In the context of Internet of Things where real world objects will automatically be part of the Internet, ehealth applications have emerged as a promising approach to provide unobtrusive support for elderly and frail people based on their situation and circumstances. However, due to the limited resource available in such systems and privacy concerns that might rise from the capture of personal data, security issues constitute a major obstacle to their deployment. Authentication of the different entities involved and data confidentiality constitute the main concerns for users that need to be addressed. In this paper, we propose a new key management scheme for an ehealth application to allow sensors and the Base Station (BS) to negotiate certain security credentials that will be used to protect the information flow. Our prtocol provides a strong level of security guaranteeing authentication and data confidentiality while the scarcity of resources is taken into consideration. The scheme is based on a lightweight Public Key Infrastructure (PKI) where the sensors have to perform only one Elliptic Curve Cryptography (ECC) decryption in the key establishment process. Data exchanges are then secured by the use of symmetric encryption. In addition, Time Stamps are used to prevent replay attacks along with Message Code Authentication (MAC) to ensure integrity.