CN114615299A - Remote medical monitoring system, medium, equipment and terminal - Google Patents

Remote medical monitoring system, medium, equipment and terminal Download PDF

Info

Publication number
CN114615299A
CN114615299A CN202210232321.9A CN202210232321A CN114615299A CN 114615299 A CN114615299 A CN 114615299A CN 202210232321 A CN202210232321 A CN 202210232321A CN 114615299 A CN114615299 A CN 114615299A
Authority
CN
China
Prior art keywords
tid
user
gateway node
gateway
medical sensor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210232321.9A
Other languages
Chinese (zh)
Other versions
CN114615299B (en
Inventor
郭亚军
邵晓伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Binoji Shanghai Biotechnology Co ltd
Dragon Totem Technology Hefei Co ltd
Original Assignee
Central China Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Central China Normal University filed Critical Central China Normal University
Priority to CN202210232321.9A priority Critical patent/CN114615299B/en
Priority claimed from CN202210232321.9A external-priority patent/CN114615299B/en
Publication of CN114615299A publication Critical patent/CN114615299A/en
Application granted granted Critical
Publication of CN114615299B publication Critical patent/CN114615299B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1059Inter-group management mechanisms, e.g. splitting, merging or interconnection of groups
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Measuring And Recording Apparatus For Diagnosis (AREA)

Abstract

The invention belongs to the technical field of remote medical monitoring, and discloses a remote medical monitoring method, a system, a medium, equipment and a terminal, wherein the remote medical monitoring system comprises: in the initialization stage, a plurality of gateway nodes are used as miner nodes to be added into the block chain network; in the registration stage, a user and a medical sensor are registered in a gateway node; and in the access control stage, the real identity of each entity is verified, and the user can safely access a certain medical sensor. The invention uses the Hash function, the physical unclonable function and the bitwise XOR operation to ensure the safety of the physiological data of the patient and the privacy of the user, uses the block chain technology to solve the problems of single point failure and poor expansibility of the gateway node, designs a remote medical monitoring system based on the block chain, and has more functional characteristics and less consumption of computing communication cost compared with the existing system after verification.

Description

Remote medical monitoring system, medium, equipment and terminal
Technical Field
The invention belongs to the technical field of remote medical monitoring, and particularly relates to a remote medical monitoring method, a system, a medium, equipment and a terminal.
Background
The word internet of things was first presented in the book of future roads, written by belgium in 1995, but was not appreciated because the wireless network and sensing devices were immature at that time. Later, in 2005, the International Telecommunications Union (ITU) published ITU internet report 2005: internet of things, the concept of the internet of things has formally been proposed in this report. The internet of things can be understood as a technology for associating objects with things and people with things through the internet and generating some useful data. At present, with the continuous development of the internet of things technology, people have applied the intelligent home, intelligent traffic, remote medical treatment and other fields.
Due to the fact that the aging problem of the population of countries in the world is increasingly prominent and new coronary pneumonia epidemic situations are continuously emerging, the remote medical monitoring system has great development potential, and the internet of things technology is taken as one of the core technologies of remote medical treatment and plays a key role in the remote medical monitoring system. The remote medical monitoring system takes a wireless medical sensing network as a communication basis and has the function of monitoring the physiological data of a patient. The remote medical monitoring system comprises three entities, namely a doctor (user), a gateway and a medical sensor, and in order to acquire physiological data of a patient, the medical sensor node is implanted/worn on the body of the patient. The gateway node has strong computing and communication capabilities, and the main function of the gateway node is to help the user and the sensor to realize mutual authentication in an authentication phase. The user can acquire real-time physiological data of the patient on the premise that mutual authentication with the sensor node is required to be completed and a session key is negotiated. The data can be safely transmitted in an open channel by encrypting the session key, and a doctor diagnoses the patient by analyzing the physiological data of the patient and gives treatment opinions. In a wireless sensor network, doctors acquire patient physiological data collected by medical sensors with the help of gateway nodes, and communication among all participants (doctors, gateways and medical sensors) is performed in an unsafe channel, so that the risk of patient data leakage is increased. Furthermore, the traditional medical monitoring system relies on a single gateway node for communication, and once the gateway node fails, the whole system is in a breakdown state. Finally, existing systems all rely on trusted third parties to participate, making system scalability poor.
Through the above analysis, we can find that the problems and defects existing in the prior art are as follows:
(1) the patient's physiological data needs to be kept secret and cannot be tampered with. If an attacker intercepts the physiological data of the patient and carries out tampering, not only the privacy of the patient is leaked, but also the doctor can misjudge the condition of the patient according to the tampered data, so that the irreparable effect is caused.
(2) The existing systems have single-point fault hidden danger, and the traditional scheme is that the mutual authentication of a user and a sensor is completed by the assistance of a gateway node or a server. If the gateway fails, the whole system is broken down, mutual authentication between the user and the sensor node cannot be realized, and further, data collected by the sensor node cannot be acquired without a method, and the data cannot be monitored in real time. If at this point the patient develops abnormal symptoms, the consequences will be unthinkable.
(3) Poor scalability results in poor practicality. In existing solutions, the user and the medical sensor node can only communicate with a specified gateway after registration at the gateway, and authentication can only be assisted by this gateway. If the medical sensor is far away from the designated gateway node, the energy loss of the medical sensor is inevitably increased, and the method is not suitable for a remote medical monitoring system with limited resources.
Therefore, in view of the above three challenges, there is a need for a remote medical monitoring system that can ensure the security of communication between participants, does not depend on a single gateway node for communication, and has high practicability, so as to meet the expected security and efficiency requirements in the remote medical monitoring system.
Disclosure of Invention
Aiming at some problems of the existing system, the invention uses a hash function, a physical unclonable function and bitwise XOR operation to ensure the safety of patient physiological data and the privacy of users, and uses a block chain technology to solve the problems of single point failure and poor expansibility of gateway nodes. The system architecture of the present invention and the relationship between them is as follows:
the data center is used for storing registration information of the user and the medical sensor and physiological data of the patient;
the gateway node is deployed near the medical sensor and is used for calculating, transmitting, temporarily storing and analyzing data acquired by the medical sensor in real time;
the medical sensor is used for collecting physiological data of a patient and transmitting the physiological data to the gateway node, and the gateway node transmits the data to the data center;
the user, using the mobile device, accesses a certain medical sensor through the gateway node.
The block chain network comprises a private block chain network formed by a plurality of gateway nodes, and the gateway nodes are miners' nodes. The gateway node needs to obtain the authority of the system administrator and maintain the blockchain using a PoS consensus mechanism before joining the blockchain network. In the registration stage of the user and the medical sensor, some secret information needed in the authentication stage can be stored in the block, and the structure of the block chain ensures that the information cannot be tampered, so that the integrity of data is ensured.
Another objective of the present invention is to provide a remote medical monitoring system, which comprises the following steps:
step one, an initialization stage: many gateway nodes join the blockchain network as mineworker nodes. The innovation point of the invention is to introduce a block chain technology into the remote medical monitoring system. The block chain has the characteristics of decentralization, non-counterfeiting, non-tampering and the like. In the invention, a plurality of gateway nodes form a private block chain network, and all the gateway nodes are miners' nodes. The gateway node obtains authorization of a system administrator before joining the blockchain network and maintains the blockchain using a PoS consensus mechanism. And during the user and medical sensor registration phases, secret information used during the authentication phase is stored in the block, the structure of the block chain being such that said information is not tampered. The introduction of the block chain can greatly improve the system efficiency and solve the problems of single point failure and poor expansibility.
Step two, a registration stage: the user and the medical sensor are registered at the gateway node. The enrollment phase may store some authentication credentials at the user's mobile device and medical sensor and then use these secret information in the authentication process.
Step three, an access control stage: and authenticating the identity of the user and ensuring the safe access of the user to the medical sensor. The steps are briefly described as follows:
(1) logging in: a user inputs a correct user name and a correct password on mobile equipment to log in; after the login is successful, the mobile equipment of the user sends a request for accessing a certain medical sensor to the gateway node;
(2) the gateway node verifies the authenticity of the user: if the user passes the verification, the gateway node sends an authentication request to the medical sensor, and if the verification fails, the access request of the user is immediately terminated;
(3) the medical sensor verifies the authenticity of the gateway node: the medical sensor verifies the request of the gateway node, verifies the authenticity of the gateway node, and if the verification is passed, a confirmation message is sent to the gateway node;
(4) the gateway node verifies the authenticity of the medical sensor: the gateway node verifies the authenticity of the medical sensor, and if the verification is successful, confirmation information is sent to a remote user;
(5) the user verifies the authenticity of the gateway node: if the authentication is successful, a session key is negotiated between the user and the accessed medical sensor to enable secure communication between the user and the medical sensor.
Further, the initialization stage in the step one specifically comprises the following steps:
the system administrator generates an identity IDgAnd a secret key KgEach gateway node is stored in the memory<IDg,Kg,h(·)>(ii) a All gateway nodes are added into the blockchain network as miners' nodes after authorization of a system administrator.
Further, the registration stage in the second step includes user registration and medical sensor registration:
user registration: the user registers on the mobile device, and the registration process is as follows:
(1) user selects an ID on his mobile deviceiAnd password PWiAnd generates a temporary interaction number r for the user1Calculating HIDi=h(IDi||r1),HPWi=h(IDi||PWi||r1) And handle<HIDi,HPWi>Sending to the gateway node closest to the gateway node;
(2) gateway receiving<HIDi,HPWi>Thereafter, a temporary identity TID is generated for the useriAnd a temporary interaction number r2Calculating Bi’=h(HIDi||HPWi)⊕r2,Li’=h(HIDi||HPWi||r2),Di’=r2⊕h(IDg||Kg),Fi’=h(h(IDg||Kg||TIDi)||TIDi),Ei=TIDi⊕h(IDg||Kg||TIDi) (ii) a Gateway is through the secure channel<TIDi,Ei>Sending to a data center for storage<TIDi old=null,TIDi new=TIDi,Ei old=null,Ei new=Ei>And stores the address MAiSending to gateway node, data center broadcasting MA to all gateway nodesi(ii) a The MA isiIt is equivalent to an index, according to MA, the gatewayiFinding data stored in a data center<TIDi old=null,TIDi new=TIDi,Ei old=null,Ei new=Ei>(ii) a By a consensus mechanism, MAiAll gateways pack into a new block and connect to the existing block chain; gateway sending<MAi,Bi’,Li’,Di’,Fi’>Giving the mobile device;
(3) after receiving the message from the gateway, moveMobile device computing Bi=r1⊕Bi’,Li=h(Li’||IDi||PWi||r1),Gi=r1⊕h(IDi||PWi),Di=Di’⊕h(HIDi||r1),Fi=Fi’⊕h(HPWi||r1) Will be<MAi,Bi,Li,Gi,Di,Fi,h(·)>And storing the data in the memory of the mobile equipment.
Medical sensor registration: embedding a PUF module into a sensor to be registered, and then registering the sensor with a gateway node closest to the PUF module, wherein the registering steps are as follows:
(1) gateway node generates a unique ID for medical sensorjThen, send<IDj>Providing a medical sensor;
(2) upon receiving the IDjThen, the sensor calculates the challenge IDjCorresponding response Rj=PUFj(IDj) Will be<Rj>Sending the data to a gateway;
(3) the gateway receives RjThen, a temporary identity TID is generatedjCalculating Hj=h(TIDj||h(IDj||IDg||Kg)),Ij=IDj⊕Hj(ii) a Transmission over a secure channel<Rj,IDj,Ij>To the hospital, and storing in the data center<Rj,IDj,Ij old=null,Ij new=Ij>Then, the parameter R is broadcasted to all gateway nodes in the block chainj(ii) a Through a consensus mechanism, the gateway node assigns RjPacking into a new block and connecting to the existing block chain; rjCorresponding to an index, the gateway node passes through R during the authentication phasejFinding data stored in a data center<Rj,IDj,Ij old=null,Ij new=Ij>;
(4) The gateway will<Hj>Sending to the sensor, storing the medical sensor<IDj,Hj,h(·)>。
Further, the access control stage in step three includes the following specific steps:
a user logs in on a mobile device; after the login is successful, the user accesses the medical sensor device by using the mobile device; the user and the medical sensor complete mutual authentication with the help of the gateway node and generate a session key for subsequent communication.
(1) Logging in: a user inputs an identity and a password in a mobile device; the mobile device calculates r1=Gi⊕h(IDi||PWi),HIDi=h(IDi||r1),HPWi=h(IDi||PWi||r1),r2=Bi⊕r1⊕h(HIDi||HPWi),Li’=h(HIDi||HPWi||r1),Li *=h(Li’||IDi||PWi||r1) Checking Li *=LiWhether the result is true or not; if not, the login request is terminated, otherwise, the user login is successful; the mobile device generates a current time stamp t1And a temporary interaction number niCalculating Di’=Di⊕h(HIDi||r1),Fi’=Fi⊕h(HPWi||r1),S1=Di’⊕r2,S2=S1⊕t1,S3=h(S1||t1)⊕MAi,S4=Fi’⊕ni,S5=IDj⊕h(ni||Fi’),S6=h(MAi||ni||Fi’||IDj||S2||S4||t1) And M is1=<S2,S3,S4,S5,S6,t1>Sending to the gateway node;
(2) the gateway node verifies the authenticity of the user: gateway node check receptionTo the freshness of the message, if the message is fresh, the gateway calculates S1=t1⊕S2,MAi=h(S1||t1) Checking MAiWhether the block chain exists in the block chain or not, if not, the authentication is terminated; otherwise, the gateway node MA according to the storage addressiRetrieving from a data center<TIDi,Ei>Calculating Fi’=h((Ei⊕TIDi)||TIDi),ni=S4⊕Fi’,IDj=S5⊕h(ni||Fi’),S6 *=h(MAi||ni||Fi’||IDj||S2||S4||t1) Checking S6 *=S6Whether the time stamp is established or not, if so, the gateway node generates the current time stamp t2Calculating S7=IDj⊕t2,S8=h(IDj||t2) Will M2=<S7,S8,t2>To a medical sensor;
(3) the medical sensor verifies the authenticity of the gateway node: the medical sensor checks the freshness of the received message and if the condition is true, the medical sensor calculates the IDj=S7⊕t2,S8 *=h(IDj||t2) Checking S8 *=S8Whether the result is true or not; if so, the medical sensor generates a temporary interaction number njAnd a current time stamp t3Calculating Rj=PUFj(IDj),S9=Rj⊕t3,S10=nj⊕h(IDj||Hj||t3),S11=h(Rj||nj||S10||t3) And M is3=<S9,S10,S11,t3>Sending to the gateway node;
(4) the gateway node verifies the authenticity of the medical sensor: the gateway node checks the freshness of the received message and if the message is fresh, the gateway node calculates Rj=S9⊕t3Checking RjWhether the block chain exists in the block chain or not, if not, the authentication is terminated; otherwise, the gateway is according to RjRetrieving from data centers<Rj,IDj,Ij>Calculating nj=S10⊕h(IDj||(IDj⊕Ij)||t3),S11 *=h(Rj||nj||S10||t3) Checking the condition S11 *=S11Whether the result is true or not; if so, the gateway node generates a current timestamp t4Calculating TIDi *=h(Kg||ni||t3),TIDj *=h(Kg||nj||t1),S12=Fi’⊕TIDi *,S13=MAi⊕TIDj *,S14=h(MAi||Fi’)⊕nj,Fi *=h(h(IDg||Kg||TIDi *)||TIDi *),S15=Fi *⊕Fi’,S16=h(IDg||Kg||TIDi *)⊕(Ei⊕TIDi),S17=h(TIDi *||S13||nj||S15||S16||t4),Ei *=h(IDg||Kg||TIDi *)⊕TIDi *,S18=Rj⊕ni,S19=h(IDj||(IDj⊕Ij)||t4)⊕TIDi *,S20=h(ni||TIDi *)⊕TIDj *,Hj *=h(TIDj *||h(IDj||IDj||Kg)),Ij *=IDj⊕Hj *,S21=h(TIDi *||TIDj *)⊕Hj *,S22=h(TIDj *||ni||S19||S21||t4) (ii) a Gateway node sending M4=<S12,S13,S14,S15,S16,S17,t4>To users and M5=<S18,S19,S20,S21,S22,t4>To the medical sensor node and send the TID over a secure channeli *,Ei *,Ij *To data centers, data center updates<TIDi old=TIDi,TIDi new=TIDi *,Ei old=Ei,Ei new=Ei *>,<Rj,IDj,Ij old=Ij,Ij new=Ij *>(ii) a Medical sensor receiving message M5Thereafter, the current timestamp t is checked4 *Whether or not | t is satisfied4 *-t4Delta t is less than or equal to | t; if the condition is true, the medical sensor calculates ni=S18⊕Rj,TIDi *=S19⊕h(IDj||Hj||t4),TIDj *=S20⊕h(ni||TIDi *),S22 *=h(TIDj *||ni||S19||S21||t4) Checking S22 *=S22Whether the result is true or not; if so, the sensor calculates SKij=h(TIDi *||TIDj *||ni||nj),Hj *=h(TIDi *||TIDj *)⊕S21And updating H in the memoryjBy Hj *
(5) The user verifies the authenticity of the gateway node: the user checks the freshness of the message after receiving the message; if the condition is true, the user calculates the TIDi *=S12⊕Fi’,TIDj *=S13⊕MAi,nj=S14⊕h(MAi||Fi’),S17 *=h(TIDi *||S13||nj||S15||S16||t4) Checking S17 *=S17Whether the result is true; if so, the mobile device computes SKij=h(TIDi *||TIDj *||ni||nj),Fi new=S15⊕Fi,Di new=S16⊕DiBy Fi new,Di newReplacing F in memoryi,Di
(6) And (5) after the steps (1) to (5) are finished, the user safely accesses the medical sensor.
In combination with the technical solutions and the technical problems to be solved, please analyze the advantages and positive effects of the technical solutions to be protected in the present invention from the following aspects:
first, aiming at the technical problems existing in the prior art and the difficulty in solving the problems, the technical problems to be solved by the technical scheme of the present invention are closely combined with results, data and the like in the research and development process, and some creative technical effects are brought after the problems are solved. The specific description is as follows:
firstly, in order to protect patient data from being tampered and privacy disclosure, a hash function, a physical unclonable function and bitwise exclusive or operation are used, and the operations make the method safer; secondly, aiming at the problem of single point failure, a blockchain technology is introduced on the basis of the traditional remote medical monitoring system, and the characteristic of block chain decentralization effectively solves the problem of single point failure, so that the invention has stronger expansibility. In a word, the invention solves the existing defects in the remote medical monitoring system, so that the remote medical service is safer, more convenient and more reliable.
Secondly, considering the technical scheme as a whole or from the perspective of products, the technical effect and advantages of the technical scheme to be protected by the invention are specifically described as follows:
the invention uses the Hash function, the physical unclonable function and the bitwise XOR operation to ensure the safety of the physiological data of the patient and the privacy of the user, uses the block chain technology to solve the problems of single point failure and poor expansibility of the gateway node, designs a remote medical monitoring system based on the block chain, and effectively solves the defects in the existing system.
In terms of security, the invention can resist various known attacks and realize more functional characteristics, mainly comprising:
having user anonymity; resisting off-line password guessing attack; resisting impersonation attack of users; resisting sensor impersonation attack; anti-desynchronization attack; password update friendliness; resisting privileged insider attacks; non-trackability; the sensor is resistant to theft attack; the method is resistant to gateway impersonation attack; the mobile equipment is prevented from being stolen and attacked; replay attack resistance; the method has the characteristic of solving single point of failure of the gateway.
Functional characteristics System 1 System 2 System 3 System 4 System 5 System 6 The system is provided
User anonymity ×
Offline password guessing attack
Impersonation attack by a user
Sensor spoofing attack N/A
Desynchronization attack × × × × ×
Password update friendliness
Privileged insider attacks × ×
Non-traceability × ×
Attack of sensor theft × N/A N/A
Gateway spoofing attack N/A
Theft attack for mobile device × × × ×
Replay attacks
Gateway single point of failure × × × × × ×
As shown in the above table, the present invention has more security and functional features than other systems.
Third, as an inventive supplementary proof of the claims of the present invention, there are also presented several important aspects:
the remote medical monitoring system takes a wireless sensor network as a communication basis, and greatly improves the medical service efficiency by utilizing the technology of the Internet of things. The advanced medical internet of things system has at least the following two advantages: better medical monitoring service is carried out on the patient through the physiological data collected by the medical sensor, so that the medical service efficiency is improved and the safety of the patient is ensured; moreover, the medical equipment with faults can be found in time, and the fault rate and the maintenance cost are reduced. Thus, telemedicine monitoring systems may benefit from internet of things technology, both in terms of medical equipment cost and medical service efficiency. Nowadays, with the continuous expansion of the application scale of medical sensor equipment, the remote medical monitoring system also makes medical services more convenient and efficient. However, telemedicine monitoring systems also face some challenges: (1) the patient's physiological data needs to be kept secret and cannot be tampered with. If an attacker intercepts the physiological data of the patient and carries out tampering, not only is the privacy of the patient revealed, but also the serious result is that the doctor misjudges the condition of the patient according to the tampered data, so that the irreparable result is caused. (2) The traditional scheme is that mutual authentication of a user and a sensor is completed by assistance of a gateway node. If the gateway fails, the whole system is broken down, mutual authentication between the user and the sensor node cannot be realized, and further, data collected by the sensor node cannot be acquired without a method, and the data cannot be monitored in real time. If at this point the patient develops abnormal symptoms, the consequences will be unthinkable. (3) Poor scalability results in poor practicality. In existing solutions, the user and the medical sensor node can only communicate with a specified gateway after registration at the gateway, and authentication can only be assisted by this gateway. If the medical sensor is far away from the designated gateway node, the energy loss of the medical sensor is inevitably increased, and the method is not suitable for a remote medical monitoring system with limited resources.
With respect to the above challenges, this invention uses a hash function, a physical unclonable function, and bitwise xor operations to ensure patient physiological data security and user privacy; in order to solve the problem of single-point failure, a blockchain technology is used, and because the blockchain has the characteristics of tamper resistance and decentralization, the single-point failure problem is perfectly solved by introducing the blockchain technology, so that the single-point failure detection method has better expansibility and stronger practicability.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow chart of a remote medical monitoring system provided by an embodiment of the invention.
FIG. 2 is a flow chart of user access control provided by an embodiment of the present invention;
in the figure: firstly, a user logs in a mobile device and initiates an authentication challenge to a gateway node; the gateway node checks the message freshness, authenticates the user, and initiates an authentication challenge to the medical sensor after the authentication is successful; the medical sensor checks the message freshness, authenticates the gateway node, and initiates an authentication challenge to the gateway node after the authentication is successful; the gateway node checks the message freshness, authenticates the medical sensor, and initiates an authentication challenge to the user after the authentication is successful; and fifthly, the user checks the message freshness, authenticates the gateway node, and establishes a secure access channel between the user and the medical sensor after successful authentication.
Fig. 3 is a block diagram of a remote medical monitoring system according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail with reference to the following embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
First, aiming at the problems of the existing remote medical monitoring system, the invention provides a new remote medical monitoring system with stronger practicability, and the invention is described in detail with reference to the attached drawings.
As shown in fig. 1, the remote medical monitoring system provided by the embodiment of the present invention includes the following steps:
s101, an initialization stage: a plurality of gateway nodes are added into the block chain network as miner nodes;
s102, a registration stage: registering the user and the medical sensor by the gateway node;
s103, an access control stage: and authenticating the identity of the user and ensuring the safe access of the user to the medical sensor.
Specifically, the step S101 of joining a plurality of gateway nodes as miners' nodes to the blockchain network includes: the innovation point of the invention is to introduce a block chain technology into the remote medical monitoring system. The block chain has the characteristics of decentralization, non-counterfeiting, non-tampering and the like. In the invention, a plurality of gateway nodes form a private block chain network, and all the gateway nodes are miners' nodes. The gateway node obtains authorization from a system administrator before joining the blockchain network and maintains the blockchain using a PoS consensus mechanism. And during the user and medical sensor registration phases, secret information used during the authentication phase is stored in the block, the structure of the block chain being such that said information is not tampered. The introduction of the block chain can greatly improve the system efficiency and solve the problems of single point failure and poor expansibility.
Step S102 of registering, by the gateway node, the user and the medical sensor includes: the enrollment phase is to store some secret credentials in advance on the user's mobile device and medical sensor and then use the secret information in the authentication process.
Step S103, the identity of the user is authenticated, and the safe access of the user to the medical sensor is ensured. The steps are briefly described as follows:
(1) logging in: a user inputs a correct user name and a correct password on mobile equipment to log in; after the login is successful, the mobile equipment of the user sends a request for accessing a certain medical sensor to the gateway node;
(2) the gateway node verifies the authenticity of the user: if the user passes the verification, the gateway node sends an authentication request to the medical sensor, and if the verification fails, the access request of the user is immediately terminated;
(3) the medical sensor verifies the authenticity of the gateway node: the medical sensor verifies the request of the gateway node, verifies the authenticity of the gateway node, and if the verification is passed, a confirmation message is sent to the gateway node;
(4) the gateway node verifies the authenticity of the medical sensor: the gateway node verifies the authenticity of the medical sensor, and if the authenticity is verified successfully, confirmation information is sent to a remote user;
(5) the user verifies the authenticity of the gateway node: if the authentication is successful, a session key is negotiated between the user and the accessed medical sensor to ensure secure communication between the user and the medical sensor.
Secondly, in order to make those skilled in the art fully understand how to implement the present invention, the section is an explanatory embodiment for explaining the technical solution of the claims.
Examples
The invention uses the Hash function, the physical unclonable function and the bitwise XOR operation to ensure the safety of the physiological data of the patient and the privacy of the user, uses the block chain technology to solve the problems of single point failure and poor expansibility of the gateway node, designs a remote medical monitoring system based on the block chain, and has more functional characteristics and less consumption of computing communication cost compared with the existing system after verification.
1. The system architecture of the present invention and the relationship between them:
the system of the present invention includes 5 physical modules as shown in fig. 3.
The data center comprises: is responsible for storing important information for users and medical sensor registration, and patient physiological data.
A gateway node: the gateway node is deployed near the medical sensor and is responsible for receiving data acquired by the medical sensor for calculation, transmission, temporary storage and real-time analysis. Each gateway node is connected to one or more medical sensors.
A medical sensor: the medical sensors are used for collecting physiological data of patients and transmitting the physiological data to the gateway node, and the gateway node transmits the data to the data center.
Doctor (user): a doctor may access a certain medical sensor through the gateway node using a mobile device.
Block chain network: a plurality of gateway nodes form a private blockchain network, and the gateway nodes are miners' nodes. The gateway node needs to obtain authorization from the system administrator before joining the blockchain network and maintain this blockchain using a PoS consensus mechanism. In the registration stage of the user and the medical sensor, some secret certificates needed in the authentication stage can be stored in the block, and the structure of the block chain ensures that the information cannot be tampered, thereby ensuring the integrity of data.
The working principle of the invention is as follows:
the invention mainly realizes that a doctor (user) remotely accesses a certain medical sensor, and the working principle is as follows: the first phase is an initialization phase, where many gateway nodes join the blockchain network as mineworker nodes. The second stage is a registration stage, in which the user and the medical sensor are registered at the gateway node, and the third stage is an access control stage, which needs to verify the real identity of each entity to realize that the user safely accesses a certain medical sensor. The specific steps of the access control phase are as follows:
(1) logging in: the user enters the correct username and password on the mobile device to log in. After successful login, the user's mobile device sends a request to the gateway node to access a certain medical sensor.
(2) The gateway node verifies the authenticity of the user: the gateway node verifies the authenticity of the user, if the user passes the verification, the gateway node sends an authentication request to the medical sensor, and if the verification fails, the access request of the user is immediately terminated.
(3) The medical sensor verifies the authenticity of the gateway node: the medical sensor verifies the request of the gateway node, verifies the authenticity of the gateway node, and sends a confirmation message to the gateway node if the verification is passed.
(4) The gateway node verifies the authenticity of the medical sensor: the gateway node verifies the authenticity of the medical sensor and if successfully verified, sends a confirmation message to the remote user.
(5) The user verifies the authenticity of the gateway node: and the user verifies the authenticity of the gateway node, and if the verification is successful, a session key is negotiated between the user and the accessed medical sensor to realize the secure communication between the user and the medical sensor.
The flow chart is shown in fig. 2, and the detailed implementation process is as follows.
Fig. 3 is a structural principle of the remote medical monitoring system provided by the embodiment of the invention, as follows:
(1) logging in: the user enters the correct username and password on the mobile device to log in. After successful login, the user's mobile device sends a request to the gateway node to access a certain medical sensor.
(2) The gateway node verifies the authenticity of the user: the gateway node verifies the authenticity of the user, if the user passes the verification, the gateway node sends an authentication request to the medical sensor, and if the verification fails, the access request of the user is immediately terminated.
(3) The medical sensor verifies the authenticity of the gateway node: the medical sensor verifies the request of the gateway node, verifies the authenticity of the gateway node, and if the verification is passed, a confirmation message is sent to the gateway node.
(4) The gateway node verifies the authenticity of the medical sensor: the gateway node verifies the authenticity of the medical sensor and if successfully verified, sends a confirmation message to the remote user.
(5) The user verifies the authenticity of the gateway node: and the user verifies the authenticity of the gateway node, and if the verification is successful, a session key is negotiated between the user and the accessed medical sensor to realize the secure communication between the user and the medical sensor.
2. The invention is realized by the following technical scheme to achieve the purpose:
in order to achieve the purpose, the technical scheme of the invention comprises an initialization phase, a registration phase and an access control phase. The initialization phase is that many gateway nodes join the blockchain network as mineworker nodes. The registration phase is the registration by the gateway node for the user and the medical sensor. And in the access control stage, identity authentication is carried out on the user, and the safe access of the user to the medical sensor is ensured.
An initialization stage:
the system administrator generates an identity IDgAnd a secret key KgEach gateway node is stored in the memory<IDg,Kg,h(·)>And finally, the gateway nodes are used as miner nodes to be added into the blockchain network after authorization of a system administrator.
(II) a registration stage:
user registration: the user registers on the mobile device, and the registration process is as follows:
(1) user selects an ID on his mobile deviceiAnd password PWiAnd generates a temporary interaction number r for the user1Calculating HIDi=h(IDi||r1),HPWi=h(IDi||PWi||r1) And handle<HIDi,HPWi>To the gateway node closest thereto.
(2) Gateway receiving<HIDi,HPWi>Thereafter, a temporary identity TID is generated for the useriAnd a temporary interaction number r2Calculating Bi’=h(HIDi||HPWi)⊕r2,Li’=h(HIDi||HPWi||r2),Di’=r2⊕h(IDg||Kg),Fi’=h(h(IDg||Kg||TIDi)||TIDi),Ei=TIDi⊕h(IDg||Kg||TIDi). The gateway then handles the message through a secure channel<TIDi,Ei>Sending to a data center, and storing in the data center<TIDi old=null,TIDi new=TIDi,Ei old=null,Ei new=Ei>And store the addresses MAiSending to gateway node, data center broadcasting MA to all gateway nodesi. The MA isiJust as an index, the gateway can be according to MAiFinding data stored in a data center<TIDi old=null,TIDi new=TIDi,Ei old=null,Ei new=Ei>. By a consensus mechanism, MAiAre packed into a new block by all gateways and connected to the existing block chain. Finally, the gateway sends<MAi,Bi’,Li’,Di’,Fi’>To the mobile device.
(3) After receiving the message from the gateway, the mobile device calculates Bi=r1⊕Bi’,Li=h(Li’||IDi||PWi||r1),Gi=r1⊕h(IDi||PWi),Di=Di’⊕h(HIDi||r1),Fi=Fi’⊕h(HPWi||r1) Will be<MAi,Bi,Li,Gi,Di,Fi,h(·)>Stored to mobile devicesIn memory.
Medical sensor registration: the sensor to be registered needs to be embedded with a PUF, and then is registered with the gateway node closest to the PUF, and the detailed registration steps are as follows:
(1) gateway node generates a unique ID for medical sensorjThen send<IDj>To the medical sensor.
(2) Upon receiving the IDjThen, the sensor calculates the challenge IDjCorresponding response Rj=PUFj(IDj) Will be<Rj>And sending the data to the gateway.
(3) Gateway receiving RjThereafter, a temporary identity TID is generatedjCalculating Hj=h(TIDj||h(IDj||IDg||Kg)),Ij=IDj⊕Hj. Then sent through a secure channel<Rj,IDj,Ij>To the hospital, and storing in the data center<Rj,IDj,Ij old=null,Ij new=Ij>Then, broadcasting the parameter R to all gateway nodes in the block chainj. Finally, the gateway node sends R through a consensus mechanismjPacked into a new tile and connected to the existing tile chain. RjIt is equivalent to an index through which the gateway node can pass during the authentication phasejFinding data stored in a data center<Rj,IDj,Ij old=null,Ij new=Ij>。
(4) Gateway handle<Hj>Sending to the sensor, storing the medical sensor<IDj,Hj,h(·)>。
And (III) an access control stage:
the user first logs in on his mobile device and, after successful login, the user uses the mobile device to access the medical sensor device. In the process, the user and the medical sensor complete mutual authentication with the help of the gateway node and generate a session key for subsequent communication.
(1) Logging in: the user enters an identity and password in the mobile device. The mobile device calculates r1=Gi⊕h(IDi||PWi),HIDi=h(IDi||r1),HPWi=h(IDi||PWi||r1),r2=Bi⊕r1⊕h(HIDi||HPWi),Li’=h(HIDi||HPWi||r1),Li *=h(Li’||IDi||PWi||r1) Checking Li *=LiWhether or not this is true. If not, the login request is terminated, otherwise, the user login is successful. The mobile device then generates a current timestamp t1And a temporary interaction number niCalculating Di’=Di⊕h(HIDi||r1),Fi’=Fi⊕h(HPWi||r1),S1=Di’⊕r2,S2=S1⊕t1,S3=h(S1||t1)⊕MAi,S4=Fi’⊕ni,S5=IDj⊕h(ni||Fi’),S6=h(MAi||ni||Fi’||IDj||S2||S4||t1). Then M is added1=<S2,S3,S4,S5,S6,t1>To the gateway node.
(2) The gateway node verifies the authenticity of the user: the gateway node first checks the freshness of the received message and if the message is fresh, the gateway calculates S1=t1⊕S2,MAi=h(S1||t1) Checking MAiAnd if the block chain does not exist, terminating the authentication. Otherwise, the gateway node MA according to the storage addressiRetrieving from a data center<TIDi,Ei>Calculating Fi’=h((Ei⊕TIDi)||TIDi),ni=S4⊕Fi’,IDj=S5⊕h(ni||Fi’),S6 *=h(MAi||ni||Fi’||IDj||S2||S4||t1) Checking S6 *=S6Whether the time stamp is established or not, if so, the gateway node generates the current time stamp t2Calculating S7=IDj⊕t2,S8=h(IDj||t2) Handle M2=<S7,S8,t2>To the medical sensor.
(3) The medical sensor verifies the authenticity of the gateway node: the medical sensor checks the freshness of the received message and if the condition is true, the medical sensor calculates the IDj=S7⊕t2,S8 *=h(IDj||t2) Checking S8 *=S8Whether or not this is true. If so, the medical sensor generates a temporary interaction number njAnd a current time stamp t3Calculating Rj=PUFj(IDj),S9=Rj⊕t3,S10=nj⊕h(IDj||Hj||t3),S11=h(Rj||nj||S10||t3). Finally, M is3=<S9,S10,S11,t3>To the gateway node.
(4) The gateway node verifies the authenticity of the medical sensor: the gateway node checks the freshness of the received message. If the message is fresh, the gateway node calculates Rj=S9⊕t3Checking RjAnd if the block chain does not exist, terminating the authentication. Otherwise, the gateway is according to RjRetrieving from a data center<Rj,IDj,Ij>Calculating nj=S10⊕h(IDj||(IDj⊕Ij)||t3),S11 *=h(Rj||nj||S10||t3) Checking the condition S11 *=S11Whether or not this is true. If so, the gateway node generates a current timestamp t4Calculating TIDi *=h(Kg||ni||t3),TIDj *=h(Kg||nj||t1),S12=Fi’⊕TIDi *,S13=MAi⊕TIDj *,S14=h(MAi||Fi’)⊕nj,Fi *=h(h(IDg||Kg||TIDi *)||TIDi *),S15=Fi *⊕Fi’,S16=h(IDg||Kg||TIDi *)⊕(Ei⊕TIDi),S17=h(TIDi *||S13||nj||S15||S16||t4),Ei *=h(IDg||Kg||TIDi *)⊕TIDi *,S18=Rj⊕ni,S19=h(IDj||(IDj⊕Ij)||t4)⊕TIDi *,S20=h(ni||TIDi *)⊕TIDj *,Hj *=h(TIDj *||h(IDj||IDj||Kg)),Ij *=IDj⊕Hj *,S21=h(TIDi *||TIDj *)⊕Hj *,S22=h(TIDj *||ni||S19||S21||t4). The gateway node then sends M4=<S12,S13,S14,S15,S16,S17,t4>To users and M5=<S18,S19,S20,S21,S22,t4>To medical sensor nodes and by securityFull channel send TIDi *,Ei *,Ij *To data centers, data center updates<TIDi old=TIDi,TIDi new=TIDi *,Ei old=Ei,Ei new=Ei *>,<Rj,IDj,Ij old=Ij,Ij new=Ij *>. Medical sensor receiving message M5Thereafter, the current timestamp t is checked4 *Whether or not | t is satisfied4 *-t4And | < delta t. If the condition is true, the medical sensor calculates ni=S18⊕Rj,TIDi *=S19⊕h(IDj||Hj||t4),TIDj *=S20⊕h(ni||TIDi *),S22 *=h(TIDj *||ni||S19||S21||t4) Checking S22 *=S22Whether or not this is true. If so, the sensor calculates SKij=h(TIDi *||TIDj *||ni||nj),Hj *=h(TIDi *||TIDj *)⊕S21Update H in its memoryjBy Hj *
(5) The user verifies the authenticity of the gateway node: after receiving the message, the user first checks the freshness of the message. If the condition is true, the user calculates the TIDi *=S12⊕Fi’,TIDj *=S13⊕MAi,nj=S14⊕h(MAi||Fi’),S17 *=h(TIDi *||S13||nj||S15||S16||t4) Checking S17 *=S17Whether or not this is true. If so, the mobile device calculates SKij=h(TIDi *||TIDj *||ni||nj),Fi new=S15⊕Fi,Di new=S16⊕DiBy Fi new,Di newReplacing F in memoryi,Di
After the above steps are performed, the user (doctor) can safely access the medical sensor.
Thirdly, in order to prove the creativity and the technical value of the technical scheme of the invention, the part is the application example of the technical scheme of the claims on specific products or related technologies.
Application example
The remote medical monitoring system takes the wireless sensing network as a communication basis, improves the working efficiency of doctors, and can effectively monitor the physiological data of patients, so that the patients with crisis can be timely treated. Due to the increasingly prominent aging problem of the population of countries in the world and the continuous emergence of new coronary pneumonia epidemic situations, the remote medical monitoring system has a huge application prospect in the future. Generally, there are three types of participants in a telemedicine monitoring system, including: medical sensor nodes, doctors and gateway nodes. In a telemedicine monitoring environment, medical sensor nodes are implanted/worn on the body of a patient in order that physiological data of the patient may be acquired. The gateway node has very strong computing and communication capabilities, and the main function of the gateway node is to help the user and the sensor to realize mutual authentication in an authentication phase. The user can acquire real-time physiological data of the patient on the premise that mutual authentication with the sensor node is required to be completed and a session key is negotiated. The data can be safely transmitted in an open channel by encrypting the session key, and a doctor diagnoses the patient by analyzing the physiological data of the patient and gives treatment opinions.
Fourth, the embodiments of the present invention have some positive effects in the process of development or use, and indeed have great advantages compared with the prior art, and the following description is made in combination with data, graphs and the like of the test process.
In terms of security, the invention can resist various known attacks and realize more functional characteristics, mainly comprising:
having user anonymity; resisting off-line password guessing attack; resisting impersonation attack of users; resisting sensor impersonation attack; anti-desynchronization attack; password update friendliness; resisting privileged insider attacks; non-trackability; the sensor is resistant to theft attack; the method is resistant to gateway impersonation attack; the mobile equipment is prevented from being stolen and attacked; replay attack resistance; the method has the characteristic of solving single point of failure of the gateway.
The communication cost required by the invention is less in terms of communication cost. In order to compare communication costs of different systems, the length of the hash value (the SHA-256 algorithm is assumed) is 256bits, the length of the temporary interaction number and the identity information is 128bits, the symmetric encryption/decryption is 128bits, the PUF challenge response pair is 128bits, the time stamp is 32bits, and the length of the point on the ECC is 1024 bits. The invention needs to transmit 5 messages (1312+416+672+1568+1312) which is 5280 bits. Less expensive than other systems that function identically to the reverse side, such as the 7840bits for the system invented by Jia et al and 6560bits for the system invented by Amin et al.
In terms of computational cost, the invention requires less computational cost. Let T be convenient for comparing the computation costs of different systemsh,Tf,Te,Tbp,Tm,Tme,TcAnd TpufRespectively representing the time required by Hash operation, fuzzy extractor generation or reproduction function, symmetric encryption/decryption, bilinear pairing, point multiplication operation on an elliptic curve, modular exponentiation, Chinese remainder theorem solving and PUF operation. The experimental measurements used were: t ish≈0.00032s,Tf≈0.0171s,Te≈0.0056s,Tbp≈0.496s,Tm≈0.0171s,Tme≈0.0192s,Tc≈0.00704s,TPUF0.023 s. The computational cost required by the present invention is calculated to be (14T)h+18Th+8Th+1TPUF) 35.8 ms. While the system of Jia et al requires a computational cost76.455ms, the cost of the system of Amin et al is 187.533 ms.
It should be noted that the embodiments of the present invention can be realized by hardware, software, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or specially designed hardware. Those skilled in the art will appreciate that the apparatus and methods described above may be implemented using computer executable instructions and/or embodied in processor control code, such code being provided on a carrier medium such as a disk, CD-or DVD-ROM, programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier, for example. The apparatus and its modules of the present invention may be implemented by hardware circuits such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., or by software executed by various types of processors, or by a combination of hardware circuits and software, e.g., firmware.
The above description is only for the purpose of illustrating the present invention and the appended claims are not to be construed as limiting the scope of the invention, which is intended to cover all modifications, equivalents and improvements that are within the spirit and scope of the invention as defined by the appended claims.

Claims (10)

1. A telemedicine monitoring system, comprising the steps of: an initialization stage: adding a plurality of gateway nodes serving as miner nodes into a block chain network;
a registration stage: registering the user and the medical sensor by the gateway node;
and an access control stage: and authenticating the identity of the user and controlling the user to safely access the medical sensor.
2. The telemedicine monitoring system of claim 1, wherein the initialization phase in step one comprises:
the system administrator generates an identity IDgAnd a secret key KgEach gateway node is stored in the memory<IDg,Kg,h(·)>(ii) a And the gateway node is used as a miner node to be added into the block chain network after authorization of a system administrator.
3. The telemedicine monitoring system of claim 1, wherein the registration phase comprises: user registration: the user registers on the mobile device, and the registration process is as follows:
(1) user selects an ID on his mobile deviceiAnd password PWiAnd generates a temporary interaction number r for the user1Calculating HIDi=h(IDi||r1),HPWi=h(IDi||PWi||r1) And handle<HIDi,HPWi>Sending to the gateway node closest to the gateway node;
(2) gateway receiving<HIDi,HPWi>Thereafter, a temporary identity TID is generated for the useriAnd a temporary interaction number r2Calculating Bi’=h(HIDi||HPWi)⊕r2,Li’=h(HIDi||HPWi||r2),Di’=r2⊕h(IDg||Kg),Fi’=h(h(IDg||Kg||TIDi)||TIDi),Ei=TIDi⊕h(IDg||Kg||TIDi) (ii) a Gateway is through the secure channel<TIDi,Ei>Sending to a data center for storage<TIDi old=null,TIDi new=TIDi,Ei old=null,Ei new=Ei>And stores the address MAiSending to gateway node, data center broadcasting MA to all gateway nodesi(ii) a The MA isiIt is equivalent to an index, gateway according to MAiFinding data stored in a data center<TIDi old=null,TIDi new=TIDi,Ei old=null,Ei new=Ei>(ii) a By a consensus mechanism, MAiAll gateways pack into a new block and connect to the existing block chain; gateway sending<MAi,Bi’,Li’,Di’,Fi’>Giving the mobile device;
(3) after receiving the message from the gateway, the mobile device calculates Bi=r1⊕Bi’,Li=h(Li’||IDi||PWi||r1),Gi=r1⊕h(IDi||PWi),Di=Di’⊕h(HIDi||r1),Fi=Fi’⊕h(HPWi||r1) Will be<MAi,Bi,Li,Gi,Di,Fi,h(·)>Storing the data into a memory of the mobile equipment;
medical sensor registration: embedding a PUF module into a sensor to be registered, and then registering the sensor with a gateway node closest to the PUF module, wherein the registering steps are as follows:
(1) gateway node generates a unique ID for medical sensorjThen, send<IDj>Providing a medical sensor;
(2) upon receiving the IDjThen, the sensor calculates the challenge IDjCorresponding response Rj=PUFj(IDj) Will be<Rj>Sending the data to a gateway;
(3) the gateway receives RjThereafter, a temporary identity TID is generatedjCalculating Hj=h(TIDj||h(IDj||IDg||Kg)),Ij=IDj⊕Hj(ii) a Transmission over a secure channel<Rj,IDj,Ij>To the hospital, and storing in the data center<Rj,IDj,Ij old=null,Ij new=Ij>Then, the parameter R is broadcasted to all gateway nodes in the block chainj(ii) a Through a consensus mechanism, the gateway node assigns RjPacking into a new block and connecting to the existing block chain; rjCorresponding to an index, the gateway node passes through R in the authentication phasejFinding data stored in a data center<Rj,IDj,Ij old=null,Ij new=Ij>;
(4) The gateway will<Hj>Sending to the sensor, storing the medical sensor<IDj,Hj,h(·)>。
4. The telemedicine monitoring system of claim 1, wherein the access control phase comprises: (1) logging in: a user inputs a correct user name and a correct password on mobile equipment to log in; after the login is successful, the mobile equipment of the user sends a request for accessing a certain medical sensor to the gateway node;
(2) the gateway node verifies the authenticity of the user: if the user passes the verification, the gateway node sends an authentication request to the medical sensor, and if the verification fails, the access request of the user is immediately terminated;
(3) the medical sensor verifies the authenticity of the gateway node: the medical sensor verifies the request of the gateway node, verifies the authenticity of the gateway node, and if the verification is passed, a confirmation message is sent to the gateway node;
(4) the gateway node verifies the authenticity of the medical sensor: the gateway node verifies the authenticity of the medical sensor, and if the verification is successful, confirmation information is sent to a remote user;
(5) the user verifies the authenticity of the gateway node: if the authentication is successful, a session key is negotiated between the user and the accessed medical sensor, and secure communication between the user and the medical sensor is realized.
5. The telemedicine monitoring system of claim 1, wherein the access control phase further comprises: a user logs in on a mobile device; after the login is successful, the user accesses the medical sensor device by using the mobile device; the user and the medical sensor complete mutual authentication with the help of the gateway node and generate a session key for subsequent communication;
(1) logging in: a user inputs an identity and a password in a mobile device; the mobile device calculates r1=Gi⊕h(IDi||PWi),HIDi=h(IDi||r1),HPWi=h(IDi||PWi||r1),r2=Bi⊕r1⊕h(HIDi||HPWi),Li’=h(HIDi||HPWi||r1),Li *=h(Li’||IDi||PWi||r1) Checking Li *=LiWhether the result is true or not; if not, the login request is terminated, otherwise, the user login is successful; the mobile device generates a current time stamp t1And a temporary interaction number niCalculating Di’=Di⊕h(HIDi||r1),Fi’=Fi⊕h(HPWi||r1),S1=Di’⊕r2,S2=S1⊕t1,S3=h(S1||t1)⊕MAi,S4=Fi’⊕ni,S5=IDj⊕h(ni||Fi’),S6=h(MAi||ni||Fi’||IDj||S2||S4||t1) And M is1=<S2,S3,S4,S5,S6,t1>Sending to the gateway node;
(2) the gateway node verifies the authenticity of the user: the gateway node checks the freshness of the received message and if the message is fresh, the gateway calculates S1=t1⊕S2,MAi=h(S1||t1) Checking MAiWhether or not it exists in a regionIf the block chain does not exist, the authentication is terminated; otherwise, the gateway node MA according to the storage addressiRetrieving from a data center<TIDi,Ei>Calculating Fi’=h((Ei⊕TIDi)||TIDi),ni=S4⊕Fi’,IDj=S5⊕h(ni||Fi’),S6 *=h(MAi||ni||Fi’||IDj||S2||S4||t1) Checking S6 *=S6Whether the time stamp is established or not, if so, the gateway node generates the current time stamp t2Calculating S7=IDj⊕t2,S8=h(IDj||t2) Will M2=<S7,S8,t2>To a medical sensor;
(3) the medical sensor verifies the authenticity of the gateway node: the medical sensor checks the freshness of the received message and if this condition is true, the medical sensor calculates the IDj=S7⊕t2,S8 *=h(IDj||t2) Checking S8 *=S8Whether the result is true or not; if so, the medical sensor generates a temporary interaction number njAnd a current time stamp t3Calculating Rj=PUFj(IDj),S9=Rj⊕t3,S10=nj⊕h(IDj||Hj||t3),S11=h(Rj||nj||S10||t3) And combining M3=<S9,S10,S11,t3>Sending to the gateway node;
(4) the gateway node verifies the authenticity of the medical sensor: the gateway node checks the freshness of the received message and if the message is fresh, the gateway node calculates Rj=S9⊕t3Checking RjWhether the block chain exists in the block chain or not, if not, the authentication is terminated; otherwise, the gateway is according to RjRetrieving from a data center<Rj,IDj,Ij>Calculating nj=S10⊕h(IDj||(IDj⊕Ij)||t3),S11 *=h(Rj||nj||S10||t3) Checking the condition S11 *=S11Whether the result is true or not; if so, the gateway node generates a current timestamp t4Calculating TIDi *=h(Kg||ni||t3),TIDj *=h(Kg||nj||t1),S12=Fi’⊕TIDi *,S13=MAi⊕TIDj *,S14=h(MAi||Fi’)⊕nj,Fi *=h(h(IDg||Kg||TIDi *)||TIDi *),S15=Fi *⊕Fi’,S16=h(IDg||Kg||TIDi *)⊕(Ei⊕TIDi),S17=h(TIDi *||S13||nj||S15||S16||t4),Ei *=h(IDg||Kg||TIDi *)⊕TIDi *,S18=Rj⊕ni,S19=h(IDj||(IDj⊕Ij)||t4)⊕TIDi *,S20=h(ni||TIDi *)⊕TIDj *,Hj *=h(TIDj *||h(IDj||IDj||Kg)),Ij *=IDj⊕Hj *,S21=h(TIDi *||TIDj *)⊕Hj *,S22=h(TIDj *||ni||S19||S21||t4) (ii) a Gateway node sending M4=<S12,S13,S14,S15,S16,S17,t4>To users and M5=<S18,S19,S20,S21,S22,t4>To the medical sensor node and send the TID over a secure channeli *,Ei *,Ij *To data centers, data center updates<TIDi old=TIDi,TIDi new=TIDi *,Ei old=Ei,Ei new=Ei *>,<Rj,IDj,Ij old=Ij,Ij new=Ij *>(ii) a Medical sensor receiving message M5Thereafter, the current timestamp t is checked4 *Whether or not | t is satisfied4 *-t4| < delta t; if the condition is true, the medical sensor calculates ni=S18⊕Rj,TIDi *=S19⊕h(IDj||Hj||t4),TIDj *=S20⊕h(ni||TIDi *),S22 *=h(TIDj *||ni||S19||S21||t4) Checking S22 *=S22Whether the result is true or not; if so, the sensor calculates SKij=h(TIDi *||TIDj *||ni||nj),Hj *=h(TIDi *||TIDj *)⊕S21Update H in its memoryjBy Hj *
(5) The user verifies the authenticity of the gateway node: the user checks the freshness of the message after receiving the message; if the condition is true, the user calculates the TIDi *=S12⊕Fi’,TIDj *=S13⊕MAi,nj=S14⊕h(MAi||Fi’),S17 *=h(TIDi *||S13||nj||S15||S16||t4) Checking S17 *=S17Whether the result is true or not; if so, the mobile device calculates SKij=h(TIDi *||TIDj *||ni||nj),Fi new=S15⊕Fi
Figure FDA0003538933680000041
By Fi new
Figure FDA0003538933680000042
Substituting F in memoryi,Di
(6) And (5) after the steps (1) to (5) are finished, the user safely accesses the medical sensor.
6. A telemedicine monitoring system to which the telemedicine monitoring method according to any one of claims 1 to 5 is applied, the telemedicine monitoring system comprising:
the data center is used for storing information of users and medical sensors during registration and physiological data of patients;
the gateway node is deployed near the medical sensor and is used for receiving data acquired by the medical sensor to perform calculation, transmission, temporary storage and real-time analysis;
the medical sensor is used for collecting physiological data of a patient and transmitting the physiological data to the gateway node, and the gateway node transmits the data to the data center;
a user for accessing a certain medical sensor through the gateway node using the mobile device;
the system comprises a block chain network, a private block chain network and a gateway node, wherein the private block chain network is formed by a plurality of gateway nodes which are miners' nodes; the gateway node obtains the authorization of a system administrator before joining the block chain network, and maintains the block chain by using a PoS (PoS common identification) mechanism; during the user and medical sensor enrollment phase, the secret information used during the authentication phase is stored in the tiles, the structure of the tile chain being such that said information is not tampered with.
7. The telemedicine monitoring system of claim 6, wherein each gateway node is connected to one or more medical sensors; the user comprises a doctor.
8. A computer device, characterized in that the computer device comprises a memory and a processor, the memory storing a computer program which, when executed by the processor, causes the processor to carry out the steps of:
in the initialization stage, a plurality of gateway nodes are used as miner nodes to be added into the block chain network; in the registration stage, a user and a medical sensor are registered in a gateway node; and in the access control stage, the real identity of each entity is verified, and the user can safely access a certain medical sensor.
9. A computer-readable storage medium storing a computer program which, when executed by a processor, causes the processor to perform the steps of:
in the initialization stage, a plurality of gateway nodes are used as miner nodes to be added into the block chain network; in the registration stage, a user and a medical sensor are registered in a gateway node; and in the access control stage, the real identity of each entity is verified, and the user can safely access a certain medical sensor.
10. An information data processing terminal, characterized in that the information data processing terminal is used for implementing the telemedicine monitoring system according to any one of claims 6 to 7.
CN202210232321.9A 2022-03-09 Remote medical monitoring method, system, medium, equipment and terminal Active CN114615299B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210232321.9A CN114615299B (en) 2022-03-09 Remote medical monitoring method, system, medium, equipment and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210232321.9A CN114615299B (en) 2022-03-09 Remote medical monitoring method, system, medium, equipment and terminal

Publications (2)

Publication Number Publication Date
CN114615299A true CN114615299A (en) 2022-06-10
CN114615299B CN114615299B (en) 2023-07-21

Family

ID=

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116614809A (en) * 2023-05-08 2023-08-18 肇庆学院 Wireless sensor network authentication protocol method based on physical unclonable function

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116614809A (en) * 2023-05-08 2023-08-18 肇庆学院 Wireless sensor network authentication protocol method based on physical unclonable function
CN116614809B (en) * 2023-05-08 2024-01-12 肇庆学院 Wireless sensor network authentication method based on physical unclonable function

Similar Documents

Publication Publication Date Title
Adavoudi-Jolfaei et al. Lightweight and anonymous three-factor authentication and access control scheme for real-time applications in wireless sensor networks
CN112954675B (en) Multi-gateway authentication method, system, storage medium, computer device and terminal
CN112953727B (en) Internet of things-oriented equipment anonymous identity authentication method and system
Shin et al. Two-factor authenticated key agreement supporting unlinkability in 5G-integrated wireless sensor networks
CN108418691B (en) Dynamic network identity authentication method based on SGX
CN112235235B (en) SDP authentication protocol implementation method based on cryptographic algorithm
TW201812630A (en) Block chain identity system
CN109981639B (en) Block chain based distributed trusted network connection method
Guo et al. Fog-centric authenticated key agreement scheme without trusted parties
Jiang et al. Two-factor authentication protocol using physical unclonable function for IoV
CN109687965A (en) The real name identification method of subscriber identity information in a kind of protection network
CN114143343B (en) Remote access control system, control method, terminal and medium in fog computing environment
Tanveer et al. REAP-IIoT: Resource-efficient authentication protocol for the industrial Internet of Things
Zargar et al. A lightweight authentication protocol for IoT‐based cloud environment
Shao et al. A PUF-based anonymous authentication protocol for wireless medical sensor networks
Irshad et al. An improved lightweight multiserver authentication scheme
Zerrouki et al. PUF-based mutual authentication and session key establishment protocol for IoT devices
Xue et al. A Lightweight Three‐Factor Authentication and Key Agreement Scheme for Multigateway WSNs in IoT
Hussain et al. An improved authentication scheme for digital rights management system
JP4874007B2 (en) Authentication system, server computer, program, and recording medium
Hussain et al. An efficient and reliable user access protocol for Internet of Drones
Moni et al. Secure and efficient privacy-preserving authentication scheme using cuckoo filter in remote patient monitoring network
Cui et al. Multi-factor based session secret key agreement for the Industrial Internet of Things
Chaudhary et al. Secure Authentication and Reliable Cloud Storage Scheme for IoT-Edge-Cloud Integration
Lee et al. Secure and Anonymous Authentication Scheme for Mobile Edge Computing Environments

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20231115

Address after: 200120 Pudong New Area, Shanghai, China (Shanghai) free trade trial area, No. 3, 1 1, Fang Chun road.

Patentee after: Binoji (Shanghai) Biotechnology Co.,Ltd.

Address before: 230000 floor 1, building 2, phase I, e-commerce Park, Jinggang Road, Shushan Economic Development Zone, Hefei City, Anhui Province

Patentee before: Dragon totem Technology (Hefei) Co.,Ltd.

Effective date of registration: 20231115

Address after: 230000 floor 1, building 2, phase I, e-commerce Park, Jinggang Road, Shushan Economic Development Zone, Hefei City, Anhui Province

Patentee after: Dragon totem Technology (Hefei) Co.,Ltd.

Address before: 430079 No.152 Luoyu Road, Hongshan District, Wuhan City, Hubei Province

Patentee before: CENTRAL CHINA NORMAL University