
1()
kk
H
St
.
If all of the check is successful,
,
im
regards
k
H
as a legitimate hospital information processing
system. Then
,
im
sends its pass and the timestamp,
which signed by the pass key (as the private key), to
k
H
.
ICEIS 2011 - 13th International Conference on Enterprise Information Systems
352
,
im
can enrol in the local Ministry of
Health(MoH) to obtain MoH pass in advance. Then,
the
k
H
can receive and verify every user’s
certificate of MOH. If
k
H
recognizes that
,
im
is
a legal access point,
k
H
accepts the pass key
signature stamp of
,
im
and compares with the local
time.
If the check of
k
H
is successful,
,
Ai m
will be
accept by Hospital information processing system.
k
H
can obtains temporary client passes from
MoH1:
PASS
,

=(A
,

, − )
K
,


H

(PASS
,

)
Then the third step (3) can be carried out.
Hk
sends PASS
,

plaintext and pass-
key K
,

encrypted under public-key
,
im
PASSA
to Hk in message. After three successful handshakes,
1,1
C
and
1,1
R
may establish the shared system key:
,,
im
Hk A
K
=e

K
,

,H

PASS
,

=e

 H

PASS
,
,H

PASS
,

β

=e

 H

PASS
,

,H

PASS
,

β

2) Different hospitals of the same province AkA
Provincial certification happens when the user
transfers care responsibility from one hospital to the
other hospital in the same province. For example,
the user makes a referral care in the same province.
In the information processing system of the hospital
Hs, the user node As, o of transmitting data transfers
to the hospital Hi. First, the user make an
application, then send the application information
with the network address of Hi and the address of
As. The authentication protocol can be divided into
two steps.
H
→A
,
:
PASSH
,
,domaincert

,S
,
(t
)
(4)
A
,
→H
:PASS
,

,t
,h
,
(t
||t
)
(5)
When
A
s,o
receives the message (4), the
verification process is similar with Different
hospitals of different provinces AKA;
If the inspections succeed, As,o regards Hi as a
legitimate hospital information processing system.
As,o and Hi establish a shared synchronous key:
,,
=̂

(
,

,

(PASS

))
Join the timestamp t1 and the renewal timestamp t2
together, using one-way hash function such as SHA-
1to receive the complete code. Then encrypt
,,
,
and sent it to
i
H
together with
2
t
and PASS
,

.
After receiving (5),
i
H
checks that
,,
2
so
MoH
A
PASS
does not expired and
2
t
is fresh enough. If so, it
computes a shared key as
,,
=̂

(
,
,

(PASS
,

)).
According to the chapter two, only if As,o is
legitimate, the
,,
and
0
is equal.
=e

K
,

,H

PASS


=e

 H

PASS

,H

PASS
,


β

=
,,
4 SAFETY ANALYSIS
In connection with the security problem of Health
monitoring system, we analysis the security of this
protocol as follows:
1. It achieves mutual authentication between the
hospital information processing system and clients,
and it have a stronger ability of Anti-counterfeit
attack. In order to masquerade a client, an attacker
must find one public-private key based on IBC to
meet the equation:
, 1,
()
Ai j
MoH MoH MoH MoH
ij
KHPASSA
b=
.
Although only using a small number of discrete
logarithm, it has not reduce the difficulty of cracking
the Public-private key, and is very suitable for these
devices whose computing power is relatively weak.
Although an attacker can easily obtain public key,
the access of a attacker to the private key must
calculate domain secrets
b
in terms of domain
parameters. According to difficulty of calculate
discrete logarithm in additive groups, it is very
difficult to success in the limited time.
2. Achieve anti-replay attacks. Synchronous
authentication is introduced, which requires the
certification entities to maintain a synchronous clock
strictly. This paper employs timestamps to prevent
replay attacks, the protocol timestamp for
authentication is provided by the counterpart
,,
so i
AH
K
SCHEME OF AUTHENTICATION OF HEALTH MONITORING SYSTEM BASED ON CREDIT CARD
MECHANISM
353
involved in authentication each time, even if
intercepting the original information, an attacker
can’t implement replay attacks since each timestamp
used for authentication is different.
3. To prevent the security risks caused by the
session key generated by the communicator. As the
protocol known, session key generation is actually
using the calculation difficulty of the discrete
logarithm in finite field, and this algorithm can make
two client securely exchange a key to encrypt the
message.
5 CONCLUSIONS
The text, which is intended for health monitoring
system with secure authentication problems, designs
authentication and key agreement system framework
based on the credit card mechanism, and deals with
authentication methods used by clients in referral
care between different hospitals of different
provinces and between different hospitals of the
same province. They are both mutual authentication.
This security system can also defend against
counterfeit attack, location privacy attacks and
replay attacks. Encryption technology based on
identity is designed to lower the length of the
certificate, which can effectively save bandwidth
resources. It adapted to resource-constrained
characteristics of medical sensors.
ACKNOWLEDGEMENTS
This work is supported by the National Natural
Science Foundation of China (No. 61072039) and
(No. 61003250), the Beijing Municipal Natural
Science Foundation (No.4102040).
REFERENCES
European Telecommunications Standards Institute (ETSI),
1993. GSM 2.09: Security aspects.
Perkins C., 2002. IP mobility support for IPv4, RFC 3344.
Jianhu He, Qingli Zhou, Hui Tian, 2008. IHE laboratory
technical framework, Chinese Journal of Medical
Instrumentation. 32(6):449~452.
Mathis. H, Jun 1956. Bilinear Transformations, Circuit
Theory. 3, Issue:2
Mao, W., 2004. An identity-based non-interactive
authentication framework for computational grids.
Hewlett-Packard Laboratories, Technical Report
HPL-2004-96.
Trusted platform module (TPM) security policy. http://
www.trustedcomputinggroup.org.
Yanchao Zhang, Yuguang Fang, 2006 ARSA: An Attack-
Resilient Security Architecture for Multihop WMNs,
IEEE,
Zhu, H., Lin, X., Lu, R., Ho, P.-H., & Shen, X, 2008. Slab:
Secure localized authentication and billing scheme for
wireless mesh networks. IEEE Transactions on
Wireless Communications, 7(10), 3858–3868
A. Shamir, 1984. Identity based cryptosystems and
signature schemes, in Lecture Notes in Computer
Science. Berlin, Germany: Springer-Verlag,
ITU-T 1989. Authentication Framework, ITU-T
Recommendations X.509, ITU, Geneva,
ICEIS 2011 - 13th International Conference on Enterprise Information Systems
354