Open Access

ARTICLE

ExpressionHash: Securing Telecare Medical Information Systems Using BioHashing

Ayesha Riaz¹, Naveed Riaz¹, Awais Mahmood^2,*, Sajid Ali Khan³, Imran Mahmood¹, Omar Almutiry², Habib Dhahri²

1 SEECS, National University of Science and Technology, Islamabad, Pakistan
2 College of Applied Computer Science, King Saud University (Almuzahmiyah Campus) Riyadh, Saudi Arabia
3 Department of Software Engineering, Foundation University Islamabad, Pakistan

* Corresponding Author: Awais Mahmood. Email:

(This article belongs to the Special Issue: Unobtrusive systems and wearable technologies for medical applications)

Computers, Materials & Continua 2021, 67(3), 2747-2764. https://doi.org/10.32604/cmc.2021.014418

Received 19 September 2020; Accepted 06 December 2020; Issue published 01 March 2021

Abstract

The COVID-19 outbreak and its medical distancing phenomenon have effectively turned the global healthcare challenge into an opportunity for Telecare Medical Information Systems. Such systems employ the latest mobile and digital technologies and provide several advantages like minimal physical contact between patient and healthcare provider, easy mobility, easy access, consistent patient engagement, and cost-effectiveness. Any leakage or unauthorized access to users’ medical data can have serious consequences for any medical information system. The majority of such systems thus rely on biometrics for authenticated access but biometric systems are also prone to a variety of attacks like spoofing, replay, Masquerade, and stealing of stored templates. In this article, we propose a new cancelable biometric approach which has tentatively been named as “Expression Hash” for Telecare Medical Information Systems. The idea is to hash the expression templates with a set of pseudo-random keys which would provide a unique code (expression hash). This code can then be serving as a template for verification. Different expressions would result in different sets of expression hash codes, which could be used in different applications and for different roles of each individual. The templates are stored on the server-side and the processing is also performed on the server-side. The proposed technique is a multi-factor authentication system and provides advantages like enhanced privacy and security without the need for multiple biometric devices. In the case of compromise, the existing code can be revoked and can be directly replaced by a new set of expression hash code. The well-known JAFFE (The Japanese Female Facial Expression) dataset has been for empirical testing and the results advocate for the efficacy of the proposed approach.

---

Keywords

---

Citations