ABSTRACT

Technological development expands the computation process of smart devices that adopt the telecare medical information system (TMIS) to fulfill the demands of the healthcare organisation. It provides better medical identification to claim the features namely trustworthy, efficient and resourceful. Moreover, the telecare services automate the remote healthcare monitoring process to ease professional workloads. Importantly, it is conceived to be more timesaving, economical and easy healthcare access. Methods & Analysis: Cloud-Based Medical Healthcare (CBMH) system is a standard platform that gives its support to the patients for emergency treatment from the medical experts over Internet communication. Since the medical records are very sensitive, security protection is much necessitated. In addition, patient anonymity should be well preserved. In 2016, Chiou et al. proposed a mutual authentication protocol for the Telecare Medical Information System (TMIS) using Cloud Environment (CE). They claim that their protocol satisfies patient anonymity. However, this project proves that the Chiou et al. scheme is not only completely insecure against the patient anonymity, health-report revelation, health-report forgery, report confidentiality and non-repudiation but also fail to validate the service access against verifiability, undeniability and unforgeability. In order to provide better mutual authenticity, this project suggests the framework of smart service authentication to cross-examine the common secret session key among the communication entities. In order to examine the security properties, formal and informal verification was carried out.