Secure two-factor mutual authentication scheme using shared image in medical healthcare environment

Husam A. Abdulmalik, Ali A. Yassin


The cloud healthcare system has become the essential online service during the COVID-19 pandemic. In this type of system, the authorized user may login to a distant server to acquire the service and resources they demand, we need full security procedures that cover criteria such as authentication, privacy, integrity, and availability. The journey of security for any healthcare system starts with the authentication of users based on their privileges. Traditional user authentication mechanisms, such as password and personal identification number (PIN) typing, are vulnerable to malicious attacks like on/offline, insider, replay, guessing, and shoulder surfing. To address these issues, we proposed a secure authentication scheme that uses the authenticated delegating mechanism based on two factors: a one-time password and generating a secure variable vector from a legible user's digital image to enable the permission of a user through the back-end database of a cloud server. The proposed mutual authentication can protect the information against well-known attacks, ensure the user's privacy, and key management. Moreover, comparisons with existing schemes show that the proposed scheme supplies more privacy, security metrics, and resistance to attacks than the others while being more efficient in computation and communication costs.


Healthcare; Key management; Mutual authentication; One-time password

Full Text:




  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

Bulletin of EEI Stats

Bulletin of Electrical Engineering and Informatics (BEEI)
ISSN: 2089-3191, e-ISSN: 2302-9285
This journal is published by the Institute of Advanced Engineering and Science (IAES) in collaboration with Intelektual Pustaka Media Utama (IPMU).