Background: Since the patient-related data stored in the MCPS (Medical Cyber-Physical
System) play a critical role in medical diagnosis and treatment, it is essential to ensure the security of
these data. Failure to obtain authentic and correct medical data will possibly prevent a patient from
being treated effectively, or even lead to wrong treatments, also described in various patents. Moreover,
public may not accept MCPS technology if enough attention is not paid to address various security
and privacy concerns in MCPS. Especially access to patient-related data must be strictly limited
only to authorized users; otherwise, the patients’ privacy could be abused.
Methods: In this paper, one of PSWs proposed by Shao, proxy-unprotected, is introduced in our proposed
protocol. Based on this method, we propose our distributed access control based on proxy signature
in medical cyber-physical systems.
Results: The proposed protocol achieves the requirements for access control in the following aspects:
Firstly, the authorized users are able to access the nodes in a distributed manner. Secondly, it provides
an effective user authentication mechanism. Thirdly, it supports different user privileges. Fourthly, it
protects the integrity of query command. The timestamp included in the query command can ensure
the freshness of the query command. In addition, it can also be used to prevent replay attacks when
the command exceeds the life time.
Conclusion: We have proposed a novel distributed dissemination code scheme for MCPS. The security
analysis show that the technique guarantees strong unforgeability, verifiability, strong identifiability,
strong undeniability and prevention of misuse. Moreover, security of the proposed technique
does not rely on the availability of a secure channel.