Mobile e-Health Network (MHN) is an emerging network across the entire range of functions involved in e-Health.It is important to establish secure channels between users since the data transmitted in MHNs are private,e.g.,personal medical records.However,secure key management is challenging in MHN due to its highly-dynamic and large-scale nature.In this paper,we first model MHN and formalize a hierarchical network architecture mirroring the administrative hierarchy and dynamic autonomy in MHNs in the real world.We next present a virtual MHN architecture with only three levels yet suitable to realistic MHNs with arbitrary hierarchical levels.By exploiting the virtual architecture,we propose an efficient authenticated key exchange framework to secure MHNs.We realize a scalable authenticated key exchange (SAKE) scheme with a dedicated variant of a recent hierarchical identity-based signature and the well-known Diffie-Hellman key exchange protocol.Theoretical analysis and experimental results show that SAKA is secure and scalable,and hence practical to secure MHNs.