Lee Cheng-Chi, Hsu Che-Wei, Lai Yan-Ming, Vasilakos Athanasios
Department of Library and Information Science, Fu Jen Catholic University, 510 Jhongjheng Rd., Sinjhuang Dist., New Taipei City, 24205, Taiwan, Republic of China,
J Med Syst. 2013 Oct;37(5):9973. doi: 10.1007/s10916-013-9973-0. Epub 2013 Sep 10.
Mobile Healthcare (m-Healthcare) systems, namely smartphone applications of pervasive computing that utilize wireless body sensor networks (BSNs), have recently been proposed to provide smartphone users with health monitoring services and received great attentions. An m-Healthcare system with flaws, however, may leak out the smartphone user's personal information and cause security, privacy preservation, or user anonymity problems. In 2012, Lu et al. proposed a secure and privacy-preserving opportunistic computing (SPOC) framework for mobile-Healthcare emergency. The brilliant SPOC framework can opportunistically gather resources on the smartphone such as computing power and energy to process the computing-intensive personal health information (PHI) in case of an m-Healthcare emergency with minimal privacy disclosure. To balance between the hazard of PHI privacy disclosure and the necessity of PHI processing and transmission in m-Healthcare emergency, in their SPOC framework, Lu et al. introduced an efficient user-centric privacy access control system which they built on the basis of an attribute-based access control mechanism and a new privacy-preserving scalar product computation (PPSPC) technique. However, we found out that Lu et al.'s protocol still has some secure flaws such as user anonymity and mutual authentication. To fix those problems and further enhance the computation efficiency of Lu et al.'s protocol, in this article, the authors will present an improved mobile-Healthcare emergency system based on extended chaotic maps. The new system is capable of not only providing flawless user anonymity and mutual authentication but also reducing the computation cost.
移动医疗保健(m-Healthcare)系统,即利用无线人体传感器网络(BSN)的普适计算智能手机应用程序,最近被提出来为智能手机用户提供健康监测服务,并受到了广泛关注。然而,一个存在缺陷的移动医疗保健系统可能会泄露智能手机用户的个人信息,并导致安全、隐私保护或用户匿名问题。2012年,Lu等人提出了一种用于移动医疗保健紧急情况的安全和隐私保护机会计算(SPOC)框架。出色的SPOC框架可以在移动医疗保健紧急情况下,以最小的隐私泄露机会性地收集智能手机上的资源,如计算能力和能量,以处理计算密集型的个人健康信息(PHI)。为了在移动医疗保健紧急情况下平衡PHI隐私泄露的风险与PHI处理和传输的必要性,在他们的SPOC框架中,Lu等人引入了一种高效的以用户为中心的隐私访问控制系统,该系统基于基于属性的访问控制机制和一种新的隐私保护标量积计算(PPSPC)技术构建。然而,我们发现Lu等人的协议仍然存在一些安全缺陷,如用户匿名性和相互认证。为了解决这些问题并进一步提高Lu等人协议的计算效率,在本文中,作者将提出一种基于扩展混沌映射的改进型移动医疗保健紧急系统。新系统不仅能够提供完美的用户匿名性和相互认证,还能降低计算成本。
