CIMS Research Center, Tongji University, Shanghai, China.
J Med Syst. 2012 Aug;36(4):2609-19. doi: 10.1007/s10916-011-9735-9. Epub 2011 May 19.
The telecare medicine information system enables or supports health-care delivery services. A secure authentication scheme will thus be needed to safeguard data integrity, confidentiality, and availability. In this paper, we propose a generic construction of smart-card-based password authentication protocol and prove its security. The proposed framework is superior to previous schemes in three following aspects : (1) our scheme is a true two-factor authentication scheme. (2) our scheme can yield a forward secure two-factor authentication scheme with user anonymity when appropriately instantiated. (3) our scheme utilizes each user's unique identity to accomplish the user authentication and does not need to store or verify others's certificates. And yet, our scheme is still reasonably efficient and can yield such a concrete scheme that is even more efficient than previous schemes. Therefore the end result is more practical for the telecare medicine system.
远程医疗信息系统支持或提供医疗服务。因此,需要安全的身份验证方案来保护数据的完整性、机密性和可用性。在本文中,我们提出了一种基于智能卡的密码身份验证协议的通用构造,并证明了其安全性。与以前的方案相比,所提出的框架在以下三个方面具有优势:(1)我们的方案是真正的双因素身份验证方案。(2)我们的方案可以在适当实例化时生成具有用户匿名性的前向安全双因素身份验证方案。(3)我们的方案利用每个用户的唯一标识来完成用户身份验证,并且不需要存储或验证他人的证书。然而,我们的方案仍然具有相当高的效率,并且可以生成比以前的方案更有效的具体方案。因此,对于远程医疗系统来说,最终结果更实用。
