원격의료 환경에서 개인생체정보의 인증 및 접근제어에 관한 연구

In this paper, we consider healthcare environment which gateway collects biometric informations measuring with bio-sensor by the user in the home and sends the information to HMC(Health Management Center) that nurse residents through the web for routine healthcare. The gateway is essential to authenticate with bio-sensor and HMC to protect against a variety of threats as a kind of server on the network. This study is to propose new methods for authentication between gateway and biosensor and between gateway and HMC in this circumstance. The authentication between gateway and HMC is based on the handshaking protocol of RFC 2246 TLS standard and its security in the proposed scheme. In terms of operations, the proposed authentication scheme between biosensor and gateway features the generation of a random number once by biosensor and gateway, respectively, two times of XOR operation, and one time of encoding & decoding operation. Therefore, given the low-power characteristic of biosensor, it is very efficient. In addition, since a random number is used for encoding and decoding operation, the data to be transmitted is not only variable, but safe from illegal third parties' attacks, including eavesdropping, location-tracking, spoofing, and replay. In particular, the proposed schemes can be applied directly to ISO/IEEE 11073-20601 standard. Therefore, it is judged that the proposed authentication scheme is very useful in the point that it added the mutual authentication function to biosensor, gateway, and HMC to implement safer and more efficient telemedicine environment.