In this paper, we proposed an integrated biometric-based security framework for wireless body area networks, which takes advantage of biometric features shared by body sensors deployed at different positions of a person's body. The data communications among these sensors are secured via the proposed authentication and selective encryption schemes that only require low computational power and less resources (e.g., battery and bandwidth). Specifically, a wavelet-domain Hidden Markov Model (HMM) classification is utilized by considering the non-Gaussian statistics of ECG signals for accurate authentication. In addition, the biometric information such as ECG parameters is selected as the biometric key for the encryption in the framework. Our experimental results demonstrated that the proposed approach can achieve more accurate authentication performance without extra requirements of key distribution and strict time synchronization.