Anonymous Authentication Scheme for Smart Cloud Based Healthcare Applications

© 2013 IEEE. Many smart healthcare applications are adopting cloud to provide services to patients. However, the sensitive data can be disclosed to the authentication server/service provider. Therefore, security and privacy are crucial to its success and deployment at large scale. Patients don't want to disclose their identities to the cloud server. One way to protect their identities from cloud server is anonymous authentication. The authentication process normally involves disclosing users' private information, such as username and password to the authentication server. If the patient can be linked or tracked by the authentication server or malicious adversaries by their requests, their privacy can be breached. Most of the existing privacy preserving health care applications provides anonymity from the adversaries. However, very few of them provide anonymity from the authentication server. In this paper, we have proposed a system which provides complete privacy and anonymity to the users of health care applications from adversaries and the authentication server. In our proposed authentication scheme, we have utilized rotating group signature scheme based on Elliptic curve cryptography to provide anonymity to the patients. To add an extra layer of protection, we have used The Onion Router to provide privacy at the network layer. The performance of our scheme is evaluated by theoretical analysis which demonstrates that it resists various attacks and provides several attractive security features.