Mutual authentication scheme between biosensor device and data manager in healthcare environment

This study suggested a new security method which can be applied to healthcare environment aimed at those geographically living away from hospitals, including the elderly living alone, the handicapped, people living in islands and highlands, and chronic disease patients. In other words, it proposed a new authentication scheme of exchanging safely information between personal health device (PHD) to measure the bio-information of a chronic disease patient at home and data manager (DM) to collect the bio-information from the device. In terms of operations, the proposed scheme features the generation of a random number once by PHD and DM, respectively, two times of XOR operation, and one time of encoding and decoding operation. Therefore, given the low-power characteristic of PHD, it is very efficient. In addition, since a random number is used for encoding and decoding operation, the data to be transmitted is not only variable, but safe from illegal third parties' attacks, including eavesdropping, location-tracking, spoofing, and replay. In particular, the proposed scheme can be applied directly to ISO/IEEE 11073-20601 standard. Therefore, it is judged that the proposed authentication scheme is very useful in the point that it added the mutual authentication function to PHD and DM to implement safer and more efficient e-health environment.