Yang Ming,Xiaopeng Yu,Xiaoqin Shen

DOI: https://doi.org/10.1109/access.2020.3018488

IF: 3.9

2020-01-01

IEEE Access

Abstract:Healthcare Internet of Things (IoT) is an emerging paradigm, which can provide comprehensive and different types of health services and enable various types of medical sensors to monitor patient's health conditions. In the healthcare IoT, patient is deployed with a variety of medical sensors, which continuously monitors and collects patient's sensitive health data that needs specially protection for preventing privacy leakage. To safely send multiple different health data monitored by multiple different medical sensors to multiple corresponding healthcare professionals in one data report, several multi-message and multi-receiver signcryption schemes have been introduced by employing the traditional public key cryptography, identity-based cryptography or certificateless cryptography. However, these schemes suffer from the certificate management, key escrow and key distribution problem. Besides, due to the resource-constraint property of medical sensors, they are unsuitable for healthcare IoT in terms of both performance and privacy requirements. To solve these issues, this paper introduces an efficient anonymous certificate-based multi-message and multi-receiver signcryption scheme for healthcare IoT, where the certificate-based cryptography and elliptic curve cryptography are combined to simplify the certificate management problem, eliminate the key escrow problem, solve the key distribution problem and ensure the privacy-preserving. Furthermore, the security analysis suggests that the proposed scheme is able to achieve the confidentiality, unforgeability, receiver anonymity, sender anonymity and decryption fairness; the performance evaluation indicates that the proposed scheme brings to the lower computation cost and communication cost in comparison to the existing schemes.

Muhammad Tanveer,Samia Allaoua Chelloug,Maali Alabdulhafith,Ahmed A. Abd El-Latif

DOI: https://doi.org/10.1016/j.eij.2024.100474

IF: 4.195

2024-05-16

Egyptian Informatics Journal

Abstract:With the rapid progress of communication technology, the Internet of Things (IoT) has emerged as an essential element in our daily lives. Given that the IoT encompasses diverse devices that often have limited resources in terms of communication, computation, and storage. Consequently, the National Institute of Standards and Technology (NIST) has standardized several lightweight cryptographic algorithms for encryption and decryption, specifically designed to meet the needs of resource-constrained IoT devices. These cryptographic algorithms, known as authenticated encryption with associated data (AEAD), offer more than just confidentiality—they also guarantee information integrity and authentication. Unlike conventional encryption algorithms like AES, which solely provide confidentiality, AEAD algorithms encompass additional functionality to achieve authenticity. This eliminates the need for separate algorithms like message authentication codes to ensure authenticity. Therefore, by leveraging the characteristics of an AEAD protocol, it is possible to develop a lightweight authentication framework to mitigate the security risks inherent in public communication channels. Therefore, in this work, we designed the lightweight authentication protocol for the smart healthcare system (BLAP-SHS) using an AEAD mechanism. In order to do this, a session key must first be created for encrypted communication. This is done via a method called mutual authentication, which verifies the legitimacy of both the user and the server. The random-or-real methodology ensures the security of the derived session key, and the Scyther tool is used to assess BLAP-SHS' resistance to man-in-the-middle and replay attacks. Through using the technique of informal security analysis, the resilience of BLAP-SHS against denial of service, and password-guessing threats are evaluated. By juxtaposing BLAP-SHS with other prominent authentication techniques, the usefulness of BLAP-SHS is also assessed in terms of computing and communication costs. We illustrate that the BLAP-SHS requires a reduction in computation cost ranging from [70.11% to 95.21%] and a reduction in communication resources ranging from [3.85% to 9.09%], as evidenced by our comparative study.

computer science, information systems, artificial intelligence

Arun Rana,Chinmay Chakraborty,Sharad Sharma,Sachin Dhawan,Subhendu Kumar Pani,Imran Ashraf

DOI: https://doi.org/10.1089/big.2021.0202

IF: 4.426

2022-02-01

Big Data

Abstract:The Internet of Medical Things (IoMT) is a collection of medical equipment and software that can help patients get better care. The purpose of this study is to improve the security of data collected through remote health monitoring of patients utilizing Constrained Application Protocol (CoAP). Asymmetric cryptography techniques may be used to assure the security of such sensor networks. For communication between different IoMT devices and a remote server, the safe CoAP is compatible with the Datagram Transport Layer Security (DTLS) protocol for creating a secure session using existing algorithms such as Lightweight Establishment of Secure Session. The DTLS layer of CoAP, in contrast, has shortcomings in key control, session establishment, and multicast message exchange. As a consequence, for IoMT communication, the creation of an efficient protocol for safe CoAP session establishment is needed. Thus, to solve the existing problems related to key management and multicast security in CoAP, we have proposed an efficient and secure communication technique to establish a secure session key between IoMT devices and distant servers using lightweight Energy-Efficient and Secure CoAP Elliptic Curve Cryptography (E²SCEC²). The advantage of using E²SCEC² over other identification methods such as Rivest-Shamir-Adleman (RSA) is its compact key size, which allows it to use a smaller key size. This article also compares these algorithms on parameters such as time spent generating keys, signature generation, and verification of E²SCEC² and RSA algorithms, as well as energy consumption and radio duty cycle, to see if they are compatible in constrained environments.

computer science, theory & methods, interdisciplinary applications

Shanvendra Rai,Rituparna Paul,Subhasish Banerjee,Preetisudha Meher

DOI: https://doi.org/10.1007/s11042-024-18625-x

IF: 2.577

2024-03-27

Multimedia Tools and Applications

Abstract:The Internet of Medical Things (IoMT) provides such flexibility in our society where anyone can get medical treatment at any time, from anywhere. IoMT is a type of network where different resource-constraint physiological sensors are deployed in and/or on the human body that connects with the internet through the Gateway node, for monitoring purposes. However, due to the open nature of communication in the IoMT; the security, and privacy of patients' sensed data is very challenging, and that needs to be addressed, because any modification or alteration to it may lead to putting the life of a patient in danger. In this context, Chunka et al. proposed an authentication and key agreement (AKA) scheme for IoMT and claimed that the scheme has many security features and is easy to deploy. Unfortunately, it came to notice during this research that the scheme is vulnerable to multiple attacks, including replay, insider, smart card loss, eavesdropping, and server spoofing attacks, additionally failing to establish the session key agreement. So to overcome this issue, an efficient and improved multi-factor lightweight mutual AKA scheme is proposed through this article by incorporating a PUF-enabled sensor node and smart card for the users. To prove the superiority of the proposed schemes and to demonstrate the security features, the scheme is verified by formal security proof using the ROR model and informal proof using the AVISPA tool kit. In the end, a comprehensive analysis covering security, performance, and a comparative evaluation with existing similar approaches along with the Chunka et al. scheme demonstrates that the suggested approach not only achieves a higher level of protection against commonly recognized threats but also maintains an economically efficient mechanism concerning sensor nodes.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Amir Masoud Aminian Modarres,Nima S. Anzabi-Nezhad,Maryam Zare

DOI: https://doi.org/10.1109/access.2024.3361921

IF: 3.9

2024-02-16

IEEE Access

Abstract:The Internet of Medical Things (IoMT) is a promising framework for expanding and improving telemedicine services. A common cloud-based IoMT architecture consists of three layers of entities, the first layer (such as smart sensors and devices), the second layer (such as gateways), and the third layer (such as cloud servers). Obviously, in these networks, the protection of sensitive information against security threats as well as authentication between the entities is a key issue. On the other hand, the devices involved in the first and second layers usually suffer from poor computational capabilities as well as a lack of physical protection, which should be considered in the design of security protocols. Recently, Alladi et al. have proposed a lightweight authentication protocol for the cloud-based IoMT that addresses these challenges, using Physically Unclonable Function (PUF). In this paper, we first provide thorough cryptanalysis of their scheme and clarify its important vulnerabilities that lead to protocol collapse. Then, we propose a new lightweight protocol based on PUF to perform strong mutual authentication and key agreement between parties in the IoMT networks. The formal (using BAN logic) and informal security analysis demonstrate that our scheme is resistant to several well-known attacks, including physical attacks. Also, our evaluation of computational cost and security features clearly shows that the proposed scheme outperforms similar schemes in security and efficiency. Another important advantage of our protocol is that it performs the mutual authentication and key agreement process separately for each pair of layers in the three-layer cloud-based IoMT architecture. This triple authentication scheme provides the necessary flexibility for use in different scenarios and working conditions. In this aspect, as far as we know, our proposed protocol is the first of its kind.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xinzhong Su,Youyun Xu

DOI: https://doi.org/10.3390/s24227119

IF: 3.9

2024-11-06

Sensors

Abstract:Authentication is considered one of the most critical technologies for the next generation of the Internet of Medical Things (IoMT) due to its ability to significantly improve the security of sensors. However, higher frequency cyber-attacks and more intrusion methods significantly increase the security risks of IoMT sensor devices, resulting in more and more patients' privacy being threatened. Different from traditional IoT devices, sensors are generally considered to be based on low-cost hardware designs with limited storage resources; thus, authentication techniques for IoMT scenarios might not be applicable anymore. In this paper, we propose an efficient three-factor cluster-based user authentication protocol (3ECAP). Specifically, we establish the security association between the user and the sensor cluster through fine-grained access control based on Merkle, which perfectly achieves the segmentation of permission. We then demonstrate that 3ECAP can address the privilege escalation attack caused by permission segmentation. Moreover, we further analyze the security performance and communication cost using formal and non-formal security analysis, Proverif, and NS3. Simulation results demonstrated the robustness of 3ECAP against various cyber-attacks and its applicability in an IoMT environment with limited storage resources.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Hang Li,Keping Yu,Bin Liu,Chaosheng Feng,Zhiguang Qin,Gautam Srivastava

DOI: https://doi.org/10.1109/jbhi.2021.3075995

IF: 7.7

2021-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The Internet of Health Things (IoHT) is a medical concept that describes uniquely identifiable devices connected to the Internet that can communicate with each other. As one of the most important components of smart health monitoring and improvement systems, the IoHT presents numerous challenges, among which cybersecurity is a priority. As a well-received security solution to achieve fine-grained access control, ciphertext-policy weighted attribute-based encryption (CP-WABE) has the potential to ensure data security in the IoHT. However, many issues remain, such as inflexibility, poor computational capability, and insufficient storage efficiency in attributes comparison. To address these issues, we propose a novel access policy expression method using 0-1 coding technology. Based on this method, a flexible and efficient CP-WABE is constructed for the IoHT. Our scheme supports not only weighted attributes but also any form of comparison of weighted attributes. Furthermore, we use offline/online encryption and outsourced decryption technology to ensure that the scheme can run on an inefficient IoT terminal. Both theoretical and experimental analyses show that our scheme is more efficient and feasible than other schemes. Moreover, security analysis indicates that our scheme achieves security against a chosen-plaintext attack.

computer science, interdisciplinary applications,mathematical & computational biology,medical informatics, information systems

Laleh Khajehzadeh,Hamid Barati,Ali Barati

DOI: https://doi.org/10.1007/s11042-024-19379-2

IF: 2.577

2024-05-22

Multimedia Tools and Applications

Abstract:The Internet of Things has opened up new opportunities in healthcare systems. Wireless sensor nodes are used to collect and exchange health-related data in the Internet of Things. In this integration, data is transmitted to medical professionals through unsecured channels to enable them to monitor patients' conditions in real-time. However, due to the high sensitivity of e-health records, there are key challenges such as security considerations, privacy, and authentication in data transmission in heterogeneous Internet of Things networks. This article examines the solution proposed by Masud and colleagues and points out the existing threats and vulnerabilities, such as node clone/replication attacks. To overcome these drawbacks, we propose an improved lightweight authentication protocol for a smart healthcare system. In the proposed protocol, the mutual authentication process consists of two steps. The doctor sends their information for authentication and the desired sensor node ID to the gateway for communication. After successful confirmation of authentication, the gateway node, in turn, sends a message to the sensor node to complete the authentication process. After confirming the authentication process, the node sends a message to the gateway to complete the authentication process and key agreement. Once the authentication process of the sensor node is confirmed, the gateway sends a message to the medical user based on their authentication along with the session key. The security of the proposed protocol is demonstrated through automatic validation of protocols using tools like ProVerif and internet security programs. Additionally, security features and performance analysis are compared to other schemes. The results show that the improved proposed protocol provides a higher level of security while ensuring computational and communication efficiency. It is also resistant to attacks such as mutual authentication, identity anonymity and untraceability, ensures data privacy, and provides perfect forward secrecy, among others.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Iman Jafarian,Siavash Khorsandi

2024-06-25

Abstract:The Internet of Medical Things has revolutionized the healthcare industry, enabling the seamless integration of connected medical devices and wearable sensors to enhance patient care and optimize healthcare services. However, the rapid adoption of the Internet of Medical Things also introduces significant security challenges that must be effectively addressed to preserve patient privacy, protect sensitive medical data, and ensure the overall reliability and safety of Internet of Medical Things systems. In this context, a key agreement protocol is used to securely establish shared cryptographic keys between interconnected medical devices and the central system, ensuring confidential and authenticated communication. Recently Chen et al. proposed a lightweight authentication and key agreement protocol for the Internet of health things. In this article, we provide a descriptive analysis of their proposed scheme and prove that Chen et al.'s scheme is vulnerable to Known session-specific temporary information attacks and stolen verifier attacks.

Cryptography and Security

Ayushi Jain,Mehak Garg,Anvita Gupta,Shivangi Batra,Bhawna Narwal

DOI: https://doi.org/10.1007/s11227-024-06026-8

IF: 3.3

2024-04-10

The Journal of Supercomputing

Abstract:A healthcare-focused version of the Internet of Things (IoT), the Internet of Medical Things (IoMT) enables real-time monitoring and remote medical support via integrated medical devices, programs, and support solutions. However, patients' safety and anonymity are in jeopardy by the open access networks employed in IoMT, which makes the systems susceptible to several threats and security lapses. By harnessing the synergies of blockchain, cloud computing, and digital twins, this study presents a comprehensive architecture and a secure lightweight authentication mechanism (which integrates the benefits offered by Yu and Park, Yu et al., and Amintoshi et al.) that addresses these concerns. The suggested method entails using session keys for secure communication while authenticating medical professionals and patients through a gateway. Cloud computing offers a flexible and robust framework for managing and storing medical data. Additionally, it simulates digital twins to enable data-driven decision-making and predictive analysis, and the incorporation of blockchain offers a decentralized and immutable ledger for recording and validating patient data and transaction logs enhancing data integrity, transparency, and traceability. Healthcare systems may confidently embrace the potential of IoMT by implementing this framework since it offers promising solutions to enhance the security and confidentiality of patient data in IoMT while supporting the provision of the best healthcare services, especially in emergency scenarios like the COVID-19 pandemic. The suggested approach is subjected to a thorough security evaluation using AVISPA, demonstrating its resistance to various attacks. A comparative analysis has also been carried out to assess the performance and computational cost of IoMT-BADT in comparison with other authentication schemes.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Chong Guo,Bei Gong,Muhammad Waqas,Hisham Alasmary,Shanshan Tu,Sheng Chen

DOI: https://doi.org/10.3390/s24216843

IF: 3.9

2024-10-25

Sensors

Abstract:The Internet of Things (IoT) is a heterogeneous network composed of numerous dynamically connected devices. While it brings convenience, the IoT also faces serious challenges in data security. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptography method that supports fine-grained access control, offering a solution to the IoT's security issues. However, existing CP-ABE schemes are inefficient and unsuitable for IoT devices with limited computing resources. To address this problem, this paper proposes an efficient pairing-free CP-ABE scheme for the IoT. The scheme is based on lightweight elliptic curve scalar multiplication and supports multi-authority and verifiable outsourced decryption. The proposed scheme satisfies indistinguishability against chosen-plaintext attacks (CPA) under the elliptic curve decisional Diffie–Hellman (ECDDH) problem. Performance analysis shows that our proposed scheme is more efficient and better suited to the IoT environment compared to existing schemes.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Shaik Jhani Bhasha,Sunita Panda

DOI: https://doi.org/10.1080/01969722.2024.2343982

IF: 1.859

2024-05-17

Cybernetics & Systems

Abstract:Internet of Medical Things (IoMT) is a promising field that is widely used in healthcare applications nowadays. The IoMT is an extension of the Internet of Things (IoT) that is utilized for the processing, generation, collection, and evaluation of medical data. However, the most concerning issue in IoMT is regarding the privacy and protection of the IoMT data. Because privacy preservation of information is the major concern in IoT-based healthcare systems. Hence, there is a need for a trustworthy end-to-end system, which can tolerate even insider attacks. The core aim of this research work is to promote the latest secure technique for transmitting the data from sink nodes to the server and also to ensure the security level of communication between them. Here, the gathered sink node is authenticated by deep hybrid methods of combining the Auto Encoder (AE) and Bidirectional Long Short-Term Memory (BiLSTM). This hybrid model is named as Auto Encoder-Bidirectional Long Short-Term Memory (AE-Bi-LSTM), in which the parameters are tuned by the Improved Chimp Optimization Algorithm (IChoA). Hence, data privacy preservation makes to secure communication in the networks. The proposed privacy-prevention model is utilized for maintaining communication between sink nodes and servers. The communication is done through three different steps (a) Sanitation, (b) Optimal key generation, and (c) Restoration. Moreover, from the overall result analysis, the accuracy and precision rate of the designed IChoA-AE-Bi-LSTM approach are 95.58 and 91.93%. The experimental analysis shows that the designed model offers a better authentication scheme and guarantees data privacy than traditional models. Moreover, applying a high amount of energy will reduce the lifetime of the sensor nodes. Here, privacy preservation is a challenging task due to fraudulent attacks from third-party service providers. In the future, advanced techniques will be implemented with lightweight encoded mechanisms.

computer science, cybernetics

Ahmed A. Mawgoud,Ahmed I. Karadawy,Benbella S. Tawfik

DOI: https://doi.org/10.6084/m9.figshare.13311479.v2

2020-11-30

Abstract:The rapid growth of the Internet of Things technology in healthcare domain led to the appearance of many security threats and risks. It became very challenging to provide full protection with the expansion in using sensor objects in medical field, this led to the Internet of Medical Things definition, the security part in IoMT poses a perilous problem that keeps growing, because of the data sensitivity and critical information. The lack of providing a secure environment in IoMT may lead to patients privacy issues, not only leaving the data privacy of the patients at risk but also their lives can be in danger. In this paper, we provide a discussion on both definition and architecture of the Internet of Medical Things and Propose a new authentication approach through machine learning, to enhance the security level.

Cryptography and Security

Mohit Kumar,Kavita,Sahil Verma,Ashwani Kumar,Muhammad Fazal Ijaz,Danda B. Rawat

DOI: https://doi.org/10.1109/tii.2022.3181614

IF: 12.3

2022-10-05

IEEE Transactions on Industrial Informatics

Abstract:The Internet of Medical Things (IoMT) is an arising trend that provides a significant amount of efficient and effective services for patients as well as healthcare professionals for the treatment of disparate diseases. The IoMT has numerous benefits; however, the security issue still persists as a challenge. The lack of security awareness among novice IoMT users and the risk of several intermediary attacks for accessing health information severely endanger the use of IoMT. In this article, rooted elliptic curve cryptography with Vigenère cipher (RECC-VC) centered security amelioration on the IoMT is proposed for enhancing security. First, this work utilizes the exponential K-anonymity algorithm for privacy preservation. Second, a new improved Elman neural network (IENN) is proposed for analyzing the sensitivity level of data. The Gaussian mutated chimp optimization is employed for weight updating in this IENN. Finally, a novel RECC-VC is proposed for securely uploading the data to the cloud server. Additionally, data are stored in the cloud server using blockchain technology. In experimental analysis, the proposed methodologies attain better results than the prevailing methods. The proposed IENN model achieves an accuracy of 96% and is validated against state-of-the-art methods. Also, the proposed RECC-VC attains 98% of the security level.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Jialu Hao,Wenjuan Tang,Cheng Huang,Jian Liu,Huimei Wang,Ming Xian

DOI: https://doi.org/10.1109/tetc.2021.3052377

2022-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:Cloud-assisted Internet of Medical Things (IoMT) is becoming an emerging paradigm in the healthcare domain, which involves collection, storage and usage of the medical data. Considering the confidentiality and accessibility of the outsourced data, secure and fine-grained data sharing is a crucial requirement for the patients. Attribute-based encryption (ABE) is a promising solution to deal with this issue, but considering its property of each attribute sharing with multiple users, how to flexibly and efficiently update access privileges of certain users without affecting others is still a serious challenge. In this article, we propose a secure and fine-grained data sharing scheme with flexible user access privilege update in cloud-assisted IoMT environment. Specifically, we take ABE as the basic building block, and utilize proxy re-encryption and key blinding techniques to empower the cloud server to re-encrypt the ciphertext affected by revocation and update keys for unrevoked users. In addition, adding attributes for users to extend their access rights is realized only based on few key components stored in cloud without entirely re-computing and re-issuing keys for them. As a result, the patients are able to flexibly and efficiently share their data and manage users’ privileges. Formal proof and detailed performance evaluation demonstrate the security and efficiency of the proposed scheme.

Shahzad Khan,Waseem Iqbal,Abdul Waheed,Gulzar Mehmood,Shawal Khan,Mahdi Zareei,Rajesh Roshan Biswal

DOI: https://doi.org/10.3390/s22010336

2022-01-03

Abstract:The ever-growing ecosystem of the Internet of Things (IoT) integrating with the ever-evolving wireless communication technology paves the way for adopting new applications in a smart society. The core concept of smart society emphasizes utilizing information and communication technology (ICT) infrastructure to improve every aspect of life. Among the variety of smart services, eHealth is at the forefront of these promises. eHealth is rapidly gaining popularity to overcome the insufficient healthcare services and provide patient-centric treatment for the rising aging population with chronic diseases. Keeping in view the sensitivity of medical data, this interfacing between healthcare and technology has raised many security concerns. Among the many contemporary solutions, attribute-based encryption (ABE) is the dominant technology because of its inherent support for one-to-many transfer and fine-grained access control mechanisms to confidential medical data. ABE uses costly bilinear pairing operations, which are too heavy for eHealth's tiny wireless body area network (WBAN) devices despite its proper functionality. We present an efficient and secure ABE architecture with outsourcing intense encryption and decryption operations in this work. For practical realization, our scheme uses elliptic curve scalar point multiplication as the underlying technology of ABE instead of costly pairing operations. In addition, it provides support for attribute/users revocation and verifiability of outsourced medical data. Using the selective-set security model, the proposed scheme is secure under the elliptic curve decisional Diffie-Hellman (ECDDH) assumption. The performance assessment and top-ranked value via the help of fuzzy logic's evaluation based on distance from average solution (EDAS) method show that the proposed scheme is efficient and suitable for access control in eHealth smart societies.

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Samia A. El-Moneim Kabel,Ghada M. El-Banby,Lamiaa A. Abou Elazm,Walid El-Shafai,Nirmeen A. El-Bahnasawy,Fathi E. Abd El-Samie,Atef Abou Elazm,Ali I. Siam,Mohamed A. Abdelhamed

DOI: https://doi.org/10.1038/s41598-024-54830-2

IF: 4.6

2024-05-14

Scientific Reports

Abstract:Reinforcement of the Internet of Medical Things (IoMT) network security has become extremely significant as these networks enable both patients and healthcare providers to communicate with each other by exchanging medical signals, data, and vital reports in a safe way. To ensure the safe transmission of sensitive information, robust and secure access mechanisms are paramount. Vulnerabilities in these networks, particularly at the access points, could expose patients to significant risks. Among the possible security measures, biometric authentication is becoming a more feasible choice, with a focus on leveraging regularly-monitored biomedical signals like Electrocardiogram (ECG) signals due to their unique characteristics. A notable challenge within all biometric authentication systems is the risk of losing original biometric traits, if hackers successfully compromise the biometric template storage space. Current research endorses replacement of the original biometrics used in access control with cancellable templates. These are produced using encryption or non-invertible transformation, which improves security by enabling the biometric templates to be changed in case an unwanted access is detected. This study presents a comprehensive framework for ECG-based recognition with cancellable templates. This framework may be used for accessing IoMT networks. An innovative methodology is introduced through non-invertible modification of ECG signals using blind signal separation and lightweight encryption. The basic idea here depends on the assumption that if the ECG signal and an auxiliary audio signal for the same person are subjected to a separation algorithm, the algorithm will yield two uncorrelated components through the minimization of a correlation cost function. Hence, the obtained outputs from the separation algorithm will be distorted versions of the ECG as well as the audio signals. The distorted versions of the ECG signals can be treated with a lightweight encryption stage and used as cancellable templates. Security enhancement is achieved through the utilization of the lightweight encryption stage based on a user-specific pattern and XOR operation, thereby reducing the processing burden associated with conventional encryption methods. The proposed framework efficacy is demonstrated through its application on the ECG-ID and MIT-BIH datasets, yielding promising results. The experimental evaluation reveals an Equal Error Rate (EER) of 0.134 on the ECG-ID dataset and 0.4 on the MIT-BIH dataset, alongside an exceptionally large Area under the Receiver Operating Characteristic curve (AROC) of 99.96% for both datasets. These results underscore the framework potential in securing IoMT networks through cancellable biometrics, offering a hybrid security model that combines the strengths of non-invertible transformations and lightweight encryption.

multidisciplinary sciences

Ramalingam Praveen,Parameswaran Pabitha

DOI: https://doi.org/10.1002/ett.4732

IF: 3.6

2023-01-27

Transactions on Emerging Telecommunications Technologies

Abstract:In this work, an improved Gentry–Halevi's fully homomorphic encryption‐based lightweight privacy preserving IGHFHE scheme is proposed for secure and authenticate a user in Internet of Medical Things (IoMT) applications. The secret key is generated using the improved fully homomorphic additions, NAND, keyswitch and modswitch operations to protect the remote patient monitoring system from the intruder attacks. The proposed lightweight secure user authentication scheme is formally verified using the AVISPA simulator and the performance of the scheme has been validated in terms of communication cost, computation cost, and security features. Internet of Medical Things (IoMT) solutions have proliferated rapidly in the COVID‐19 pandemic era. The smart medical sensors capture real‐time data from remote patients and communicate it to medical servers in a secure and privacy‐preserving manner. It is a herculean challenge to guarantee security and privacy in Medical IoT applications. Hence, an improved Gentry–Halevi's fully homomorphic encryption‐based (IGHFHE) lightweight privacy preserving user authentication scheme is proposed in this work. The scheme is proposed with an integer matrix computation strategy for securing data computation with privacy protection. It adopts the translation process of Gentry–Halevi's fully homomorphic encryption process for performing homomorphic addition and multiplication, then encrypt an integer matrix modulo that represents a positive integer. Extensive informal investigation and simulation of the proposed IGHFHE scheme shows that it is more resistant to well‐known attacks for preventing authentication breaches. Also, the proposed IGHFHE scheme reduced computational and storage overhead by 4.98% and 5.78% respectively on average in comparison to other prevailing schemes.

telecommunications

Omar Alruwaili,Muhammad Tanveer,Faisal Mohammed Alotaibi,Waleed Abdelfattah,Ammar Armghan,Faeiz M Alserhani

DOI: https://doi.org/10.1016/j.heliyon.2024.e37577

IF: 3.776

2024-09-10

Heliyon

Abstract:As the Internet of Things (IoT) continues its rapid expansion, cloud computing has become integral to various smart healthcare applications. However, the proliferation of digital health services raises significant concerns regarding security and data privacy, making the protection of sensitive medical information paramount. To effectively tackle these challenges, it is crucial to establish resilient network infrastructure and data storage systems capable of defending against malicious entities and permitting access exclusively to authorized users. This requires the deployment of a robust authentication mechanism, wherein medical IoT devices, users (such as doctors or nurses), and servers undergo registration with a trusted authority. The process entails users retrieving data from the cloud server, while IoT devices collect patient data. Before granting access to data retrieval or storage, the cloud server verifies the authenticity of both the user and the IoT device, ensuring secure and authorized interactions within the system. With millions of interconnected smart medical IoT devices autonomously gathering and analyzing vital patient data, the importance of robust security measures becomes increasingly evident. Standard security protocols are fundamental in fortifying smart healthcare applications against potential threats. To confront these issues, this paper introduces a secure and resource-efficient cloud-enabled authentication mechanism. Through empirical analysis, it is demonstrated that our authentication mechanism effectively reduces computational and communication overheads, thereby improving overall system efficiency. Furthermore, both informal and formal analyses affirm the mechanism's resilience against potential cyberattacks, highlighting its effectiveness in safeguarding smart healthcare applications.