Three-factor UCSSO scheme with fast authentication and privacy protection for telecare medicine information systems

Abstract

Electronic healthcare (e-health) has gained more and more research attention in recent years, due to its flexibility and convenience. E-health is efficiently enabled by telecare medicine information system (TMIS). TMIS provides seamless transfer and timely sharing of medical information for specific healthcare services. Since communications in TMIS are carried out through unreliable channels, data security and user privacy concerns become prominent. With traditional single-server architecture, users must store massive credentials, which causes inefficient communication and significant overhead. Moreover, user credentials in previously proposed schemes are stored at server side, suffering potential risks. Our work proposes a three-factor user-controlled single sign-on (UCSSO) with fast authentication and privacy protection for TMIS. The contributions of this paper are as follows. Our work integrates three factors including password, smart card and biometrics in authentication procedure, for providing a high-security and privacy-preserved communication. We introduce single sign-on solution that allows users to log in to multiple servers using a single password. User-controlled mechanism is proposed to address insider attacks and the risk that registration center may be compromised. The proposed scheme is designed with fast authentication mechanism that helps to efficiently establishes new session key. Our work is proved secure using BAN logic, ROR model, and AVISPA toolset. The results of performance comparison show that our scheme provides more security properties and bears the least overhead, compared with competitive schemes.