Exploring Authentication Scopes in Digital Healthcare
摘要
The rapid adoption of Wireless Sensor Networks (WSN) and Internet of Things (IoT) technologies in healthcare has highlighted the need for secure, efficient, and user-friendly authentication protocols. Traditional password-based methods are increasingly inadequate, particularly for elderly users who may struggle with complex login procedures. This study presents the development of a secure, passwordless authentication protocol specifically designed for mobile e-health systems, addressing critical challenges related to identity verification, privacy, and data security. By leveraging a two-tier mobile e-health architecture that removes the dependency on third-party servers, this protocol enhances both system reliability and data confidentiality. The protocol uses non-regenerated unique identities of e-health sensor nodes, validated through a secure cryptographic boot process, effectively mitigating the risks of node cloning attacks and unauthorized access. Formal validation was conducted using HLPSL, AVISPA, and SPAN tools, demonstrating the protocol’s robustness against replay and node cloning attacks. The approach also reduces the need for complex key management processes and is designed with energy efficiency in mind, making it well-suited for resource-constrained e-health environments. This authentication framework supports seamless access for users, particularly benefiting elderly populations, while simultaneously reinforcing security measures within the mobile e-health infrastructure. The findings contribute to advancing a more secure, practical, and accessible mobile e-health authentication system that meets the demands of modern healthcare applications and enhances user experience.