Secure and Lightweight Remote Medical System

The remote medical system helping the doctor in one city to diagnose the patient in another city improves the health-care quality greatly, and reduces the medical cost significantly. However, the security issue must be paid enough attention, for example, the unregistered devices may be illegally connected to the system, and the unauthorized doctor may access the system, therefore, the authentication is necessary to address these security problems. In this paper, a practical remote medical system is presented using multi-factor authentication and group key distribution technique. Compared with the previous literatures, the system burden is greatly reduced. Specifically, when a doctor needs to invoke the remote medical devices, he firstly calls the server. After the doctor is authenticated by the server, the server constructs a communication group including itself, the doctor, and the invoked devices using Shamir’s secret sharing, which is proved to be more secure and efficient for the practical environment. Moreover, the proposed scheme can resist the impersonation attacks, the password guessing attacks, the eavesdropping attacks, etc