Abstract:
e-Healthcare is an emerging field that provides mobility to its users. The protected health information
of the users are stored at a remote server (Telecare Medical Information System) and
can be accessed by the users at anytime. Many authentication protocols have been proposed to
ensure the secure authenticated access to the Telecare Medical Information System. These protocols
are designed to provide certain properties such as: anonymity, untraceability, unlinkability,
privacy, confidentiality, availability and integrity. They also aim to build a key exchange mechanism,
which provides security against some attacks such as: identity theft, password guessing,
denial of service, impersonation and insider attacks. This thesis reviews these proposed authentication
protocols and discusses their strengths and weaknesses in terms of ensured security and
privacy properties, and computation cost. The schemes are divided in three broad categories of
one-factor, two-factor and three-factor authentication schemes. Inter-category and intra-category
comparison has been performed for these schemes and based on the derived results we propose a
hybrid solution based on the roles of the users. The propose solution ensures security and privac
properties for physicians and ensure easiness for patients. The research also presents future research
directions and recommendations that can be very helpful to the researchers who work on
the design and implementation of authentication protocols.
