=Paper=
{{Paper
|id=Vol-1353/paper_26
|storemode=property
|title=A Generalized Protocol for Mobile Authentication in Healthcare Systems
|pdfUrl=https://ceur-ws.org/Vol-1353/paper_26.pdf
|volume=Vol-1353
|dblpUrl=https://dblp.org/rec/conf/maics/ReinsmidtY15
}}
==A Generalized Protocol for Mobile Authentication in Healthcare Systems==
https://ceur-ws.org/Vol-1353/paper_26.pdf
A Generalized Protocol for Mobile Authentication in Healthcare Systems
Eric Reinsmidt
The University of Tennessee
eric@reinsmidt.com
Li Yang
The University of Tennessee at Chattanooga
li-yang@utc.edu
Abstract all share in common that they require a person’s EHR data
The trend of handheld, mobile devices being used increas- to be kept secure. These regulations coupled with the ne-
ingly in the collection and transmittance of electronic cessity of a mobile device to communicate over a wireless
healthcare records (EHR) provides a particularly sensitive network create some unique challenges in ensuring the
area in which data must be kept private and secure. This ar-
secure transfer of EHR in mobile healthcare applications.
ticle discusses current methods for mobile authentication in
EHR schemes. Their limitations in regards to EHR are ex-
amined. These methods are then contrasted against the cur- To keep an individual’s EHR secure while using a mo-
rent landscape of threats that are emerging in the realm of bile device, data transmission must take place on a secure
mobile computing. In addition, a generalized improvement channel. In addition it is necessary to not only authenticate
over current approaches is introduced for further study.
the person using the device. The device itself as well as
any server it is communicating with must be authenticated.
Introduction This article focuses on current methods of authentication in
mobile networks when dealing with EHR. We also discuss
The computing landscape is shifting toward mobile plat- a generalized method whereby a mobile device, the user of
forms with an increasing number of smart devices used as the device, and any other devices the mobile device com-
the preferred method of computing as compared to tradi- municates with, e.g. a remote server, can all be successful-
tional devices. Along with this shift, there has been a pro- ly authenticated while creating a secure channel for com-
liferation of healthcare and well-being applications being munication at the same time.
developed for mobile devices. Because of the ability of
these devices to potentially collect or transmit EHR to a
remote server, special care must be taken to ensure that the Background
user of a mobile application does not risk having their EHR In the past few years the landscape of computing has seen
compromised through eavesdropping or alteration. a paradigm shift in the manner of devices consumers are
choosing to purchase. There has been an increasing
Several agencies around the world regulate exactly how movement to mobile devices from more traditional devices
a person’s EHR, or sometimes more generally any personal such as the desktop PC or notebook. In 2013, 968 million
information, must be protected. In the United States, regu- smartphones and 195 million tablets were sold. That repre-
lation of EHR falls under the The Health Insurance Porta- sents a 46% year to year increase with 2012 sales at 796
bility and Accountability Act of 1996 (HIPAA). In Canada, million units of smart devices in total. (Gartner, Inc.,
except where superseded by local privacy regulation, the 2014a) Of that increase in sales of smart devices, tablets
Personal Information Protection and Electronic Documents saw the largest growth year to year. With sales of 116 mil-
Act (PIPEDA) regulates collection, use and disclosure of lion in 2012, tablets increased by 68% reaching 195 mil-
any personal information. Across the European Union, EU lion units sold throughout 2013. (Gartner, Inc., 2014b)
Directive 95/46/EC deals with the regulation of how per-
sonal data is processed. While some of these regulations This increase in smart device sales is contrasted by de-
are more generalized than dealing strictly with EHR, they clining sales in the traditional PC market, including desk-
�top PCs, notebooks, and ultramobiles. In 2013 traditional timestamp, and so is protected against replay attacks as the
PCs had declining sales, with a decrease in units from 341 timestamp must be recent to enter the system. It is also
million in 2012 to 299 million units in 2013, a 12.3% de- resistant to guessing attacks and impersonation attacks.
cline. (Gartner, Inc., 2014c) However through its use of multiple physically accessible
nodes to collect data, there is the possibility of data loss
Since mobile devices rely upon wireless network con- due to node theft. In addition the system requires a user to
nections as their primary means of communication, there carry not only a mobile device but also an authentication
are two important attack vectors with which a mobile de- token. Loss of either device leaves the user unable to ac-
vice must be able to protect against. The first type of attack cess the system. Most importantly, the system is designed
vector is eavesdropping. As stated by Goodrich and only for healthcare providers such as physicians or clini-
Tamassia (2011) eavesdropping is “the interception of in- cians to access the system. There is no mechanism to allow
formation intended for someone else during its transmis- a patient to access the system.
sion over a communication channel.” (p. 14). In the case of
a mobile device the most likely form of eavesdropping is
The secure solution provided by Mirkovic et al. is a very
through packet sniffing performed by a network interface well-thought-out system. It provides multifactor authenti-
card (NIC) that is set to promiscuous mode on the same cation and can be used on any mobile platform and with
network as the mobile device. (Ansari et al. 2003) The se- any mobile provider, which is a distinct advantage. The
cond attack vector, alteration, would most likely take ad- system also provides for a high level of usability. The solu-
vantage of a mobile device through a man-in-the-middle tion is also robust against session hijacking attacks and in
(MITM) attack. Alteration is the modification of data by general is secure due to the multifactor authentication.
someone who is not authorized to do so. (Goodrich & However the system also uses a multistep process for au-
Tamassia, 2011) thentication using multiple servers and requires an SMS
message to be sent. Because of this there are increased
While there have been changes in users' computing pref- monetary and temporal costs.
erences, there has at the same time been a push towards
widespread adoption of EHR being implemented. In the The proposed protocol for mobile authentication
US 44.4% of non-federal acute care hospitals had some
A generalized secure protocol is proposed below that al-
sort of basic EHR system implemented in 2012 compared
lows authentication of all actors in a transaction of EHR
with 9.4% in 2008. In that same grouping of hospitals, cer-
between a mobile device and a remote server. A secure
tified EHR systems increased from 71.9% in 2011 to
channel is also created during the authentication process. It
85.2% in 2012. (The Office of the National Coordinator for
does not require any additional physical hardware such as
Health Information Technology, 2013) an authentication token. In addition the transaction takes
place between a single remote server and a mobile device
To deal with the rise of mobile computing and EHR, and so has a reduced cost associated with the proposed
novel approaches have been devised to allow authentica- system.
tion of a healthcare system’s users. Hsiao et al. describe a
system that uses a two-factor authentication scheme with
The protocol uses a Diffie-Hellman (DH) key exchange
the use of a password and a smart card, both of which are
for creation of an encryption key. However the DH key
used in conjunction with a mobile device. (Hsiao et al.
exchange does not provide for authentication; it is an
2012) A different form of multifactor authentication is
anonymous exchange. To add authentication into the sys-
discussed by Mirkovic et al. whereby a mobile device and
tem, a Rivest Shamir Adleman (RSA) public-key cryp-
its user are authenticated through the use of a personal
tosystem is introduced. This allows both the mobile device
identification number (PIN), and a short message service
and remote server to authenticate the identity of the other
(SMS) message. In addition an identity server and authen-
and at the same time create a private symmetric session
tication provider server are required as well as connection
key that can be used for the encryption and decryption of
to the service provider. (Mirkovic et al. 2011) data that is transmitted. On every connection between a
mobile device and remote server a unique session key is
A generalized protocol for mobile authentica- created, preventing replay attacks. In addition impersona-
tion attacks are not possible unless either the mobile device
tion in health care systems or the remote server has had their private RSA key com-
promised.
Issues of existing authentication systems
The system proposed by Hsiao et al. is a robust system. The protocol has multiple steps involved in creating this
The system is designed to deal with many types of attacks. secure channel while also authenticating the mobile device
It uses a one way hashing function that incorporates a and the remote server:
� mobile device knows there is a malicious user on the other
(1) After a mobile device opens a socket with the listening end impersonating the remote server and so closes the
server, the server responds with its public portion of the socket, terminating communication.
DH exchange, g ! mod p, which is calculated with its secret
y. If everything did match though, both devices have been
authenticated. In addition there is a one-time symmetric
(2) The mobile device takes this value, raises it to the pow- encryption/decryption key K, which can be used only dur-
er of its secret x, and uses the resulting value to calculate ing this session. This provides a means for the two authen-
the key K, a SHA-256 hash. K is then used as a symmetric ticated devices to communicate on an encrypted, secure
encryption/decryption key using the advanced encryption channel. It is important to note that both the server and the
standard (AES) employing any of the modes stronger than mobile device have to have knowledge of the other’s pub-
electronic codebook (ECB) as it is susceptible to side lic key. As with any public/private key system, if the pri-
channel attacks. The mode chosen may depend on the data vate key of either has been compromised, impersonation
being sent. For example, if the mobile device is being used can occur by an attacker. Once the mobile device and
to send streaming sensor data from the device as part of a cloud server have been authenticated and a secure channel
diagnostic tool, then a mode such as counter (CTR), output has been setup for communication, a human user can enter
feedback (OFB), or cipher feedback (CFB) may be desira- their password. Figure 1 shows a sequence diagram of the
ble. The mobile device then signs the server’s public DH secure channel creation as well as the authentication of
value with its private key after which it encrypts the result- both the mobile device and remote server.
ing value with K. This is then sent to the remote server
along with the mobile device’s public portion of the DH Only after the mobile device and remote server are au-
exchange, g ! mod p, which has been calculated with the thenticated can the user authenticate them self. Instead of a
mobile device’s secret, x. typical text based password a visual password can be used.
Visual passwords are advantageous in that they can be
(3) After the server receives this information from the mo- more easily retained mentally compared with a text-based
bile device it can calculate the symmetric encryp- password and PIN. (Duncan et al. 2004) A study done at
tion/decryption key K by hashing the value resulting from Carleton University showed that a visual password system
raising the mobile device’s public portion of the DH ex- had login accuracy rates of 96%. (Chiasson et al. 2007)
change to it secret y with SHA-256. After the server has
calculated K it can use the key to decrypt what was sent There are many types of visual password systems. An
from the mobile device. The decrypted value is the server’s image can simply be mapped to a numerical value and the
public portion of the DH exchange signed with the private resulting array of numerical values can be compared
RSA key of the mobile device. By using the public RSA against a stored password array. A visual password system
key of the mobile device to decrypt this, the server should can consist of a small number of images, but by allowing
be able to then compare its public portion of the DH ex- password elements to consist of multiple images a large
change with the resulting value. If the two values match, alphabet size can be achieved. Using this technique Jansen
the server knows two things: the encryption/decryption key et al. were able to create an alphabet size of 930 from a
K which can be used for secure channel communication, field of 30 images. Using this method an eight entry pass-
and it knows that the mobile device is indeed who it says it word would have the equivalence of a 12 character text
is and so is authenticated. If however the values do not password using the 95 ASCII printable characters. (Jansen
match, it can then be assumed that an impostor was con- et al. 2003) Another method of a visual password system
tacting the server and hence the connection is dropped. was described by Chiasson et al. whereby a single image
was used and the user would have to click on different po-
Assuming the values did however match, the server sitions within the image. Depending on the resolution of
signs the mobile device’s public portion of the DH ex- the image and the screen size of the device this could lead
change with the server’s private RSA key, and encrypts to a very large alphabet from which to create a password.
that data with the symmetric encryption/decryption key K However visual passwords and similarly textual passwords
and sends this to the mobile device. can be susceptible to shoulder-surfing attacks.
(4) The mobile device uses encryption/decryption key K to Our protocol would use a different type of visual pass-
decrypt the data received, after which it uses the server’s word system. Wiedenbeck et al. proposed and implement-
public RSA key to decrypt the result from the previous ed a visual password system that is resistant to shoulder-
step. If the final result of this matches the mobile device’s surfing attacks. (Wiedenbeck et al. 2006) The password
public portion of the DH exchange, then the mobile device system works by presenting users with multiple challenge-
now knows that the server is who it says it is and hence has response rounds. A user is shown a screen with multiple
been authenticated. If the two values do not match, then the images displayed. Of those displayed images only a small
�number, n, are actual elements of the user’s password. The know. While this does require a longer login time the add-
user must click within the n-gon created by the user’s ed security against a should-surfing attack makes it worth-
password elements. By having several of these rounds in a while.
row the system is using zero-knowledge authentication by
the user never actually giving away the secret that they
Figure 1. Secure Channel and Authentication Protocol Sequence Diagram
� Gartner, Inc. (2014c, January 7). Gartner Says Worldwide
Traditional PC, Tablet, Ultramobile and Mobile Phone Shipments
Future Research Directions On Pace to Grow 7.6 Percent in 2014. Retrieved October 20,
2014, from http://www.gartner.com/newsroom/id/2645115
There will be continued growth in the mobile healthcare
field. As this field continues to expand research opportuni- Goodrich, M. T., & Tamassia, R. (2011). Introduction to Com-
ties will continue. Smart devices continue to increase in puter Security. Boston: Pearson Education, Inc.
popularity, and hence there is a wide swath of de-
mographics that use these smart devices. Because of this,
Hsiao, T.-C., Liao, Y.-T., Huang, J.-Y., Chen, T.-S., & Horng,
usability will continue to be a key component of mobile G.-B. (2012). Secure Authentication Scheme for Supporting
healthcare applications. Further research may include an Healthcare in Wireless Sensor Networks. 2012 26th International
actual implementation of this proposed system as well as a Conference on Advanced Information Networking and Applica-
study of its usability and performance. In addition there is tions Workshops (WAINA), (pp. 502-507). Fukuoka.
growing interest in using mobile devices as sensors. Smart
devices are able to capture a wealth of information and so Jansen, W., Gavrila, S., Korolev, V., Ayers, R., & Swanstrom, R.
data collection is another area of growth within mobile (2003). Picture Password: A Visual Login Technique for Mobile
healthcare. Devices. National Institute of Standards and Technology Inter-
agency Report, National Institute of Standards and Technology,
Gaithersburg,.
Conclusion
Mirkovic, J., Bryhni, H., & Ruland, C. (2011). Secure solution for
Because of regulation such as HIPPA, PIPEDA, and the
mobile access to patient's health care record. 2011 13th IEEE
EU Directive 95/46/EC mobile applications that deal with International Conference on e-Health Networking Applications
EHR must ensure that a user’s data is kept secure from and Services (Healthcom), (pp. 296-303). Columbia.
endpoint to endpoint as well as during storage. In regards
to healthcare systems, authentication of mobile devices and
The Office of the National Coordinator for Health Information
users is of great importance. In this article, we have exam- Technology. (2013, March). Adoption of Electronic Health Rec-
ined some existing methodologies of authentication on ord Systems among U.S. Non-federal Acute Care Hospitals:
mobile devices in regards to EHR, and how those method- 2008-2012 . Retrieved October 4, 2013, from
ologies can improved upon. In addition, a generalized solu- http://www.healthit.gov/sites/default/files/oncdatabrief9final.pdf
tion for creating a secure channel for a mobile device to
send EHR to a remote server has been introduced that is Wiedenbeck, S., Waters, J., Sobrado, L., & Birget, J.-C. (2006).
robust against many types of attacks. Design and Evaluation of a Shoulder-Surfing Resistant Graphical
Password Scheme. 2006 Proceedings of the working conference
on Advanced visual interfaces (AVI), (pp. 177-184). New York
References City.
Ansari, S., Rajeev, S., & Chandrashekar, H. (2003, January 22).
Packet sniffing: a brief introduction. IEEE Potentials, pp. 17-19.
Chiasson, S., van Oorschot, P. C., & Biddle, R. (2007). Graphical
Password Authentication Using Cued Click Points. 12th Europe-
an Symposium On Research In Computer Security, (pp. 359-
374). Dresden.
Duncan, M. V., Akhtari, M. S., & Bradford, P. G. (2004, May).
Visual Security for Wireless Handheld Devices. unpublished.
Gartner, Inc. (2014a, February 13). Gartner Says Annual
Smartphone Sales Surpassed Sales of Feature Phones for the First
Time in 2013. Retrieved October 20, 2014, from
http://www.gartner.com/newsroom/id/2665715
Gartner, Inc. (2014b, March 3). Gartner Says Worldwide Tablet
Sales Grew 68 Percent in 2013, With Android Capturing 62
Percent of the Market. Retrieved October 20, 2014, from
http://www.gartner.com/newsroom/id/2674215
�