A Lightweight Encryption Scheme Combined with Trust Management ...

Download PDF
4 downloads 23086 Views 712KB Size Report
Comment
Abstract. With the pervasiveness of smart phones and the advance of wireless body sensor network (BSN), mobile Healthcare (m-Healthcare), which extends the ...
J Med Syst (2015) 39: 190 DOI 10.1007/s10916-015-0341-0

MOBILE SYSTEMS

A Lightweight Encryption Scheme Combined with Trust Management for Privacy-Preserving in Body Sensor Networks Ping Guo 1 & Jin Wang 1 & Sai Ji 1 & Xue Hua Geng 1 & Neal N. Xiong 2

Received: 15 November 2014 / Accepted: 7 September 2015 / Published online: 21 October 2015 # Springer Science+Business Media New York 2015

Abstract With the pervasiveness of smart phones and the advance of wireless body sensor network (BSN), mobile Healthcare (m-Healthcare), which extends the operation of Healthcare provider into a pervasive environment for better health monitoring, has attracted considerable interest recently. However, the flourish of m-Healthcare still faces many challenges including information security and privacy preservation. In this paper, we propose a secure and privacypreserving framework combining with multilevel trust management. In our scheme, smart phone resources including computing power and energy can be opportunistically gathered to process the computing-intensive PHI (personal health information) during m-Healthcare emergency with minimal privacy disclosure. In specific, to leverage the PHI privacy disclosure and the high reliability of PHI process and transmission in m-Healthcare emergency, we introduce an efficient lightweight encryption for those users whose trust level is low, which is based on mix cipher algorithms and pair of plain text This article is part of the Topical Collection on Mobile Systems. * Jin Wang [email protected] Ping Guo [email protected] Sai Ji [email protected] Xue Hua Geng [email protected] Neal N. Xiong [email protected] 1

College of Computer & Software, Jiangsu Engineering Center of Network Monitoring, Nanjing University of Information Science & Technology, Nanjing, China

2

Colorado Technical University, Colorado Springs, CO, USA

and cipher texts, and allow a medical user to decide who can participate in the opportunistic computing to assist in processing his overwhelming PHI data. Detailed security analysis and simulations show that the proposed framework can efficiently achieve user-centric privacy protection in m-Healthcare system. Keywords m-Healthcare . Body sensor Network (BSN) . Privacy-preserving . Trust management . Lightweight encryption

Introduction A body sensor network, or BSN [1], is a network of sensors deployed on a person’s body to collect physiological information. These sensors provide continuous, long term monitoring in an unobtrusive manner, allowing doctors to diagnose problems more effectively, and then BSN allows for new ways to provide quality health care to patient. Moreover, with the development of miniaturized wearable and implantable body sensor nodes and the more powerful smart phone, mobile BSN is available to provide medical users to receive the high-quality healthcare [2] monitoring from medical professionals anytime and anywhere. However, when a user has an emergency medical condition, for example, heart attack, his BSN becomes busy reading a variety of medical measures, such as heart rate, blood pressure, and as a result, a large amount of PHI data [3] might be generated in a very short period of time, and they further should be reported for highintensive monitoring before ambulance and medical personnel’s arrival. However, the smart phone’s energy could be insufficient when an emergency takes place, needless to say, the smart phone may phone someone or surf Internet.

190 Page 2 of 8

Recently, opportunistic computing [4, 5], as a new pervasive computing paradigm, has received much attention. Essentially, opportunistic computing can be described as distributed computing with the caveats of intermittent connectivity and delay tolerance. Indeed, mobile and pervasive computing paradigms are also considered natural evolution of traditional distributed computing. However, in mobile and pervasive computing systems, the disconnection or sleep device are treated as aberrations, while in opportunistic computing, opportunistic connectivity results in accessing essential resources and information. Opportunistic computing exploits communication opportunities to provide computing services to meet the pervasive application requirements. Opportunistic networking research has benefited from past work in areas such as wireless mobile Ad Hoc networks and delay-tolerant networks, while pervasive, mobile, and social computing all motivate their respective applications. In our scenario, opportunistic computing is characterized by exploiting all available computing resources in an opportunistic environment to provide a platform for the distributed execution of a computingintensive task. For example, once the execution of a task exceeds the energy and computing power available on a single node, other opportunistically contacted nodes can contribute to the execution of the original task by running a subset of the task, and then it can be reliably performed. In this paper, we propose a new secure and privacypreserving scheme based on multi-trust management with opportunistic computing framework. With the proposed scheme, each medical user and those opportunistic nodes that involve in emergency can be divided into different groups according to their trust degrees computed by their social trust relationships. And then we adopt different strategies to protect user’s privacy in terms of different groups. For example, those who are user’s family members will gain high trust values when they take on as opportunistic nodes to help the patient (BSN user) to transmit PHI data to medical center, and strategies for this kind of situation should be simpler and faster; while those opportunistic nodes are strangers to the patient, and then strategies should be more secure. No matter what kind of the nodes involved, our aim is to achieve the user-centric privacy protection to allow only those qualified helpers to participate in the opportunistic computing to balance the highreliability of PHI process and minimizing PHI privacy disclosure in m-Healthcare emergency. The remainder of this paper is organized as follows: in Section 2, we review a discussion on the related work. We formalize the system model and a general security scheme, and identify our design goal in Section 3. Then, we present the a lightweight encryption framework in Section 4, followed by the security analysis and simulations in Sections 5. Finally, we draw our conclusions in Section 6.

J Med Syst (2015) 39: 190

Related work People usually concern deeply about their privacy. It is difficult for them to accept m-Healthcare if the privacy issue cannot be protected. There are several schemes proposed to protect privacy in BSN. An example of role based access control is given in [6, 7], which can defense illegitimate node to access BSN. Some rules for privacy-preserving is discussed in [8], for example, who can decide which sensor node to collect data, and what kind of transmission protocol to be used in BSN. Tan et al. [9] proposed an encryption scheme for BSN, in which they divide plain texts into two parts, one only includes a node identity and a random number, the other is huge amount of PHI data. Correspondingly, the cipher texts also have two segments. They successfully reduce the encryption and transmission cost, however, they employ asymmetric encryption for such a great deal of PHI that still lead to unexpected computation cost. For many healthcare applications, it is essential to know about patient’s location. A study of location confirmed is proposed in [10] that the author very concerns the leakage of patient location when wearable sensors sending data to remote medical center. Lu et al. [11] propose a new secure and privacy preserving opportunistic computing scheme SPOC, which each medical user in emergency can achieve the user-centric privacy access control to balance the high-reliability of PHI access and minimizing PHI privacy disclosure. A sensor node security scheme is proposed in [12], which a cluster based method to manage nodes, especially an efficient way to monitor those captured nodes in BSN. A key management and an encryption scheme are introduced in [13] and [14], respectively, while energy constraint problems are discussed in [15, 16], though they limited their work in wireless sensor networks, which is an important instruction for BSN. A data exchange protocol is described in [17] and QoS issue is discussed in [18], in which privacy leakage and resource restraint are concerned much in BSN than other wireless networks. There are also some schemes [19–22] focusing on the security architecture of BSN, within which, secure user authentication, data integrity,access control, data freshness , nonrepudiation and transmission protocols have been discussed. For instance, HealthGear [22] is based on commercial Bluetooth sensors and cell-phones from Microsoft. However, none of them consider smart phone -centric BSN is a typically social network for the people who owns the smart phone. The address book in the cell, actually, is the owner’s friend circle and might have plant of chances to act as assist nodes to help owners to transmit PHI data when emergency happens. If we can consider trust level of relatives and friends, and then different trust level explores different privacy preserving strategies, which may obviously improve protective efficiency and save much resource cost.

J Med Syst (2015) 39: 190

An overview of solutions combining with different trust-level classes Research challenge During the process, shown as Fig. 1, privacy is the foremost issue concerning patients in m-Healthcare. Without privacy guarantees, patients’ PHI may be leaked to cause lifechanging consequences such as difficulties in obtaining insurance or employment, or being discriminated against for having certain diseases. Most important, m-Healthcare systems lacking privacy guarantees cannot be psychologically accepted by the public and hence are not likely to be advocated and implemented. However, in certain special circumstances, such as emergencies, privacy requirements must be overridden by the functional requirement (i.e., saving lives). Therefore, how to balance the high reliability of PHI process while minimizing the PHI privacy disclosure during the opportunistic computing becomes a challenging issue in m-Healthcare emergency. Multi-trust management We consider the patient’s smart phone actually implicit a social circle. Most of the time, when the patients encounter the emergent situation (i.e. heart attack), they stay with their family members, relatives or friends who may as a matter of course take as opportunistic nodes to help transmission. However, Security is the first vital factor to be considered when the patient has to borrow resources with the aid of opportunistic helper. Naturally, the trust degree of the helper should be measured. That’s why we introduce social trust management to our privacy-preserving scheme. We describe multi-trust management [23, 24] in our scheme, in order to simplify the process of calculation, we divide helpers into different trust classes in term of their trust values, which means helpers lie in the same

Fig. 1 Model of BSN with opportunistic computing

Page 3 of 8 190

trust level defensed by the same privacy-preserving strategy. We define multilevel trust classes as three levels of low level trust, middle level and high level trust, shown as Fig. 2. V A;B ¼

Snum T num

ð1Þ

Formula (1) is an easy method to compute trust degree of low level trust. Where Snum is the number of A satisfying B between their communications. Tnum is the number of communications between A and B. Xk Raverage ¼

R i¼1 i

k

ð2Þ

Formula (2) is a statistic solution to decide trust values of middle level trust. Where R={R1,R2,…,Rk} (i=1…k) is the A-centric recommendation set. According to the above descriptions, we have Fig. 3 to indicate a brief explication of our different privacypreserving strategies. We introduce the influencing factor of trust evaluation in social networks, which is affinity-dis affinity relationship, and carry out a fine-grained division of the users in the opportunistic networks according to the relationship with the patient (as shown in (3)). We adopt different privacy-preserving strategies to users coming from a different trust set during transmission. 8 u FN > > > > FN : Familiar network with high trust > > < uSN R patient ¼ SN : Social network with middle trust > > > > −userON u > > : StrN StrN : strangers ’ network with low trust ð3Þ

190 Page 4 of 8

J Med Syst (2015) 39: 190 direct communication between two nodes

A

B

the patient to transmit his/her PHI, it is enough just to apply simple access control, such as a preseted group password.

C direct trust value of the observer to the observer

Definition for SN

(a) Low-level trust model

A

C

direct trust (A to B)

B

A collects trust recommendations of C and D made for B

D

(b) Middle-level trust model C

A

B D

E

direct communications

F

G

trust recommendations of C and D made for B collecting B’s recommendations made by E, F and G, and sending to A

For users in SN, they may have social relationship with the patient on some level, for instance, they are colleagues, friends on social networks, even some never meeting. We define a edge-weighted directed graph GA(V,E,W) to describe the social network patient A-centric, in which V represents opportunistic user set, E means relationship between nodes, and W is a number of communications between nodes to define weight. X Trust A ðiÞM i ðBÞX i ðbÞ i∈K A ð4Þ TrustA ðBÞ ¼ X Trust ð j ÞM ð B Þ A j j∈K A

(c) High-level trust model Fig. 2 Multilevel trust model

Definition for FN FN is usually composed of the patient’s relatives and good friends, therefore, FN might be small and stable, and defined by the patient. If an opportunistic node comes from FN to help

Fig. 3 Different trust-level adopting different privacy preserving strategies

In formula (4) , KA is a subset of nodes which are neighbors of node A. TrustA(i) and TrustA(j) represent the direct trust level how much node A believes node i and node j respectively. TrustA(B) is calculated by the average of all the trust levels that node i (i∈KA) in the set KA is to the node B. Mi(B) and Mj(B) represent the maturity level that node i and node j are to the node B respectively. Xi(b) is defined as a random variable that comply with a certain distribution.

Monitor Multi-trust Reputation

Feedback

system Context-aware security

modeling

Trust

Multilevel

degree

trust

algorithm

classes

Collection

Update

Security strategies Simple access control

Types of opportunistic nodes Trust degree of family members (high-level trust)

ABE-based access control

Trust degree of social circle>close index (middle-level trust)

Lightweight encryption

Trust degree of social circle¼ threshold close ; > > > > Lightweight encryption f or A’s PHI > > < TrustA ðiÞ < threshold close ; > > > > > > Lightweight encryption and anonimity : protection f or A ð5Þ Definition for StrN If a node enter into A’s opportunistic networks and it is a complete stranger for A, then there are two situations needing consider. One is whether the stranger’s PHI has the high correlation with A’s PHI. The other is their PHI having nothing to do with each other. For the former, the strategy only needs to protect A’s identity, since the strangers have no interesting in the patient’s PHI, while for the latter, except for protecting A’s identity, but A’s PHI. Thresholdstranger is a threshold set for strangers who become the opportunistic helping nodes by accident, and the value is decided by their PHI’s correlations. The higher the correlation, the more similar of their symptoms. 8 AtributePHI ðA; StrÞ >¼ threshold stranger ; > > > > A < ’ s identity anonymity > > AtributePHI ðA; StrÞ < threshold stranger ; > > : A ’s PHI encryption and identity anonymity ð6Þ Descriptions of different privacy-preserving strategies When an emergency takes place in m-Healthcare, e.g., patient U0 suddenly falls down outside, the healthcare center will monitor the emergency, and immediately dispatch an ambulance and medical personnel to the emergency location. Generally, the ambulance will arrive at the scene around several minutes. During the period, the medical personnel needs highintensive PHI to monitor U0 in real time. However, the power of U0 ’s smart phone may be not sufficient to support the highintensive PHI process and transmission. In this case, the opportunistic computing, as shown in Fig. 1, is launched, and the following user-centric privacy access control is performed to minimize the PHI privacy disclosure. According to the different trust level of the opportunistic assist nodes, different privacy-preserving strategies are adopted.

Lightweight and anonymous authentication We plan to adopt the following methods to make a lightweight design of the anonymous authentication. (1) Lightweight structure. Non-certificate, and self-adoption. (2) Lightweight key. According to the opportunistic node’s trust level determines the key length, such as the high level of trust can use short-length key. (3) Lightweight certification process. Such as for patients with circle of acquaintances, the opportunistic node can deploy simple authentication. (4) Lightweight encryption algorithms and hash function. according to the opportunistic node’s trust level, choose different strength and security of the algorithm.

ABE-based access control We abstract the attributed from the row PHI information of patient A and the opportunistic helping node B, ! a ¼ a ði ¼ 1; …; nÞ represents symptom pafa1 ; a2 ; …; an g, ai ∈! rameters of some disease. During matching of A and B’s PHI attributes, if ai =1, then they have similar disease, otherwise, ai = 0. For those who have similar disease, we only need to encrypt the identity of patient or deal with as anonymous identity. While the proper set of ThresholdPHI may adjust matching rate and then improve the security. For instance, if there are so many opportunistic nodes, the higher ThresholdPHI might decrease the matching rate and then protect patient’s PHI from disclosing.

Lightweight encryption When a great deal of PHI need to be transmitted, it’s impossible or unnecessary to encrypt all PHI. So we divide the raw   PHI into two parts, m1 ¼ IDpatienti jT jn , T is the time stamp when the system deal with the data, and n is a random number set in the initiation phase; m2 =(d|n), d is the PHI data. Correspondingly, the encrypted PHI data are c1 =E1(m1,PKTA) and c2 =E2(m2,Ksession). E1 is a public key encryption algorithm chosen by the context-aware situation, while E2 secret key   algorithm. K session ¼ H IDpatienti jTimejn is the session key to encrypt m2. PKTA is the remote medical center’s public key preset in the initiation phase. We separate the patient’s identity and his/her PHI data into different pairs of plain texts (m1,m2). The worst situation needs to match all pairs of (m1,m2) with the cipher texts (c1,c2).

A lightweight encryption scheme In this part, we propose a detailed lightweight encryption scheme for the secure transmission of PHI data in BSN.

190 Page 6 of 8

Step 1. Assuming the session key between patient A’s smart phone and sensor node SNi is K sessionA−SN i and n is a random number. SNi computers m=(d|IDSNi|n) and c ¼ Esym ðm; K sessionA−SN i Þ, with d is the PHI data needing encrypted, and sends c to A’s smart phone. Step 2. A’s smart phone decrypt c with the session key K sessionA−SN i a n d c o m p u t e s m 1 = ( I D A | T | n ′ ) , m2 =(d|n′),T is the time stamp and n’ is a random number, and different from random number n. In order to reduce the traffic between sensors and cell phone, transmission is not real-time, but accumulates data tuples to some extent before a transmission. Step 3. A’s smart phone computes c1 =Easy(m1,PKR), c2 ¼ E sym ðm2 ; K sessionA−R Þ, and outputs encrypted message (c1,c2). Easy is the asymmetric encryption algorithm and Esym is the symmetric encryption algorithm. K sessionA−R is the session key between patient A and remote medical center R. Step 4. A’s smart phone does not transmit it until collects t1 enough PHI. For instance, there are {(ct1 A1,cA2), t2 t2 tj tj (cA1, cA2), …,(cA1,cA2)}, where A represents the identity of patient, tj is the time that A operates encryption. When an emergency happens, patient A may execute task balance algorithm, evaluate the trust value of assist opportunistic node, run the corresponding privacy strategy and borrow helper’s resource to transmit PHI to the remote medical center. Step 5. For the message of (ctA1,ctA2), remote medical center operates the same algorithm and then can achieve the public key of any patient. They can decrypt m1 =Dt asy(cA1,SKremote−center) with the private key SKremote− center of remote center, if m1 =(IDA|Time|n′) the user’s identification matches what the doctor want to check, and then they will continue to decrypt m2   ¼ D ctA2 ; K sessionA−R with the same session key.

J Med Syst (2015) 39: 190

related algorithm. This scheme is more flexible and simpler than based on identity, which can be thought of as a lightweight method based on identity. Definitely plain texts come in pairs, and accordingly, cipher texts also come in pairs. Considering storage database may be a public saving server, at the same time save a huge amount of data, even from the same BSN’s PHI data, due to the continuous acquisition field information, after a period of time, there are a great quantity of data. When doctors want to extract the stored data in the database, c1 of a pair in cipher messages is to decrypt firstly (according to the request of nodes and time) , then decide whether to decrypt larger data volume c2. Here c1 is equivalent to an engine, in order to make a mark, to save the decryption of large amount of calculation, at the same time, the random number can be initially determined whether the cipher text is damaged. Security analysis Eavesdropping attacks In this attack, competitors attempt to eavesdrop PHI (c1,c2) during the transmission, because all data is encrypted, so opponents cannot learn plain text. Tracking attack The opponents may achieve more privacy by tracking. But even opponents have known tuple (c1,c2), they can only know (c1,c2) from the same BSN, while they cannot learn more relationship between diverse groups, because each has a random number n in the cipher texts. Replace attacks

Experimental results

If an attacker wants to replace the public key of a patient or a sensor node, it is not feasible. Since the public keys are generated from the smart phone’s signature, both sides of communication by examining the signatures to determine whether the public key is legal.

Features analysis

Compromised sensor

The public key is generated by the user according to the specific semantic string, and traditional public-key scheme based on identity is based on the user identity information, such as Email, IP address, etc., these messages are same. Once generated public key, if the user within the same organization to apply for public key, will not be allowed. In our scheme, user can produce the public key according to the string of transformation, and then the private key matching the public key can be generated at the different time, only when needed according to the generated public key semantic string matching and

Even the opponent captures one or more sensor nodes, it can not obtain the patients’ PHI. However, the opponent can not get the plain texts, because the data is encrypted by each hop of sensors and smart phone. Spoofing attacks The attacker can forge a fake public key and claim a legitimate node to steal PHI data. But the attacker without a legitimate signature, in which public key to decrypt, so it is easy to

J Med Syst (2015) 39: 190 500

Simulation parameters Values

450

Android

4.2

400

Simulation time

600 s

Parameters

Values

Parameters

Galaxy

S4

CPU

1.9 GHz

RAM PHI size for AES

2 GB 128 bits

Length of identity PHI size for ECC

32 bits 64 bits

determine the attacker is not an authenticated legitimate node or user.

AES encryption time(ns)

Table 1

Page 7 of 8 190

key length=128b key length=196b key length=256b

350 300 250 200

Simulation analysis

150 20

In this section, we simulate our scheme with smart phone. The parameters are set for simulation shown as Table 1. Simulation for encrypting m1 We select ECC as asymmetric algorithm to encrypt m1 and the length of public keys are 80 bits, 120 bits and 160 bits respectively. The result is shown in Fig. 4.

25

30 35 40 The number of PHI messages

45

50

Fig. 5 Time cost of Encrypting PHI messages with AES algorithm of different key length

reference [9], both m1 (64 bits) and m2 (128 bits) are encrypted by ECC-160. According to Fig. 6, the more PHI messages, the less cost of our scheme which is approximately 1.5 fold faster than reference [9].

Simulation for encrypting m2 We select AES as symmetric algorithm to encrypt m2 and the length of session keys are 128 bits, 192 bits and 256 bits respectively. The result is shown in Fig. 5. Simulation for comparison We compare time cost of encryption of our scheme with the scheme in reference [9]. The result is shown in Fig. 6. In our scheme, m1 is 64 bits and encrypted by ECC-160, m2 is 128 bits and encrypted by AES-256. However, in

Conclusion We firstly review the research on security and privacy for mHealthcare. Secondly, we combine trust management with the PHI privacy in BSN, and put forward a general policy that different strategies protecting patient’s privacy match different trust level users who would like to help to transmit patient’s PHI. Moreover, we describe a detailed scheme that adopts double plain texts and cipher texts to implement lightweight encryption to stranger helpers. Finally, we analysis and simulate the scheme proved secure, lightweight and efficient.

1100 1000

key length=80b key length=120b key length=160b

4500 Encryption of our shceme Encryption of reference[9] 3700

800 Encryption time (ns)

ECC encryption time (ns)

900

700 600 500

2100

1300

400 300 20

2900

25

30

35

40

45

50

The number of PHI messages

Fig. 4 Time cost of encrypting PHI messages with ECC algorithm of different key length

500 20

30

40 The number of PHI messages

Fig. 6 Encryption comparison

50

60

190 Page 8 of 8 Acknowledgments This work was funded in part by Jiangsu Province training programs of innovation and entrepreneurship for college students under grants 201410300049Z. It was also supported by National Natural Science Foundation of China (61070133, 61472344, 61402234, 61311140264), Project of six personnel in Jiangsu Province (2013WLW-012) and PAPD fund. Prof. Jin Wang is the corresponding author.

References 1.

2. 3.

4. 5.

6.

7.

8.

9.

10.

11.

Kumar, P., and Lee, H. J., Security issues in healthcare applications using wireless medical sensor networks: a survey. Sensors 11(12): 55–91, 2012. Li, M., Lou, W., and Ren, K., Data security and privacy in wireless body area networks. IEEE Wirel. Commun. 17(1):51–58, 2010. Fernández-Alemán, J. L., Seva-Llor, C. L., Toval, A., Ouhbi, S., and Fernández-Luque, L., Free web-based personal health records: analysis of functionality. J. Med. Syst. 37(6):9990, 2013. doi:10. 1007/s10916-013-9990-z. Contis, M., and Kumar, M., Opportunities in opportunistic computing. IEEE Compute. 43(1):42–50, 2011. Curtis, D., Shih, E., and Waterman, J., Physiological signal monitoring in the waiting areas of an emergency room. In: Proceedings of body networks workshop. 2:5–8, 2008. Hsu, C. L., Lee, M. R., and Su, C. H., The role of privacy protection in healthcare information systems adoption. J. Med. Syst. 31(2). doi:10.1007/s10916-013-9966-z, 2013. Evered, M., and Bogeholz, S., A case study in access control requirements for a health information system. In: The Second workshop on Australasian information security, data mining and web intelligence, and software internationalization, 2004. Meingast, M., Roosta, T., and Sastry, S., Security and privacy issues with health care information technology. In: Proceedings of the 28th IEEE EMBS annual international conference, 2006. Tan, C. C., Wang, H. D., and Zhong, S., IBE-Lite:a lightweight identity-based cryptography for body sensor networks. IEEE Trans. Inf. Technol. Bio-Med. 13(6):926–932, 2009. Rehman, O. U., Performance study of localization techniques in wireless body area sensor networks. In: Proceedings of international symposium on advances in ubiquitous, 2012. Lu, R. X., Lin, X. D., and Shen, X. M., SPOC: a secure and privacypreserving opportunistic computing framework for mobile-

J Med Syst (2015) 39: 190

12.

13.

14.

15.

16.

17.

18. 19.

20.

21.

22.

23.

24.

healthcare emergency. IEEE Trans. Parallel Distrib. Syst. 24(3): 614–625, 2013. Wei, L., Hiroki, N., and Ansari, N., Cluster-based certificate revocation for mobile body sensor networks. IEEE Trans. Parallel Distrib. Syst. 24(2):239–249, 2013. Raazi, S. M., and Kuras, U. R., BARI: a biometric based distributed key management approach for wireless body area networks. Sensors 10(8):3911–3933, 2010. Shen, J., Zheng, W. Y., Wang, J., Zheng, Y. H., and Sun, X. M., An efficient verifiably encrypted signature from weil pairing. J. Internet Technol. 14(6):947–952, 2014. Wang, J., Zhang, Z. H., and Xia, F., An energy efficient stable election-based routing algorithm for wireless sensor networks. Sensors 13(11):14301–14320, 2013. Wang, J., Zhang, J. W., Lee, S. Y., and Sherratt, R. S., Mobility based energy efficient and multi-sink algorithms for consumer home networks. IEEE Trans. Consum. Electron. 59(1):77–84, 2013. Chen, C. L., Yang, T. T., and Shih, T. F., A secure medical data exchange protocol based on cloud environment. J. Med. Syst. 38(9). doi:10.1007/s10916-014-0112-3, 2014. Zhou, G., BodyQoS: adaptive and radio-agnostic QoS for body sensor networks. INFOCOM, 2009 Hong, R. C., Pan, J. X., Hao, S. J., Wang, M., Xue, F., and Xu, X. D., Image quality assessment based on matching pursuit. Inf. Sci. 273:196–211, 2014. Li, J., Li, X. L., Yang, B., and Sun, X. M., Segmentation-based image copy-move forgery detection scheme. IEEE Trans. Inf. Forensics Secur. 2015. doi:10.1109/TIFS.2014.2381872. Fan, Y., Network coding based privacy preservation against traffic analysis in multi-hop wireless networks. Trans. Wirel. Commun. 10(6):834–843, 2011. Sung, N. Y., Jen, C. A., wireless physiological signal monitoring system with integrated bluetooth and WiFi technologies. In: Proceedings of IEEE 27th Annual International Conference of the Engineering in Medicine and Biology Society. 3:2203–2206, 2005. Govindan, K., and Mohapatra, P., Trust computations and trust dynamics in wireless sensor networks: a survey. IEEE Commun. Surv. Tutorials 14(2):279–298, 2012. Ayday, E., and Fekri, F., An interative algorithm for trust management and adversary detection for delay tolerant networks. IEEE Trans. Mob. Comput. 11(9):1514–1531, 2012.