A Scheme for Improvement of Security and Privacy in Mobile Health Systems by Using SIM Card

Document Type : Original Article

Authors

shahed university

Abstract

Nowadays, mobile devices are going to be widely used in the field of e-health services. Therefore, the security and privacy of users in e-health are considered as major challenges. Due to accessibility nature of mobile, multiple communication capabilities and malware expansion, security in this area is facing major challenges. This article provides a solution to improve the security and privacy of mobile health on smartphones. Accordingly, a mechanism is proposed for obtaining a health SIM card by the applicants. Here, some communication protocols necessary in different treatment settings are provided to enhance the security of transactions between healthcare providers and patients who use mobile phones. Considering the importance of reducing the computational overhead, the elliptic curve cryptography is applied in the      proposed protocols. In addition to security, attention has also been paid to anonymity and privacy of      patients. Furthermore, a solution is provided for secure storage of information. Finally, the proposed plan is compared with other studies, and the computational overhead is evaluated and the security of the        protocols is proved by Avispa tools.
 

Keywords


[1]    L. DeNardis, “Standards and eHealth,” ITU-T Technology watch report, 2011.##
[2]    E. H. Shortliffe and J. J. Cimino, “Biomedical informatics: computer applications in health care and biomedicine,” Springer-Verlag London, 2014.##
[3]    M. Kay, J. Santos, and M. Takane, “mHealth: New horizons for health through mobile technologies,” 2011.##
[4]    F. Zubaydi, A. Saleh, F. Aloul, and A. Sagahyroon, “Security of mobile health (mHealth) systems,” in Bioinformatics and Bioengineering (BIBE), 2015 IEEE 15th International Conference on, pp. 1-5, 2015.##
[5]    S. A. Basheer, “QUESTION 14-2/2: Mobile eHealth solutions for Developing Countries,” International Telecommunication Union, 2010.##
[6]    D. Kotz, S. Avancha, and A. Baxi, “A privacy framework for mobile health and home-care systems,” in Proceedings of the first ACM workshop on Security and privacy in medical and home-care systems, pp. 1-12, 2009.##
[7]    S. Sadki and H. El Bakkali, “Towards        controlled-privacy in e-health: A comparative study,” in Multimedia Computing and Systems (ICMCS), 2014 International Conference on, pp. 674-679, 2014.##
[8]    S. Taremi, M. A. Doostari, S. Hajimohseni, M. Maghsoudloo, and M. Mayabi Joghal, “An Innovative Solution for Preventing Relay Attack on Mobile Phones Using TEE,” Journal of Electronical & Cyber Defence, vol. 6, 2017. (in Persion)##
[9]    M. U. Aslam, A. Derhab, K. Saleem, H. Abbas, M. Orgun, W. Iqbal, et al., “A Survey of Authentication Schemes in Telecare Medicine Information Systems,” Journal of medical systems, vol. 41, p. 14, 2017.##
[10]   I. Kounelis, H. Zhao, and S. Muftic, “Secure Middleware for Mobile Phones and UICC Applications,” in International Conference on Mobile Wireless Middleware, Operating Systems, and Applications, pp. 143-152, 2011.##
[11]   D. Hankerson, A. J. Menezes, and S. Vanstone,Guide to elliptic curve cryptography: Springer Science & Business Media, 2006.##
[12]   D. Sethia, D. Gupta, T. Mittal, U. Arora, and H. Saran, “NFC based secure mobile healthcare system,” in Communication Systems and Networks (COMSNETS), 2014 Sixth International Conference on, pp. 1-6, 2014.##
[13]   A. Lotfi and M. A. Doostari, “A New M-Payment protocol Using SignCryption & Elliptic Curve Cryptography,” Journal of Electronical & Cyber Defence, vol. 1, 2015. (in Persion)##
[14]   S. Ray and G. Biswas, “A Certificate Authority (CA)-based cryptographic solution for HIPAA privacy/security regulations,” Journal of King Saud University-Computer and Information Sciences, vol. 26, pp. 170-180, 2014.##
[15]   S. Ray and G. Biswas, “Design of an efficient mobile health system for achieving HIPAA  privacy-security regulations,” International Journal of Wireless and Mobile Computing, vol. 7, pp.   378-387, 2014.##
[16]   M. A. Doostari, M. Mayabi Joghal, and M. Momeny Tazangi, “Design of Protocol Providing Privacy and Anonymity in E-Health using Public Key Infrastructure,” presented at the 4th International Conference on Applied Research in Computer Engineering & Signal Processing, Tehran, 2016.   (in Persion)##
[17]   S. A. Chaudhry, M. T. Khan, M. K. Khan, and T. Shon, “A multiserver biometric authentication scheme for TMIS using elliptic curve cryptography,” Journal of medical systems, vol. 40, p. 230, 2016.##
[18]   R. Amin, S. H. Islam, G. Biswas, M. K. Khan, and N. Kumar, “An efficient and practical smart card based anonymity preserving user authentication scheme for TMIS using elliptic curve cryptography,” Journal of medical systems, vol. 39, p. 180, 2015.##
[19]   Apple, “iOS security, ios 8.3 or later,” Apple, 2015.##