Cloud-based Secure TeleMedicine Information System using Crypto-Biometric Techniques

INTRODUCTION: TeleMedicine Information System (TMIS) uses information and communication technology (ICT) for providing remote medical consultations. Taking the beneﬁts of ICT, a sick person may distantly get regular telecare medical consultations with his/her remote medico. The backbone of ICT is the Internet, which is open-standard architecture. Due to the openness of the architecture, there are many security vulnerabilities to the TMIS. OBJECTIVES: To provide secured telemedicine consultation between a sick person and a medico and, to maintain the privacy of the sick person information. METHODS: This paper proposes a security enhancement to the TMIS using crypto-biometrics fusion, which consists of Elliptic Curve Cryptography (ECC) algorithm and iris biometrics. The paper also compares the e ﬃ ciency of ECC with the Rivest-Shamir-Adleman (RSA) algorithm. RESULTS: The result of the simulation proves that the o ﬀ ered model provides a high level and robust security than RSA based model. CONCLUSION: This paper provides robust user authentication and achieves the data conﬁdentiality of the TMIS, which uses a cloud computing system for its smooth functioning and wider scope.


Introduction
The term telemedicine literally means "healing at a distance", was introduced by the American Thomas Bird in the 1970s.The origins of this technology, however, date back to the beginning of the 20th century.[33].Telemedicine offers a sick person the opportunity to interact with his medico, even though they live in faraway places.The sick person gets a digital prescription after consultation with the medico, which allows the sick person to take adequate medication and precautions for their care and thus enjoys a healthy

Similar Research and Review of Literature
Online consultations of telemedicine system between specialists and referring medicos develop novel ideas which can be applied to sick person in timely and hassle free manner for providing best treatment to the sick person [14].Communication can be considered as the main ingredient in medical care [29].A survey has been conducted for the telemedicine system, which suggests that the telemedicine still requires some time to become ubiquotous e-service.Different barriers have been studied with the help of earlier published works.There are some pioneer obstacles, such as technologyspecific barriers, strategies for change management, and alternative delivery by telemedicine and contact between sick person and provider [31].A practical and secure telemedicine system for user mobility is proposed [30], in which the system uses symmetric key cryptography for providing confidentiality between Patient and Doctor.This system generates a session key for every session between Patient and Doctor.The session key generation, distribution, and management are tedious task for the key generator i.e.Home Server (HS).Other case in which HS and Remote Server (RS) work as intermediary between Patient and Doctor, here also the Patient authentication with RS is time taking and problematic if the RS may behaves maliciously.The main issue with symmetric key cryptography is key distribution.Kumar et al. [16] propose cloud-assisted TMIS, which suggests a strong secure authentication system and manages a good resource efficiency.A protocol for efficient digital image telemedicine protection is proposed [32] using D[W/C]T (Discrete Wavelet/Cosine transform).Nonetheless, [32]'s paper suggests only digital image protection, with no related solution for text-based data available.Several researchers have exemplified in the literature on how cryptographic models are implemented using biometric-based keys.Biometric traits produce these keys.The following is a short analysis of a few selected papers: Hao et al. [9] used iris-based biometric cryptographic keys to depict the implementation of the 128-bit AES cryptography model, which first produces genuine IrisCodes and then creates a regenerated binary digit known as the biometric key of up to 140 bits.Yao-Jen et al. [4] proposes face-based cryptographic-key generation.The main problem with face biometric is that after certain years shape and size of face changes, and then False Rejection Rate increases.Monrose et al. [28] proposes voice-based cryptographic key generation, there is a risk of recording the voice-based password and later imposter can use it.Other implied crypto-biometric approaches are given in [1,8,[17][18][19][20][21][22]34].

ECC
Elliptic curves that are not directly related to ellipses are cubic equations in two variables similar to the equations used to calculate integrals of ellipses in arc lengths.The generalized EC cubic equation is as follows: where, 'a' and 'b' are the coefficients and 'prm' is a large prime digit of desired security length of the EC, and the discriminant, ∆ = 4a 3 + 27b 2 0. The ∆ 0 requires the formation of a group and thus the use of the elliptic curve to implement cryptography.ECC is a method for public-key cryptography [7], proposed by two authors independently (Neil Koblitz [15] and Victor S. Miller [27]) in late 1985.In ECC, first of all, each character of the message must be converted into the form of a point(x, y).In this way, as many points as the length of the message are generated.Such generated points are encrypted and decrypted by ECC algorithm.ECC is regarded as an RSA algorithm competitor.
The RSA cryptography's security is dependent on the

Iris-Biometrics
An eye is a visual organ.An eye consists of several components.One of the important components is an iris, which is shown in Fig. 2. Referring to Fig. 2 of an eyeball, the sclera is a white portion, the pupil is the dark-black part in the middle, and the iris is a mixture of colored pigment, found between sclera and pupil.Because of iris's distinctive features, large quantities and non-counterfeiting [9] texture pattern [5], it offers a highly reliable and accurate user recognition tool compared to other biometrics characteristics [6].IrisCode is produced after finding the surrounding boundary between the portions of iris and pupil and the outer boundary between the iris and the sclera portions of the image of the eyeball.An iris is located as [9,10,13] do and then the localized characteristic, in turn, generates the IrisCode.The IrisCode eventually helps to generate cryptographic keys.The steps for IrisCode generation are shown in Fig. 3.

Cloud Computing
The ICT provides the platform to flourish the cloud computing technology.Cloud computing is on-demand service facilities available through the Internet or Intranet, which provides many services such as Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) [26].Due to its pay-per-use model of licensed computing resources as well as software services, Cloud Computing is expanding its client base [12].An organization, can use, these services as use and pay basis.These type of rental services helps an organization optimize its resources, minimize the cost of ever-growing IT infrastructure and software.One of the important services of cloud computing is SaaS, which helps an organization run a business application without any breakdown.This paper suggests a system for TMIS, which uses the PaaS service of the cloud computing system.The Cloud computing platform provides many services for different business applications to execute smoothly without any breakdown.One such recent application uses the cloud computing platform to generate an automated query system [11].

Suggested System
The Fig. 4 reflects the solution proposed.In this system, there are four different actors/units: the sick person, the reliable Health-care Provider, the Medico, and the Server hosted on a cloud computing environment.
The system consists a Health-care Provider Upload Procedures (HPUP_SP or HPUP_M) for a Sick Person and a Medico, a Sick Person data Upload Process (SPUP), a Treatment Process (TTP) and a Checkup Process (CKP).This system uses the iris biometrics characteristics of the sick person, health-care provider, and the medico to generate their private and public keys, and then those keys are utilized in ECC to ensure the safety of traveling messages related to medical consultation between the sick person and the medico.
The SP uses MD's PBK to encrypt plain-message, and this cipher-message is then sent to the MD.When the MD decrypts and receives a plain-message, then the MD understands the SP's issue and writes a prescription.The plain-prescription is encrypted by the MD using

A. Steps for the suggested system
In this system, all parties need two keys i.e.PVK and PBK.This scheme focuses primarily on the confidentiality of information security services using ECC.The receiver's PBK is used by the sender for encrypting the message, while, receiver's PVK is used by the receiver himself for decrypting the cipher message.
The PVKs of HP, MD, and SP get generated from hash-values of their IrisCodes.The cloud server uses a random number of the desired length as its PVK.
A CSP is approached by a HP and then they use the ECDHKX protocol to generate their PBKs, and a common secret-key (CSK) for them gets calculated using their PBKs.
In a similar way, MD and the HP, and, SP and the HP, use the ECDHKX protocol to generate their PBKs, and further their CSKs get calculated based on their PBKs.
The HP works as a trusted facilitator of medical infrastructure/services for the SP and the MD.The HP also coordinates them to the cloud server.
After an initial round of key-exchanges, the HP uses medico's PBK to encrypt the cloud server's PBK and send this encrypted data to the MD.
In a similar way, the HP uses the SP's PBK to encrypt the cloud server's PBK and sends this encrypted data to the SP.
In the CSP side, the CS stores the incoming ciphertext with a suitable bookmark in its database so that the CS can later recognize this ciphertext immediately.The bookmark may contain subject, sender, receiver, date and time.Only decryption happens when a user requests the data, and then the CS matches the incoming request of the user with the stored bookmark and decrypts the corresponding ciphertext with the help of ECC using its own PVK.This decrypted message is immediately sent to the requester.After sending the decrypted message, there is no availability of the decrypted message at the CS side, however, the corresponding ciphertext of the decrypted message still persists in the database.This way of storing and managing the data prevents insider attacks or other related attacks to the data-at-rest.
(i) In the HPUP-M phase, the HP encrypts MD's basic information and the MD's PBK, using the CS's PBK and then HP uploads this ciphertext to the CS.
(ii) In HPUP-SP phase, the SP approaches HP for treatment.First of all, as mentioned above, their keys get generated and exchanged.After that, the HP inspects the SP and then encrypts this inspected report and the SP's PBK, using the CS's PBK, and finally, HP uploads this ciphertext to the CS.
(iii) In the SPUP phase, the SP encrypts a request message to view his inspected report, using the CS's PBK, and then SP uploads this ciphertext to the CS.The CS decrypts this ciphertext using its own PVK.This decrypted plaintext is then encrypted with the help of ECC using SP's PBK.In this way, a confidentiality of the message is achieved amongst the stakeholders.If they need to exchange further information, then they have to follow the step-iii through step-v.

B. Key Exchange using ECDHKX I. Steps for generating PBK and CSK of users, the CS and the HP
Global public elements (i) Both the users, CS and HP, opt a large prime digit of desired security length, 'prm', as well as other parameters such as 'a' and 'b', which satisfy the above equation number 1: (ii) A reference point: R(x, y), is chosen from points of the EC.
The CS -key generation (i) Private key of the CS: PVK cs = a random number of the desired length.
(ii) Public key of of the CS: PBK cs (x, y)= PVT cs * R(x, y).
The HP -key generation (i) Private key of the HP: PVK hp = the HP's hash-value of his IrisCode.
(ii) Public key of of the HP: PBK hp (x, y)= PVT hp * R(x, y).

Calculation of a CSK between user, the CS and the HP
(i) CSK for the CS: CSK cshp (x, y) = PVK cs * PBK hp (x, y).

II. Steps for generating PBK and CSK of users, the MD and the HP
Global public elements (i) Both the users, MD and HP, opt a large prime digit of desired security length, 'prm', as well as other parameters such as 'a' and 'b', which satisfy the above equation number 1: (ii) A reference point: R(x, y), is chosen from points of the EC.
The MD -key generation (i) Private key of the MD: PVK md = the MD's hash-value of his IrisCode.
(ii) Public key of of the MD: PBK md (x, y)= PVT md * R(x, y).
The HP -key generation

Calculation of a CSK between users, the MD and the HP
(i) CSK for the MD: CSK mdhp (x, y) = PVK md * PBK hp (x, y).

III.
Steps for generating PBK and CSK of users, the SP and the HP Global public elements (i) Both the users, SP and HP, opt a large prime digit of desired security length, 'prm', as well as other parameters such as 'a' and 'b', which satisfy the above equation number 1: (ii) A reference point: R(x, y), is chosen from points of the EC.
The SP -key generation (i) Private key of the SP: PVK sp = the SP's hash-value of his IrisCode.
(ii) Public key of of the SP: PBK sp (x, y)= PVT sp * R(x, y).
The HP -key generation (i) Private key of the HP: PVK hp = the HP's hash-value of his IrisCode.
(ii) Public key of of the HP: PBK hp (x, y)= PVT hp * R(x, y).

Calculation of a CSK between users, the SP and the HP
(i) CSK for the SP: CSK sphp (x, y) = PVK sp * PBK hp (x, y).

C. Message encryption
The sender encodes plain-message into EC points, P msg (x, y).These EC points get encrypted by sender using the ECC alongwith receiver's PBK.Then the encrypted points are sent to the receiver.The steps for encoding and encrypting are mentioned below: (ii) The ECC Encryption module of the sender generates P msg (x, y) from the msg.
(iii) This module uses a temporary variable, h, which gets initialized as, [the CSK(x, y) point gets generated for the sender and the receiver during the ECDHKX phase].
(iv) The x-coordinate, of the EC point, is calculated as, where, the value of the variable, i, considers from 1 to h-1.
An integral value, y, get calculated, based on the value of x, such that the values of x and y, must satisfy equation number 1.If equation number 1 is not satisfied by these x and y values, then the value of the variable, i, is incremented to 1, and then the same process is applied until the equation number 1 is satisfied.In this way, whole msg is converted into different EC points(x,y).
(v) The cipher-message consists two EC points such as, where the PBK(x, y) is the receiver's public-key, and the intermediary variable, k, is randomly selected an integer value by the sender.
(vi) The sender sends this cipher-message to the receiver.

D. Message decryption
The receiver gets cipher-message, then it decrypts plain-message from cipher-message using decryption module, which requires its own's PVK.Steps for decrypting the cipher-message are given below: (i) The receiver gets C msg .
(ii) The receiver multiplies the point1 of the ciphermessage with its own's PVK, and, then subtracts the resultant point from the point2 of ciphermessage: The C msg is expressed as, After subtracting, the P msg is left, which is the plain-message point.
(iii) The decoding of the plain-message is done as, msg = f loor((P msg (x) − 1)/h) (7) where, the variable, h, gets value, based on equation number 2, and the floor function produces the greatest integer <= x.
(iv) The msg is the decrypted-message.
(v) Finally, the msg is uncoverted into corresponding decimal digits (from 0,1, These encryption and decryption processes are followed for all the communications to be made between different stakeholders in the TMIS.

A sample implementation of the communication security between the users, the sender and the receiver
This implementation proposes to improve the security enhancement of TMIS using ECC with iris biometrics.As mentioned above, the cryptographic keys of ECC are generated with help of eyeball IrisCodes for the sender and the receiver, except, the CS gets its PVK key based on a random integer.

A. Use of ECDHKX for generating and exchanging the keys like PBK, CSK.
The steps are given below: Global public elements (i) Both the sender and the receiver, choose values of ECC's parameters such that, a large prime digit, prm=8191, a=10, b=17, R(x, y)=(9, 3510).
The ECDHKX module evaluates the equation number 1, as per the values chosen for the ECC.The equation looks like, (iii) Encryption process: the generated plain points get encrypted with the help of the CS's PBK using the equation number 4, a sample cipher-message output is shown in the Fig. 6.
(iv) Once the cipher-message gets generated, and then, the same is sent to the CS.

C. The user, CS, a receiver of the cipher-message, sent by the SP
The CS receives a cipher-message from the SP, which is to be sent to the SP's MD for further diagnosis.
(i) Decryption process: the CS, decrypts the cipher-message of the SP with the help of decryption module of ECC using its own PVK.This module uses the equation number 5. Once decryption gets done successfully, the plain-points are generated, as shown in the Fig. 5.
(ii) Decoding process: the CS, decode the plainpoints into plain-message as per equation The CS also follows the same process for encrypting the plain-message of the SP and uploads the cipher-message to the MD.The MD gets the cipher-message and decrypts the same with his PVK using ECC.Once he understands the issues of the SP, he follows the same process of encrypting the response and uploads it to the CS.Then the CS decrypts back the plain-message sent by the MD.The CS encrypts this decrypted message with SP's PBK using ECC and sends it to the SP.In this way, the communication cycle is maintained.

Security Analysis
Cloud computing is a very scalable and strong model for small and medium business enterprises, who do not want to spend too much on ever-growing and changing hardware and software systems.However, they still want the benefit of these changing nature of the ICT

Conclusion
This article suggested a cloud-based TMIS security model, which provides secure online medical consultations between the SP and the MD via the CS.The HP acts as a trusted third party for providing healthcare services, which connects all other stakeholders to securely transmit healthcare information.The proposed model uses the eyeball irises of all stakeholders except the CS to generate their PVKs, and then they get their PBKs and CSKs on the basis of those PVKs.The CS uses a random number as its PVK of the desired length.The eyeball irises are very accurate biometric systems, which are formed at the early stage of the baby in the womb, and since then, they are unique always, unless or until there is no damage done to the irises.Sometimes these irises get damages, due to eye-related diseases.
In such cases, the proposed model allows generating strong PVKs of the desired length based on a random number generator, so that the same can not be easily guessed by the attackers.Upon implementation of the proposed models using ECC and RSA, this paper concludes that the model based on the ECC offers greater protection with less key length than the model based on RSA.At the CS side, this model does not store plain-messages of the TMIS in its database except the bookmarks.The bookmarks help in matching the desired message and then the CS decrypts that ciphermessage and sends it to the requester.Hence this model also provides security to the data-at-rest from insiderattacks or other related attacks.

( i )
Private key of the HP: PVK hp = the HP's hash-value of his IrisCode.(ii) Public key of of the HP: PBK hp (x, y)= PVT hp * R(x, y).