Context-aware access control and anonymous authentication in WBAN

The emergence of the Internet of Things (IoT) as the next generation megatrend has paved the way for pervasive, ubiquitous and proficient healthcare monitoring systems. In the diverse kinds of networks, Wireless Body Area Network (WBAN) has been perceived as one of the most promising wireless sensor technologies for improving healthcare services thanks to its potential for continuous and real-time monitoring of health conditions. However, the open nature of wireless communication introduces wide security and privacy concerns as personal health information could be exposed to unauthorized parties or even malicious adversaries. Furthermore, in such a dynamic and heterogeneous environment where the context conditions continuously and frequently change, adaptive and context-aware solutions become mandatory to satisfy burgeoning security and privacy requirements. Therefore, it is indispensable to adaptively secure the extra-body communication between the smart portable device held by the WBAN client and the healthcare providers while considering the dynamic context changes. In this paper, we propose a context-aware access control and anonymous authentication approach based on a secure and efficient Hybrid Certificateless Signcryption (H-CLSC) scheme. Particularly, it incorporates the merits of Ciphertext-Policy Attribute-Based Signcryption (CP-ABSC) and Identity-Based Broadcast Signcryption (IBBSC) in order to meet the security requirements and provide adaptive contextual privacy. From a security perspective, the proposed mechanism achieves confidentiality, integrity, anonymity, context-aware privacy, key escrow resistance, public verifiability, and ciphertext authenticity. Performance analysis proves the efficiency and the effectiveness of the H-CLSC scheme compared to benchmark schemes in terms of functional security, storage, communication, and computational cost. (C) 2019 Elsevier Ltd. All rights reserved.