A Password-Based User Authentication Scheme for the Integrated EPR Information System

Wu, Zhen-Yu; Chung, Yu-Fang; Lai, Feipei; Chen, Tzer-Shyong

doi:10.1007/s10916-010-9527-7

Cited by 37 publications

(16 citation statements)

References 23 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2012, Wu et al [33] first presented an efficient user authentication technique for an integrated EPR information system. They used lightweight operations in their protocol including one-way hash operations and bitwise XOR operations in order to enhance efficiency.…”

Section: Introductionmentioning

confidence: 99%

“…They used lightweight operations in their protocol including one-way hash operations and bitwise XOR operations in order to enhance efficiency. However, Lee et al [34] pointed out that Wu et al [33] overlooked the possibility of stolen smart card attack through power consumption analysis [35]. Lee et al [34] then suggested an improved version that addressed the issue of Wu et al’s [33] technique.…”

Section: Introductionmentioning

confidence: 99%

“…However, Lee et al [34] pointed out that Wu et al [33] overlooked the possibility of stolen smart card attack through power consumption analysis [35]. Lee et al [34] then suggested an improved version that addressed the issue of Wu et al’s [33] technique. However, Wen [36] demonstrated that Lee et al’s scheme [34] still had some weaknesses, such as off-line password guessing attacks and user impersonation attacks, and proposed an enhanced new strategy.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

et al. 2017

View full text Add to dashboard Cite

Nowadays, many hospitals and medical institutes employ an authentication protocol within electronic patient records (EPR) services in order to provide protected electronic transactions in e-medicine systems. In order to establish efficient and robust health care services, numerous studies have been carried out on authentication protocols. Recently, Li et al. proposed a user authenticated key agreement scheme according to EPR information systems, arguing that their scheme is able to resist various types of attacks and preserve diverse security properties. However, this scheme possesses critical vulnerabilities. First, the scheme cannot prevent off-line password guessing attacks and server spoofing attack, and cannot preserve user identity. Second, there is no password verification process with the failure to identify the correct password at the beginning of the login phase. Third, the mechanism of password change is incompetent, in that it induces inefficient communication in communicating with the server to change a user password. Therefore, we suggest an upgraded version of the user authenticated key agreement scheme that provides enhanced security. Our security and performance analysis shows that compared to other related schemes, our scheme not only improves the security level, but also ensures efficiency.

show abstract

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

et al. 2017

View full text Add to dashboard Cite

show abstract

“…Most hospitals or medical institutes have well developed Electronic patient records (EPRs) for e-medicine during the last decade and the technology for EPRs remains as one of the most popular researches in e-medicine. The ultimate aim of EPRs is to allow the sharing of patients' medical histories scattered among medical institutions through the Internet [1]. However, data-sharing brings the problem of data being eavesdropped, stolen or destroyed.…”

Section: Introductionmentioning

confidence: 99%

An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System

Chen

2011

J Med Syst

View full text Add to dashboard Cite

In e-medicine system, the sharing of patients' medical histories scattered among medical institutions through the Internet is highly desirable. The most immediate cryptographic need certainly is an efficient key management method to solve dynamic access problems in a user hierarchy. In this paper, we propose a practical solution for dynamic access problem in a user hierarchy based on hybrid cryptosystems. When compared with Nikooghadam et al.'s scheme proposed most recently, the time complexity and the required storage space is reduced significantly. Moreover, it provides provable security, and is easy to implement. Therefore, our scheme is more suitable for e-medicine system.

show abstract

“…In order to prevent illegal users from visiting the remote server, secure strategies over an insecure network are concerned. Several relevant user authentication schemes and secret-key distribution protocols have been proposed [7][8][9][10][11], in which the password-based authentication mechanism is employed mostly because of its efficiency [12][13][14]. Under such mechanism, each user is allowed to select personal password and keep in mind without any additional assistant device for further authentication processes.…”

Section: Introductionmentioning

confidence: 99%

A Reliable User Authentication and Key Agreement Scheme for Web-Based Hospital-Acquired Infection Surveillance Information System

Tseng

Chung

et al. 2011

J Med Syst

Self Cite

View full text Add to dashboard Cite

With the rapid development of the Internet, both digitization and electronic orientation are required on various applications in the daily life. For hospital-acquired infection control, a Web-based Hospital-acquired Infection Surveillance System was implemented. Clinical data from different hospitals and systems were collected and analyzed. The hospital-acquired infection screening rules in this system utilized this information to detect different patterns of defined hospital-acquired infection. Moreover, these data were integrated into the user interface of a signal entry point to assist physicians and healthcare providers in making decisions. Based on Service-Oriented Architecture, web-service techniques which were suitable for integrating heterogeneous platforms, protocols, and applications, were used. In summary, this system simplifies the workflow of hospital infection control and improves the healthcare quality. However, it is probable for attackers to intercept the process of data transmission or access to the user interface. To tackle the illegal access and to prevent the information from being stolen during transmission over the insecure Internet, a password-based user authentication scheme is proposed for information integrity.

show abstract

A Password-Based User Authentication Scheme for the Integrated EPR Information System

Cited by 37 publications

References 23 publications

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

An Improved and Secure Anonymous Biometric-Based User Authentication with Key Agreement Scheme for the Integrated EPR Information System

An Efficient Key-Management Scheme for Hierarchical Access Control in E-Medicine System

A Reliable User Authentication and Key Agreement Scheme for Web-Based Hospital-Acquired Infection Surveillance Information System

Contact Info

Product

Resources

About