Patients' Data Management System Protected by Identity-Based Authentication and Key Exchange

Sensors (Basel). 2017 Mar 31;17(4):733. doi: 10.3390/s17040733.


A secure and distributed framework for the management of patients' information in emergency and hospitalization services is proposed here in order to seek improvements in efficiency and security in this important area. In particular, confidentiality protection, mutual authentication, and automatic identification of patients are provided. The proposed system is based on two types of devices: Near Field Communication (NFC) wristbands assigned to patients, and mobile devices assigned to medical staff. Two other main elements of the system are an intermediate server to manage the involved data, and a second server with a private key generator to define the information required to protect communications. An identity-based authentication and key exchange scheme is essential to provide confidential communication and mutual authentication between the medical staff and the private key generator through an intermediate server. The identification of patients is carried out through a keyed-hash message authentication code. Thanks to the combination of the aforementioned tools, a secure alternative mobile health (mHealth) scheme for managing patients' data is defined for emergency and hospitalization services. Different parts of the proposed system have been implemented, including mobile application, intermediate server, private key generator and communication channels. Apart from that, several simulations have been performed, and, compared with the current system, significant improvements in efficiency have been observed.

Keywords: Android; NFC; identity-based authentication and key exchange; identity-based cryptosystem; keyed-hash message authentication code; mHealth.

MeSH terms

  • Communication
  • Computer Security
  • Confidentiality
  • Information Systems*
  • Telemedicine