远程医疗环境下面向多服务器的轻量级多因子身份认证协议研究  被引量：5

作　　者：张敏[1,2] 许春香[1] 黄闽英[3] ZHANG Min;XU Chunxiang;HUANG Minying(School of Cyberspace Security,University of Electronic Science and Technology of China,Chengdu Sichuan 611731,China;Language Center,Southwest Minzu University,Chengdu Sichuan 610041,China;School of Computer Science and Technology,Southwest Minzu University,Chengdu Sichuan 610041,China)

机构地区：[1]电子科技大学网络空间安全学院,四川成都611731 [2]西南民族大学语言中心,四川成都610041 [3]西南民族大学计算机科学与技术学院,四川成都610041

出　　处：《信息网络安全》2019年第10期42-49,共8页Netinfo Security

基　　金：国家自然科学基金[61370203];国家重点研发计划[2017YFB0802000];中央高校基本科研业务费专项基金[2018NQN60]

摘　　要：现有的远程医疗环境身份认证都是针对单服务器环境的,随着远程医疗体系的发展,用户需要访问多个医院服务器查询病情,也需要访问医保网站查询报销情况或访问其他第三方服务器。因此,对远程医疗环境下多服务器身份认证方案的研究具有积极意义。2019年,BARMAN等人提出了远程医疗环境下多服务器身份认证方案,但该方案存在可扩展性差、易遭受特权攻击、不能实现访问控制等安全问题。为了解决这些问题,文章提出了基于Fuzzy Commitment和HMAC算法的多因子身份认证方案,通过安全性分析、证明及仿真实验可知,文中方案具有较高的安全性,虽然计算量和通信开销略有增长,但能较好地解决BARMAN等人方案面临的安全威胁。The existing telemedicine environment identity authentication is aimed at a single server environment.With the development of telemedicine systems,users have access to multiple hospital servers to query for medical conditions,as well as hospital server and commercial insurance or other third-party servers.Therefore,the research on multi-server identity authentication scheme in telemedicine environment has positive significance.In 2019,BARMAN et al.proposed a multiserver identity authentication scheme for telemedicine environment,but there are still many security problems in this scheme,such as poor scalability,vulnerable to privileged attacks,and inability to implement access control.In order to solve the above problems,this paper proposes a multi-factor identity authentication scheme based on Fuzzy Commitment and HMAC algorithm.Through analysis,it can be seen that the proposed scheme can solve the security threats of BARMAN’S scheme though the computation and communication increased slightly.

关 键 词：多因子身份认证 散列消息身份验证码 多服务器 轻量级 模糊承诺 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]