S. Tan, Ka-Man Chirs Lo, Y. Leau, G. Chung, F. Ahmedy
{"title":"Securing mHealth Applications with Grid-Based Honey Encryption","authors":"S. Tan, Ka-Man Chirs Lo, Y. Leau, G. Chung, F. Ahmedy","doi":"10.1109/IICAIET51634.2021.9573645","DOIUrl":null,"url":null,"abstract":"Mobile healthcare (mHealth) application and technologies have promised their cost-effectiveness to enhance healthcare quality, particularly in rural areas. However, the increased security incidents and leakage of patient data raise the concerns to address security risks and privacy issues of mhealth applications urgently. While recent mobile health applications that rely on password-based authentication cannot withstand password guessing and cracking attacks, several countermeasures such as One-Time Password (OTP), grid-based password, and biometric authentication have recently been implemented to protect mobile health applications. These countermeasures, however, can be thwarted by brute force attacks, man-in-the-middle attacks and persistent malware attacks. This paper proposed grid-based honey encryption by hybridising honey encryption with grid-based authentication. Compared to recent honey encryption limited in the hardening password attacks process, the proposed grid-based honey encryption can be further employed against shoulder surfing, smudge and replay attacks. Instead of rejecting access as a recent security defence mechanism in mobile healthcare applications, the proposed Grid-based Honey Encryption creates an indistinct counterfeit patient's record closely resembling the real patients' records in light of each off-base speculation legitimate password.","PeriodicalId":234229,"journal":{"name":"2021 IEEE International Conference on Artificial Intelligence in Engineering and Technology (IICAIET)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE International Conference on Artificial Intelligence in Engineering and Technology (IICAIET)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IICAIET51634.2021.9573645","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2
Abstract
Mobile healthcare (mHealth) application and technologies have promised their cost-effectiveness to enhance healthcare quality, particularly in rural areas. However, the increased security incidents and leakage of patient data raise the concerns to address security risks and privacy issues of mhealth applications urgently. While recent mobile health applications that rely on password-based authentication cannot withstand password guessing and cracking attacks, several countermeasures such as One-Time Password (OTP), grid-based password, and biometric authentication have recently been implemented to protect mobile health applications. These countermeasures, however, can be thwarted by brute force attacks, man-in-the-middle attacks and persistent malware attacks. This paper proposed grid-based honey encryption by hybridising honey encryption with grid-based authentication. Compared to recent honey encryption limited in the hardening password attacks process, the proposed grid-based honey encryption can be further employed against shoulder surfing, smudge and replay attacks. Instead of rejecting access as a recent security defence mechanism in mobile healthcare applications, the proposed Grid-based Honey Encryption creates an indistinct counterfeit patient's record closely resembling the real patients' records in light of each off-base speculation legitimate password.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
