Secure and Efficient data communication protocol for Wireless Body Area Networks
Wireless Body Area Networks (WBANs) are expected to play a major role in the field of patient-health monitoring in the near future, which gains tremendous attention amongst researchers in recent years. One of the challenges is to establish a secure communication architecture between sensors and users, whilst addressing the prevalent security and privacy concerns. In this paper, we propose a communication architecture for BANs, and design a scheme to secure the data communications between implanted /wearable sensors and the data sink/data consumers (doctors or nurse) by employing Ciphertext-Policy Attribute Based Encryption (CP ABE)  and signature to store the data in ciphertext format at the data sink, hence ensuring data security. Our scheme achieves a role-based access control by employing an access control tree defined by the attributes of the data. We also design two protocols to securely retrieve the sensitive data from a BAN and instruct the sensors in a BAN. We analyze the proposed scheme, and argue that it provides message authenticity and collusion resistance, and is efficient and feasible. We also evaluate its performance in terms of energy consumption and communication/computation overhead.
PROJECT OUTPUT VIDEO:
- As a sensor that collects patient information, all it cares is to distribute the information to authorized doctors and other experts securely. However, there are challenges everywhere: Data should be transmitted in a secure channel, and we all know the challenges in securing wireless communication channels. Node authentication is the most fundamental step towards a BAN’s initial trust establishment, key generation, and subsequent secure communications.
- There exist research that enables embedded sensors to establish a session key with each other by leverage physiological signals such as Electrocardiograph (ECG).
- The most relevant existing research along three lines: (1) securing individual (implantable) devices within a BAN; (2) securing the communications within a BAN; and (3) identity-based cryptography for BANs.
DISADVANTAGES OF EXISTING SYSTEM:
- The key-distribution in symmetric encryption is challenging. And symmetric encryption is not a good choice for broadcasting a message because it involves some challenging issues, such as key-management and access control. At the same time, due to the limitation of memory space in sensors, a data sink, which has considerably larger memory and computation power, is employed to store data.
- Recent research disclosed that smartphones suffer from severe privacy concerns since many applications often cross the line and read sensitive data at their free will (for example, almost all apps read user’s location).
- A patient’s IPI information may be remotely captured by an ultra-wide-band (UWB) radar device. This leads to a significant security threat as an adversary with a UWB radar can first capture the IPI and then use it to compromise the patient’s health information.
- We propose a novel encryption and signature scheme based on CP ABE in this paper to address the secure communication problem and provide the required security services mentioned above for BANs.
- A sensor can control the access to the data it has produced by constructing an access structure. For example, by constructing the access structure (fGWU hospitalg AND fVascular Surgery OR Cardiac Surgeryg), the data requires that only doctors or experts in GWU hospital, Vascular Surgery Center or Cardiac Surgery Center can have the access right.
- Data are stored in ciphertext format at the data sink and the trust we put on the data sink is now drastically decreased as the data sink does not have the key to decrypt the stored ciphertext. However, the scheme belongs to the asymmetric encryption family, which implies a high computational cost. This problem is addressed by using the scheme to encrypt a session key and then the data is encrypted by symmetric encryption based on the session key.
ADVANTAGES OF PROPOSED SYSTEM:
- We propose a framework that enables authorized doctors and experts to access a patient’s private medical information securely.
- Instead of using software or other mechanism to perform access control, we use encryption and signature method to provide a role-based encrypted access control.
- The sensor has the ability to control who has access to its data by constructing an access structure for the data.
- We minimize the trust that people usually put on the data sink by storing the data in ciphertext. The compromise of the data stored at the data sink does not necessarily indicate that the data is compromised.
- We evaluate the performance of the proposed scheme in terms of energy consumption and communication/computation overhead.
- System : Pentium Dual Core.
- Hard Disk : 120 GB.
- Monitor : 15’’ LED
- Input Devices : Keyboard, Mouse
- Ram : 1 GB
- Operating system : Windows 7.
- Coding Language : NET,C#.NET
- Tool : Visual Studio 2008
- Database : SQL SERVER 2005
Chunqiang Hu, Student Member, IEEE, Hongjuan Li, Xiuzhen Cheng, Fellow, IEEE, Xiaofeng Liao, Senior Member, IEEE, “Secure and Efficient data communication protocol for Wireless Body Area Networks”, IEEE TRANSACTIONS ON MULTI-SCALE COMPUTING SYSTEMS, 2016.