DOI QR코드

DOI QR Code

헬스케어 환경을 위한 칼라 모델 기반의 사용자 인증 키 설립 기법

User Authentication Key Establishment Scheme based on Color Model for Healthcare Environment

  • 정윤수 (목원대학교 정보통신융합공학부)
  • Jeong, Yoon-Su (Dept. of information Communication Convergence Engineering, Mokwon University)
  • 투고 : 2017.01.31
  • 심사 : 2017.03.20
  • 발행 : 2017.03.28

초록

병원의료 서비스는 사용자의 헬스케어 정보를 융합하여 신속한 의료서비스를 사용자에게 제공하거나 의료서비스의 질 개선을 위해서 많은 노력을 하고 있다. 그러나, 최근 연구에서는 사용자의 헬스케어 정보를 유 무선을 통해 병원 서버에 전달하려고 할 때, 사용자의 헬스케어 정보가 노출되는 문제점이 있다. 본 논문에서는 사용자의 헬스케어 정보를 안전하게 전달하기 위한 칼라 모델 기반의 사용자 인증 키 설립 프로토콜 기법을 제안한다. 제안 기법은 칼라 모델에서 사용되는 칼라 정보를 랜덤하게 3개 추출하여 추출된 임의의 정보를 벡터화하여 사용자 인증에 필요한 키 정보를 직교 벡터의 합으로 구함으로써 효율성을 높이는 것을 목적으로 한다. 또한, 제안 기법은 추가적인 암호 알고리즘을 사용하지 않으면서 사용자 인증에 필요한 키 정보를 안전하게 생성할 수 있다. 성능 평가 결과, 제안 기법은 사용자의 헬스케어 정보의 수가 증가할수록 생성된 정보를 처리하는 서버의 시간이 기존 기법보다 평균 8.1% 낮게 나타났으며, 오버헤드는 기존 기법보다 7.7% 낮은 결과를 얻었다.

Hospital medical services are making great efforts to provide prompt medical services to patients or improve the quality of medical services by convergence patient's healthcare information. However, recent research suggests problems about safety and efficiency when trying to transmit patient's healthcare information to hospital server via radio and wireless. In this paper, we propose a color model - based patient authentication key establishment protocol method to securely transmit patient healthcare information. The proposed method extracts randomly three color information used in the color model and vectorizes the extracted arbitrary information to obtain the key information required for user authentication as the sum of orthogonal vectors to improve the efficiency. In addition, the proposed method can securely generate key information used for user authentication without using an additional encryption algorithm. In performance evaluation result, proposed method shows that the server processing time of the sensed information is 8.1% higher than the existing method and 7.7% lower than the existing method.

키워드

참고문헌

  1. Y. S. Jeong, "Medical Information Management Scheme of Healthcare Service Patient through 2-way Access Control", Journal of Digital Convergence, Vol. 14, No. 7, pp. 185-191, Jul. 2016. https://doi.org/10.14400/JDC.2016.14.7.185
  2. Y. S. Jeong, "A Study of An Efficient Clustering Processing Scheme of Patient Disease Information for Cloud Computing Environment", Journal of IT Convergence Society for SMB, Vol. 6, No. 1, pp. 33-38, Mar. 2016. https://doi.org/10.22156/CS4SMB.2016.6.1.033
  3. Y. S. Jeong and S. H. Lee, "A User Privacy Protection Scheme based on Password through User Information Vir tuality in Cloud Computing", Journal of IT Convergence Society for SMB, Vol. 1, No. 1, pp. 29-37, Nov. 2011.
  4. Y. S. Jeong, "An Efficient m-Healthcare Service Model using RFID Technique", Journal of Digital Convergence, Vol. 13, No. 11, pp. 149-156, 2015. https://doi.org/10.14400/JDC.2015.13.11.149
  5. J. E. Lee and S. G. NAh, "An Emprircal Study of Usr Perrceptions on EMR Standardization Leading Medical & IT Convergence", Journal of Digital Convergence, Vol. 13, No. 5, pp. 111-118, 2015. https://doi.org/10.14400/JDC.2015.13.5.111
  6. A. T. Barth, M. a. Hanson, H. C. Powell, and J. Lach, "TEMPO 3.1: A body area sensor network platform for continuous movement assessment", Proc. - 2009 6th Int. Work. Wearable Implant. Body Sens. Networks, BSN 2009, pp. 71-76, June. 2009.
  7. Y. S. Jeong, "An Efficiency Management Scheme using Big Data of Healthcare Patients using Puzzy AHP", Journal of Digital Convergence, Vol. 13, No. 4, pp. 227-233, 2015. https://doi.org/10.14400/JDC.2015.13.4.227
  8. Z. Shelby, K. Hartke, C. Bormann, The Constrained Application Protocol (CoAP), IETF RFC 7252, June 2014.
  9. C. Wanpeng, B. Wei, "Adaptive and dynamic mobile phone data encryption method", Chian Communications, Vol. 11, Issue. 1, pp. 103-109, Jan. 2014.. https://doi.org/10.1109/CC.2014.6821312
  10. R. Madhusudhan, M. Hegde, "Cryptanalysis and Improvement of Remote User Authentication Scheme Using Smart Card", 2016 International conference on Computer and Communication Engineering(ICCCE), pp. 84-89, 2016.
  11. C. Chen, Y. Wang, H. Yu, x. H. Qiang, "The RFID mutual authentication scheme based on ECC and OTP authentication", 2016 IEEE International Conference on Ubiquitous Wireless Broadband (ICUWB), pp. 1-4, 2016.
  12. G. Yu, Y. Shen, G. Zhang, Y. Yang, "A Chaos-based Color Image Encryption Algorithm", 2013 Sixth International Symposium on Computational Intelligence and Design, pp. 92-95, 2013.
  13. S. Som, A. Kotal, A. Chatterjee, S. Dey, S. Palit, "A colour image encryption based on DNA coding and chaotic sequences", 2013 1st International Conference on Emerging Trends and Applications in Computer Science, pp. 108-114, 2013.
  14. Man, Shushuang, D. Hong and M. M. Matthews, "A Shoulder-Surfing Resistant Graphical Password Scheme-WiW", Security and Management, 2003.
  15. Wiedenbeck, Susan, et. al, "PassPoints: Desing and logigudinal evaluation of a graphical password system", International Journal of Human-Computer Studies Vol. 63, No. 1, pp. 102-127, 2005. https://doi.org/10.1016/j.ijhcs.2005.04.010
  16. J. Thorpe, P. C. van Oorschot, "Grphical Dictionaries and the Memorable Space of Graphical Passwords", USENIX Security Symposium, 2004.
  17. Wiedenbeck, Susan, et al. "Design and evaluation of a shoulder-surfing resistant graphical password scheme", Proceedings of the working conference on Advanced visual interfaces, ACM, 2006.
  18. D. Rachna, "Hash visualization in user authentication", CHI'00 Extended Abstracts on Human Factors in Computing Systems, ACM, 2000.
  19. S. Leonardo and J. C. Birget, "Graphical passwords", The Rutgers Scholar, an electronic Bulletin for undergraduate research 4, 2002.
  20. S. Balaji, "Authentication techniques for engendering session passwords with colors and text", Advances in Computer Science and its Applications 1.3, pp. 189-195, 2012.
  21. M. Sreelatha et. al, "Authentication schemes for session passwords using color and images", International Journal of Netow가 Security & Its Applications 3.3, pp. 111-119, 2011. https://doi.org/10.5121/ijnsa.2011.3308