Cross Domain Handshake Scheme

A Provably-Secure Cross-Domain Handshake Scheme with Symptoms-Matching for Mobile Healthcare Social Network

A Provably-Secure Cross-Domain Handshake

Abstract—With rapid developments of sensor, wireless and mobile communication technologies, Mobile Healthcare Social Networks
(MHSNs) have emerged as a popular means of communication in healthcare services. Within MHSNs, patients can use their mobile
devices to securely share their experiences, broaden their understanding of the illness or symptoms, form a supportive network, and
transmit information (e.g. state of health and new symptoms) between users and other stake holders (e.g. medical center). Despite the
benefits afforded by MHSNs, there are underlying security and privacy issues (e.g. due to the transmission of messages via a wireless
channel). The handshake scheme is an important cryptographic mechanism, which can provide secure communication in MHSNs (e.g.
anonymity and mutual authentication between users, such as patients). In this paper, we present a new framework for the handshake
scheme in MHSNs, which is based on hierarchical identity-based cryptography. We then construct an efficient Cross-Domain
HandShake (CDHS) scheme that allows symptoms-matching within MHSNs. For example, using the proposed CDHS scheme, two
patients registered with different healthcare centers can achieve mutual authentication and generate a session key for future secure
communications. We then prove the security of the scheme, and a comparative summary demonstrates that the proposed CDHS
scheme requires fewer computation and lower communication costs. We also implement the proposed CDHS scheme and three
related schemes in a proof of concept Android app to demonstrate utility of the scheme. Findings from the evaluations demonstrate
that the proposed CDHS scheme achieves a reduction of 18.14% and 5.41% in computation cost and communication cost, in
comparison to three other related handshake schemes.
Index Terms—Mobile healthcare social networks, cross-domain handshake, secure handshake, authentication, elliptic curve, security.

INTRODUCTION
ACcording to Moody’s Investor Service, the world is
facing a ageing challenge where more than 20% of the
world’s population are over 65, partly due to a longer life
span but declining birth rate. For example, it is predicted
that 13 countries will be ”super-aged” by 2020 and 34
countries by 2034 [1]. An aging demographic will be a test
for existing healthcare systems and may place a strain on the
healthcare industry, if technologies do not keep pace with
the changing requirements. Wireless Body Area Networks
(WBANs), for example, can play an active role in supporting
and complementing existing healthcare system.

WBAN is a relatively new network paradigm designed
to provide users with a remote and periodical healthcare
monitor in healthcare system. In WBANs, each patient in
the system wears one or more wireless body sensor nodes
(BSNs). These sensor nodes monitor and collect personal
information (PHI) such as blood pressure, heartbeat, and
temperature, regardless of the patient’s location and condition
(e.g. lying in bed or taking a stroll). Collected PHI will
be sent to a smart mobile device, such as a smart phone, via
bluetooth, cognitive radio or other communication channel
(e.g. WiFi). The mobile smart device will then transmit
the PHI to a remote healthcare center via a 3G/4G or
WiFi network. This allows the medical practitioner (e.g.
medical doctor and specialist) to monitor and understand
the patient’s health condition, and respond to any lifethreatening
situation in real-time (e.g dispatching medical
workers to the patient in the event of a potential heart attack
or a stroke); thus, providing better quality healthcare for
patients. A typical healthcare-monitoring scenario is shown
in Fig.1.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>