Data Authentication in Wireless Body Area Network ...

97 downloads 131859 Views 475KB Size Report
The empowerments in wireless communication technologies and sensors have developed the Wireless Body Area ..... ADVANTAGES & DISADVANTAGES OF.
INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

E-ISSN: 2349-7610

Data Authentication in Wireless Body Area Network (WBAN) Using A Biometric-Based Security Shreyas S. Tote1, Sameer M. Khupse2 and Kunal S. Bhutwani3 Computer science & Engineering, JDIET, Aanand Nagar, Yavatmal, [email protected] Computer science & Engineering, JDIET, Datt Nagar, Kalamb, [email protected] Computer science & Engineering, JDIET, Sindhi Colony,Yavatmal, [email protected]

ABSTRACT The empowerments in wireless communication technologies and sensors have developed the Wireless Body Area Network (WBAN). The rapid growth in physiological sensors, low-power integrated circuits, and wireless communication has enabled a new invention of wireless sensor networks, now used for purposes such as monitoring traffic and health etc. Wireless body area network (BAN) is a promising technology for real-time monitoring of physiological signals to support medical applications. A security system is to secure medical information communications using biometric features of the body in WBAN. In order to ensure the trustworthy and reliable gathering of patient’s critical health information, it is essential to provide node authentication servicing a BAN, which prevents an attacker from impersonation and false data/command injection. Biometrics refers to or metrics) related to human characteristics and traits. Biometric identification (or biometric authentication) is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance. Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals. Biometric identifiers are unique to individuals, they are more reliable in verifying identity than other method like token. Many different aspects of human physiology, chemistry or behavior can be used for biometric authentication.

Keywords: Wireless Body Area Network (WBAN), biometric, authentication, security

1. INTRODUCTION

acts as a sink for data of the sensor nodes and transmits them

The body area network (BAN) is a smart biomedical sensor

to the healthcare professional for health monitoring. The

platform, which provides the ability to measure a wide range

progression of WBAN is vital in modern telemedicine and m-

of signals, such as heart rate (ECG), activity, temperature or

health, but security remains a formidable challenge yet to be

muscle activity (EMG).Applying Wireless Sensor Network

resolved. As nodes of WBAN are expected to interconnect

(WSN) technology for various applications has been increased

between each other, the body itself can form an inherently

rapidly in the past few years, One of its innovative

secure communication pathway that is unavailable to all other

deployments is in the form of wireless biomedical sensor

kinds of wireless networks. It is believed that if it is used

network for measuring physiological signals, Wireless Body

properly, the system can naturally secure the information

Area Network (WBAN) is a wireless network used for

transmission within WBAN, where other 1techniques use

communication among sensor nodes operating on, in or

hardware and software to achieve the same purpose. In other

around the human body in order to monitor vital body

words, the biometric information collected from the human

parameters and movements, These monitoring signals are then

body can uniquely represent an individual, which is hard to be

gathered by a personal device, like PDA or smart phone that

deprived by suspicious intruders.

VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

136

INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

E-ISSN: 2349-7610

In this paper, a security system to secure medical information

devices may be embedded inside the body, implants, may be

communications using biometric features of the body in

surface-mounted on the body in a fixed position Wearable

WBAN

sender's

technology or may be accompanied devices which humans can

electrocardiogram (ECG) feature is selected as the biometric

carry in different positions, in clothes pockets, by hand or in

key for data authentication mechanism within WBAN system.

various bags. Whilst, there is a trend towards the militarization

Therefore, patient's records can only be sensed and derived

of devices, in particular, networks consisting of several

personally by this patient's dedicated WBAN system and will

miniaturized body sensor units (BSUs) together with a single

not be mixed with other patients. For accurate authentication,

body central unit (BCU).larger decimeter sized (tab and pad)

the statistical result is needed to prove the uniqueness of each

sized smart devices, accompanied devices, still play an

ECG signals. Besides, an encryption will be included by

important role in terms of acting as a data hub, data gateway

extracting

and providing a user interface to view and manage BAN

is

proposed.

biometric

Specifically,

feature

as

a

the

secret

key

for

communications within WBAN. But, it is not a major concern

applications, in-situ. The development of WBAN technology started around 1995 around the idea of using wireless personal

2. WHAT IS BIOMETRIC SECURITY? Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization. The dictionary meaning of security is The state of being free from danger or threat or The safety of a state or organization against

area

network

(WPAN)

technologies

to

implement

communications on, near, and around the human body. About six years later, the term "BAN" came to refer systems where communication is entirely within, on, and in the immediate proximity of a human body. A WBAN system can use WPAN wireless technologies as gateways to reach longer ranges.

criminal activity such as terrorism, theft, or espionage. Then the question arise what is mean by BIOMETRIC SECURITY?

3.1 Concept

For that first describe the term BIOMETRIC. A biometric

The rapid growth in physiological sensors, low-power

characteristic is a general term used to describe a measurable

integrated circuits, and wireless communication has enabled a

physiological and/or behavioral characteristic that can be used

new generation of wireless sensor networks ,now used for

for automated recognition. A biometric system provides an

purposes such as monitoring traffic, crops, infrastructure, and

automated method of recognizing an individual based on the

health. The body area network field is an interdisciplinary area

individual's biometric characteristics. Biometric modalities

which could allow inexpensive and continuous health

commonly implemented or studied include fingerprint, face,

monitoring with real-time updates of medical records through

iris, voice, signature, vein pattern, and hand geometry. Many

the Internet. A number of intelligent physiological sensors can

other modalities are in various stages of development and

be integrated into a wearable wireless body area network,

assessment. Biometric systems are commonly used to control

which can be used for computer-assisted rehabilitation or early

access to physical assets (laboratories, buildings, cash from

detection of medical conditions. This area relies on the

ATMs, etc.) or logical information (personal computer

feasibility of implanting very small biosensors inside the

accounts, secure electronic documents, etc). Biometric

human body that are comfortable and that don't impair normal

systems can also be used to determine whether or not a person

activities. The implanted sensors in the human body will

is already in a database, such as for social service or national

collect various physiological changes in order to monitor the

ID applications.

patient's health status no matter their location. The information will be transmitted wirelessly to an external processing unit.

3. WHAT IS WIRELESS BODY AREA

This device will instantly transmit all information in real time

NETWORK (WBAN)?

to the doctors throughout the world. If an emergency is

A body area network (BAN), also referred to as a wireless

detected, the physicians will immediately inform the patient

body area network (WBAN) or a body sensor network (BSN),

through the computer system by sending appropriate messages

is a wireless network of wearable computing devices.BAN

or alarms. Currently the level of information provided and

VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

137

INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

E-ISSN: 2349-7610

energy resources capable of powering the sensors are limiting.

sensor networks and uses several symmetric keys to encrypt

While the technology is still in its primitive stage it is being

the data as well as compute the Message Authentication Code

widely researched and once adopted, is expected to be a

(MAC). However, SPINS is only considered in general sensor

breakthrough invention in healthcare.

networks, so it is inadequate to be applied in WBAN as it has environmental features like the human body and limited

3.2 Applications

computing resources. Recently, WBAN security schemes have

Initial applications of BANs are expected to appear primarily

been introduced progressively using symmetric cryptosystem.

in the healthcare domain, especially for continuous monitoring

They concern with the limited resource issues of WBAN

and logging vital parameters of patients suffering from chronic

sensors, but have problems like delaying the disclosure of the

diseases such as diabetes, asthma and heart attacks. A BAN

symmetric keys and providing weak security relatively since it

network in place on a patient can alert the hospital, even

is not resilient against physical compromise. Furthermore, the

before they have a heart attack, through measuring changes in

complexity of sensor node’s key managements in WBAN

their vital signs. A BAN network on a diabetic patient could

makes each component overload. Due to these issues, some

auto inject insulin through a pump, as soon as their insulin

researchers believe that the sensors have to make use of

level declines.

Other applications of this technology include

symmetric cryptographic algorithms to encrypt the data they

sports, military or security. Extending the technology to new

send to control node and the random number that is used in

areas could also assist communication by seamless exchanges

security protocols can be generated by biometrics. They also

of information between individuals, or between individual and

believe that biometric is suitable for securing WBAN because

machines

its higher security level that can be achieved with less computation and memory requirement, when compared to the generic cryptosystems. On the contrary, some researches utilize the asymmetric cryptosystem in mobile and ad hoc networks and also try to examine the unique characteristics of WBAN. One concern about the asymmetric cryptosystem is a resource constraint problem but recent work has shown that performing ECC consumes a lot less of memory and computing power. These researches deal with a scope of limited WBAN but they exclude the implanted sensor

Fig 1 Wireless Body Area Network and its Working

networks. The objective of WBAN is also the implementation of body area network that can contact with everywhere in, on,

4. SECURITY ISSUES IN WIRELESS BODY

and out the human body. By comparison, each approach has several issues to be

AREA NETWORK

considered in terms of the security

services in WBAN.

At the initial stage, several research groups have contributed the substantial efforts on developing WBAN systems.

Further, there is a trade-off between performance and security.

However, these researchers mainly focused on building

Related to these, another research group has proposed these

system architectures and in lesser extent on evolving network

two heterogeneous cryptosystems in their research, which

protocols. Besides, it is difficult to discover solutions'

provides security and privacy to WBAN. They believe that

providing strong security system for WBAN and security has

these two cryptosystems can be applied in the authentication

generally been covered separately. Extending the scope of

of WBAN depleting each weak point of them at once. So their

technology, there are several security protocols in general

focus is on

sensor networks. Security protocols for Sensor Networks

utilized appropriately and partly in WBAN. However, all the

(SPINS) is a set of protocols for achieving security

above research works have focused on secret key distribution

requirements like confidentiality, integrity and authenticity in

issues and require time synchronization when biometric

VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

the method on how two cryptosystems can be

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

138

INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

information of the same human body cannot be available simultaneously. Consequently, they introduce a biometric-

E-ISSN: 2349-7610

Universal

population.

based security framework using wavelet-domain Hidden Markov Model. The aim is to achieve accurate authentication performance among body sensors without extra requirements

Distinctive

Sufficiently different in any two individuals

Permanent

Sufficiently invariant. With respect to the matching criterion. Over reasonable period

of key distribution and strict time synchronization. In this

of time

proposed approach, low cost authentication challenges is addressed by extracting statistically biometric information

Collectable

Easily

collected

and

measured

quantitatively.

from patient' s data and authenticate message signatures among WBAN communications with high accuracy. Thus, it

Possessed by the majority, if not the entire

Effective

Sufficiently invariant with respect to the matching criterion over a reasonable period

will certainly save resources while adequate security measures

of time.

are employed.

Yield a biometric system with good

5. WHY BIOMETRIC BASED SECURITY

Acceptable

performance that is given limited resources in

APPROACHES FOR DATA

terms

of

computation

power

complexity

consumption, and

memory

AUTHENTICATION?

storage, the characteristic should be able to

Biometric is a technique commonly known as the automatic

be processed at a fast speed with recognized

identification or verification of an individual by his or her

accuracy

physiological

or

behavioral

characteristics.

Biometric

approach uses an intrinsic characteristic of the human body as

Invulnerabl

Relatively difficult to reproduce such that

e

the biometric system would not be easily circumvented by fraudulent acts.

the authentication identity to secure the distribution of a cipher key within WBAN communications. Because of the data that are detected, collected and transmitted in WBAN is comparatively sensitive, an ideal biometric trait should present

5.1 Heart Rate Varianlity (HRV) Heart rate variability (HRV) signals

100% reliability, user friendly, fast operation and low cost.

characteristics and chaotic nature, which put up random

Besides, it is postulated that the utilized biometric should

characteristics

satisfy the following properties indicated in TABLE

communications. Additionally, unlike traditional biometric

and

thus

can

be

have

utilized

in

unique

secure

cryptosystems in generic networks such as fingerprint, iris pattern, palm print, hand geometry and facial pattern, the blood circulation system in a human body forms a unique secure communication path specifically available for WBAN. HRV is a physiological phenomenon where the time interval between heartbeats varies. The measurement of HRV provides a non-invasive measurement of the autonomic nervous system (ANS) activity, which comprises two basic components: the sympathetic and parasympathetic. The heart rate may be increased by acting sympathetic activity or decreased by acting parasympathetic activity. Changes in the balance of sympathetic/parasympathetic control of heart rate will result in measurable changes in HRV. The analysis has been applied TABLE1. BIOMETRIC PROPERTIES

widely to many clinical studies including sudden death, cardiovascular diseases, hypertension and diabetes HRV can be obtained using the variations of heartbeat-to heart beat

VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

139

INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

E-ISSN: 2349-7610

intervals that can be measured by any cardiac related signal.

of interval differences of successive normal-beat-to-normal-

However, the current, ECG is preferred compared traditional

beat intervals greater than 50milliseconds.

biometric. It is because of the following reasons

6. R-PEAK DETECTION

• Universality: ECG is inherent and natural, and can be

In order to avoid erroneous conclusions, it will be better if

collected from any living human subject.

only sinus rhythms are present in the tacho gram. Therefore,

• Permanence: ECG is stable over a large period of time. Even

pre-processing of the RR interval time series is very necessary

though certain localized characteristics of the pulses might get

.A normal ECG trace consists of a P wave, a QRS complex

distorted, the overall diacritical waves are still observable.

and a T wave. The P wave is the electrical signature of the

• Uniqueness: The inter-individual variability of ECG is a result of several parameters that control the waveforms. • Robustness: Because of the uniqueness and the person's own characteristics, it is extremely difficult to steal and use someone' s ECG, and it is equally difficult for an individual to mimic someone else's heart signals as they are the outcome of a combination of several sympathetic and parasympathetic factors of the human body. • Liveness detection:

current that causes atrial contraction, the QRS complex corresponds to the current that causes contraction of the left and right ventricles, and the T wave represents the repolarization of the Ventricles. The QRS complex is the most characteristic waveform of the signal with higher amplitudes. The R peaks have the largest amplitudes among all the waves making them easiest detect. However, QRS detection is difficult. It is not only because of the physiological variability of the QRS complex , but also

unlike other biometric technologies,

because of the various types of noise that can be present in the

ECG is collected from the living legitimate subject without

ECG signal. Noise sources include muscle noise, arte facts

requiring extra computational effort.

due to electrode motion, power-line interference, baseline

HRV can be analyzed by using two major techniques .One is

wander, and T waves with

statistically analyzing a sequence of RR intervals of ECG in

similar to QRS complex. Figure 2 shows a noisy ECG signal

time domain. The other one is analyzing the spectrum of the

(the upper part) and the output of QRS detection after pre-

same RR intervals of ECG data in frequency domain. In this

processing (the lower part). The peak amplitudes show the R

study, HRV will be analyzed in time domain since ECG

peaks of ECG signal

high frequency characteristics

signals are recorded in time series. Therefore, it can reduce computational complexity and save more resources. Time domain measures of HRV based on the data of the intervals between adjacent normal QRS complex have two major approaches. One is derived from direct measurements of normal beat to normal beat, NN intervals, which consist primarily of SDNN, the standard deviation of NN intervals. The standard deviation reflects all the cyclic components

Fig 2. Before and After the Pre-processing of ECG signal

responsible for variability in the period of recording. It can be calculated for 24 hours long-term recordings or for short term,

7. DATA AUTHENTICATION MODEL

five minutes recordings. In most heart rhythms, NN interval is

In the proposed model, the message authentication code

equivalent to the R-R interval. Another is derived from the

(MAC) can be generated with the input of biometric feature

difference between NN intervals and most commonly used

and hashes that are calculated based on the original message

measures include RMSSD and pNN50. The RMSSD is the

as shown in Figure 3 . Then, the message will be sent to the

square root of the mean squared differences of successive

destination. At the destination point, if the received signal

difference NN intervals. The pNN50 represents the proportion

matches statistically, it will be accepted and authenticated. Otherwise, the message is denied and discarded. The key point

VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

140

INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

E-ISSN: 2349-7610

of this technique is to utilize the statistically same biometric

ID cards or passwords. Human trait recognition and

information at both ends without any synchronization to

identification based on who you are, that is, biometrics is far

secure data distribution within WBAN. Figure 4 shows the

less susceptible to:

proposed biometric-based security for data authentication in



Duplication

WBAN.



Error



Mistakes



Fraud,



Forgery

7.2 Disadvantages Biometric technologies apply to human beings, they are affected and are limited by many situations that may affect the individual. For example, fingerprint technology may not be effective if the subject has dirty, deformed, or cut hands; iris Fig 3 Biometric Feature Used to Calculate MAC

technology may not be effective if the subject has a bad eye; and voice technology may be affected by infections. Also background noise can interfere with voice recognition systems. Affordability: Because biometric technologies are new technologies, they tend to be rather expensive without widespread use. For example, facial and voice recognition and iris technologies are still not yet affordable.

8. CONCLUSION Fig 4. Proposed Biometric-based Security for Data

In this paper, a biometric-based security framework proposed for data authentication within WBAN. Secure communications

Authentication

in BANs are strongly required to preserve a person‟s health

Authentication, itself, is used to simultaneously verify both the

privacy and safety. Especially, in some applications, security

data integrity and the authenticity of a message. Nevertheless,

attacks could even threaten the lives of people. Specifically,

encryption is also needed to protect data in transit especially

the sender's electrocardiogram (ECG) feature is selected as the

for data being transferred via networks. Therefore, encryption

biometric key for data authentication mechanism within

approaches in WBAN must be designed with low cost.

WBAN system. Therefore, patient's records can only be

However, the key distribution and management are difficult

sensed and derived personally from this patient's dedicated

and challenging in resource limited sensor nodes, especially in

WBAN system and cannot be mixed with other patients. The

biomedical sensor nodes. In this work, the biomedical signals

security system in WBAN must be implemented with low

are encrypted by using biometric feature as a cipher key to

computational complexity and high power efficiency. In this

remove the need for key distribution in WBAN

proposed approach, a low cost authentication challenge is addressed specifically by using biometric information instead

7. ADVANTAGES & DISADVANTAGES OF

of cryptographic key distribution. Thus, it will certainly save

BIOMETRICS

resources while adequate security measures are employed. The

7.1 Advantages

future work is to build experiment based on the proposed

The advantages of biometrics are that it is based on who you

system and to improve the system if needed.

are as opposed to what you have and what you know, such as VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

141

INTERNATIONAL JOURNAL FOR RESEARCH IN EMERGING SCIENCE AND TECHNOLOGY

E-ISSN: 2349-7610

REFERENCES [1]

P.Abina, K Dhivyakala, L.Suganya, S.Mary Praveena “Biometric Authentication System for

Body Area

Network Vol. 3, Issue 3, International Journal of Advanced Research in Electrical, Electronics and Instrumentation Engineering, Coimbatore, India March 2014 [2]

Sofia Najwa Ramlil, Rabiah Ahmad, Mohd Faizal Abdollah,

Eryk

Dutkiewicz4

“A

Biometric-based

Security for Data Authentication in Wireless Body Area NetworK(WBAN),ICACT January 27 ,2013 [3]

Systems and Network Analysis Center Information Assurance

Directorate

by

National

Security

Agency,United states of America,2013 [4]

Lin Yao, Bing Liu, GuoweiWu, Kai Yao and JiaWang1,” A Biometric Key Establishment Protocol for Body Area Networks”, IJDSN, vol 2011

[5]

L. Eschenauer and V. D. Gligor, ‘A Key-Management Scheme forDistributed Sensor Networks’, Version: pp. 41–47, November 18–22, 2002

[6]

H. Wang. H. Fang. L. Xing. and M. Chen. "An Integrated Biometric-Based Security Framework Using Wavelet-Domain Networks

HMM

(WBAN)."

in 2011

Wireless IEEE

Body

Area

International

Conference on Communications (ICC). pp. 1-5. Jun 2011. [7]

S.-D. Bao, L.-F. Shen, and Y.-T. Zhang, "A novel key distribution of body area networks for telemedicine ," in 2004 IEEE International Workshop on Biomedical Circuits Systems, 2004, pp. 2-5.

[8]

A. Jovic and N. Bogunovic, "Feature set extension for heart rate variability analysis by using non-linear, statistical and geometric measures," Proceedings of the ITI 2009 31st International Conference on Information Technology Interfaces, pp. 35-40, Jun.

VOLUME-2, SPECIAL ISSUE-1, MARCH-2015

2009.

COPYRIGHT © 2015 IJREST, ALL RIGHT RESERVED

142