Background: Since the patient-related data stored in the MCPS (Medical Cyber-Physical System) play a critical role in medical diagnosis and treatment, it is essential to ensure the security of these data. Failure to obtain authentic and correct medical data will possibly prevent a patient from being treated effectively, or even lead to wrong treatments, also described in various patents. Moreover, public may not accept MCPS technology if enough attention is not paid to address various security and privacy concerns in MCPS. Especially access to patient-related data must be strictly limited only to authorized users; otherwise, the patients’ privacy could be abused.
Methods: In this paper, one of PSWs proposed by Shao, proxy-unprotected, is introduced in our proposed protocol. Based on this method, we propose our distributed access control based on proxy signature in medical cyber-physical systems.
Results: The proposed protocol achieves the requirements for access control in the following aspects: Firstly, the authorized users are able to access the nodes in a distributed manner. Secondly, it provides an effective user authentication mechanism. Thirdly, it supports different user privileges. Fourthly, it protects the integrity of query command. The timestamp included in the query command can ensure the freshness of the query command. In addition, it can also be used to prevent replay attacks when the command exceeds the life time.
Conclusion: We have proposed a novel distributed dissemination code scheme for MCPS. The security analysis show that the technique guarantees strong unforgeability, verifiability, strong identifiability, strong undeniability and prevention of misuse. Moreover, security of the proposed technique does not rely on the availability of a secure channel.
Keywords: Access Control, proxy signature, medical cyber-physical systems, dissemination code, ambient intelligence, PSWs.