Passwordless Authentication in Mobile e-health using a Secure Boot Non-regenerated Unique Identity and NFC

Nazhatul Hafizah Kamarudin; Yusnani Mohd Yussoff and Habibah Hashim

doi:10.17485/ijst/2016/v9iS1/106842

Article

Passwordless Authentication in Mobile e-health using a Secure Boot Non-regenerated Unique Identity and NFC

VIEWS 774
PDF 366

Abstract
Full-Text HTML
Full-Text PDF
How to Cite

Indian Journal of Science and Technology

DOI: 10.17485/ijst/2016/v9iS1/106842

Year: 2016, Volume: 9, Issue: Special Issue 1, Pages: 1-9

Original Article

Passwordless Authentication in Mobile e-health using a Secure Boot Non-regenerated Unique Identity and NFC

Nazhatul Hafizah Kamarudin^*, Yusnani Mohd Yussoff and Habibah Hashim

Electrical Engineering Department, University Technology MARA, 40450 Shah Alam, Malaysia; [email protected]
[email protected]
*Author for correspondence
Nazhatul Hafizah Kamarudin
Electrical Engineering Department
Email: [email protected]

This work is licensed under a Creative Commons Attribution 4.0 International License.

Abstract

Mobile e-health is a current application where people can connect with healthcare services through sensor nodes and wireless communication. Existing e-health architecture depends on a third party server in order to get connected with the hospitals. Therefore, it adds up to a security hole in the e-health architecture. Objectives: The objective of this paper is to develop a secured password less authentication protocol for mobile e-health system and to eliminate the need for a third party server. Methods/Statistical Analysis: A non-regenerated unique identity for the e-health sensor node is generated through a secure boot process and the unique value will be used as the sensor node identity. EHEART prototype is designed and e-health server is established. Near Field Communication (NFC) ring is used in this mobile e-health system to enhance the security layer of the proposed authentication protocol. Study was conducted in a closed environment with no exposure to attackers. Findings: The project results demonstrate the development of a secured passwordless authentication for e-health system. By implementing the near field communication in the e-health system, it can reduce the energy consumption where the Bluetooth module will only be automatically turned on when the mobile device is being touched by the NFC ring. EHEART application does not need any username and password combination for login request and authentication process. Formal analysis method AVISPA and SPAN is used to analyse the reliability and the security of the proposed system and it is proven to be secured from replay attack, node cloning and password break attack. Application/Improvements: The outcome form the research will ensure secure connectivity or environment in the e-health monitoring system without depending anymore on a password and third party server. NFC ring in the system will help reduce the power consumption of the mobile device.
Keywords: Mobile e-health, Passwordless Authentication, Secure Boot, Unique Identity