Kiran Dewangan,Mina Mishra,Naveen Kumar Dewangan

DOI: https://doi.org/10.1007/s11845-020-02425-x

Abstract:Internet of Things is a fast growing technology and a network of devices in which everything (smart objects or smart devices) are associated to the internet for effective exchange of information between these connected objects. Internet of Things (IoT) serves as a method for healthcare and acts as an essential part in broad range of real-time healthcare monitoring applications. Previous work shows networked sensor devices, either equipped on the body or embedded inside living being or a camera, make possible in gathering real-time information to evaluate physical and mental health state of the patient by collecting body temperature, blood pressure, patient's image, etc. Communicating this collected real-time data to the doctor, making accurate assessment on the data gathered and notifying the patient is challenging task in the IoT. The architechture of Internet of Things comprises of three layers, and it is the network of devices embedded with sensor, software, and electronics, enabling this device to communicate with each other and exchange data over a computer network. The IoT-based real-time healthcare systems are highly vulnerable to cyber-attacks as the numbers of sensors are deployed in an unprotected network. These may even introduce the attacks, which cannot be monitored and controlled. This paper attempts to review the previous work done and a new scheme has been proposed, the new lightweight authentication protocol for smart real-time healthcare. The proposed scheme requires implementation with the authentication protocol. It is important to satisfy the major parameters of security: confidentiality, integrity, authentication, and access control. In this paper our focus is on the authentication of devices.

Laleh Khajehzadeh,Hamid Barati,Ali Barati

DOI: https://doi.org/10.1007/s11042-024-19379-2

IF: 2.577

2024-05-22

Multimedia Tools and Applications

Abstract:The Internet of Things has opened up new opportunities in healthcare systems. Wireless sensor nodes are used to collect and exchange health-related data in the Internet of Things. In this integration, data is transmitted to medical professionals through unsecured channels to enable them to monitor patients' conditions in real-time. However, due to the high sensitivity of e-health records, there are key challenges such as security considerations, privacy, and authentication in data transmission in heterogeneous Internet of Things networks. This article examines the solution proposed by Masud and colleagues and points out the existing threats and vulnerabilities, such as node clone/replication attacks. To overcome these drawbacks, we propose an improved lightweight authentication protocol for a smart healthcare system. In the proposed protocol, the mutual authentication process consists of two steps. The doctor sends their information for authentication and the desired sensor node ID to the gateway for communication. After successful confirmation of authentication, the gateway node, in turn, sends a message to the sensor node to complete the authentication process. After confirming the authentication process, the node sends a message to the gateway to complete the authentication process and key agreement. Once the authentication process of the sensor node is confirmed, the gateway sends a message to the medical user based on their authentication along with the session key. The security of the proposed protocol is demonstrated through automatic validation of protocols using tools like ProVerif and internet security programs. Additionally, security features and performance analysis are compared to other schemes. The results show that the improved proposed protocol provides a higher level of security while ensuring computational and communication efficiency. It is also resistant to attacks such as mutual authentication, identity anonymity and untraceability, ensures data privacy, and provides perfect forward secrecy, among others.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

Wang Yuanbing,Liu Wanrong,Li Bin

DOI: https://doi.org/10.1109/access.2021.3099299

IF: 3.9

2021-01-01

IEEE Access

Abstract:With the rapid development and evolution of wireless network technology, electronic health has shown great potential in continuously monitoring the health of patients. The wireless medical sensor network (WMSN) has played an important role in this field. In WMSN, medical sensors are placed on patients to collect relevant health data and transmitted to medical professionals in hospitals or at home through insecure channels. These health data need to be highly protected because they contain patient-related private information. Once the information is leaked or maliciously modified, it will cause the wrong diagnosis and endanger the health of patients. To protect information privacy and security from being stolen by illegal users, this article reviews the solutions of Farash et al. and further points out the existing vulnerabilities, such as privileged insider attack, user anonymity invalidation, and offline password guessing attack. In order to overcome these drawbacks, we use the Elliptic Curve Cryptography to propose an improved anonymous authentication protocol for a smart healthcare system. The security of our protocol is verified by Burrows-Abadi-Needham logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tools, and security features and efficiency analysis are performed with other related schemes. The results show that the improved protocol provides better security protection while ensuring computational and communication efficiency.

xiong li,jianwei niu,saru kumari,junguo liao,wei liang,muhammad khurram khan

DOI: https://doi.org/10.1002/sec.1214

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:With the development and maturation of the wireless communication technologies, the wireless sensor networks have been widely applied in different environments to acquire specific information. The wireless medical sensor networks WMSNs, as a professional application of the wireless sensor networks in medicine, have attracted more and more attention because of its potential in improving the quality of healthcare services. Through the WMSNs, the parameters of patients' vital signs can be gathered from the sensor nodes equipped on the body of the patients and then can be accessed by the healthcare professionals by using a mobile device. By reason of the open feature of wireless communication, how to guarantee secure communication becomes an important issue. On the other hand, because the vital signs parameters are sensitive to the patients' health status and no one wants to reveal it to the others except the healthcare professionals, the protection of patients' privacy becomes another key issue for WMSNs applications. User authentication protocol with anonymity is the most basic and commonly used method to resolve the security and privacy issues of WMSNs. Recently, He et al. proposed an enhanced authentication protocol for healthcare applications using WMSNs to protect the security and privacy problems. However, we find that their scheme is incorrect in authentication and session key agreement phase. Besides, their scheme has no wrong password detection mechanism, which will not only waste the unnecessary computation and communication costs, but also may deduce the denial of service problem. In this paper, the biometric is introduced as the third authentication factor, and a new user anonymous authentication protocol based on WMSNs is designed so as to remove the drawbacks of the protocol of He et al. Compared with previous protocols, the new presented protocol enhances the security and also keeps the computation efficiency. Copyright © 2015John Wiley & Sons, Ltd.

Xiong Li,Maged Hamada Ibrahim,Saru Kumari,Rahul Kumar

DOI: https://doi.org/10.1007/s11235-017-0340-1

2017-01-01

Abstract:The mobility and openness of wireless communication technologies make Mobile Healthcare Systems (mHealth) potentially exposed to a number of potential attacks, which significantly undermines their utility and impedes their widespread deployment. Attackers and criminals, even without knowing the context of the transmitted data, with simple eavesdropping on the wireless links, may benefit a lot from linking activities to the identities of patient's sensors and medical staff members. These vulnerabilities apply to all tiers of the mHealth system. A new anonymous mutual authentication scheme for three-tier mobile healthcare systems with wearable sensors is proposed in this paper. Our scheme consists of three protocols: Protocol-1 allows the anonymous authentication nodes (mobile users and controller nodes) and the HSP medical server in the third tier, while Protocol-2 realizes the anonymous authentication between mobile users and controller nodes in the second tier, and Protocol-3 achieves the anonymous authentication between controller nodes and the wearable body sensors in the first tier. In the design of our protocols, the variation in the resource constraints of the different nodes in the mHealth system are taken into consideration so that our protocols make a better trade-off among security, efficiency and practicality. The security of our protocols are analyzed through rigorous formal proofs using BAN logic tool and informal discussions of security features, possible attacks and countermeasures. Besides, the efficiency of our protocols are concretely evaluated and compared with related schemes. The comparisons show that our scheme outperforms the previous schemes and provides more complete and integrated anonymous authentication services. Finally, the security of our protocols are evaluated by using the Automated Validation of Internet Security Protocols and Applications and the SPAN animator software. The simulation results show that our scheme is secure and satisfy all the specified privacy and authentication goals.

Rifaqat Ali,Arup Kumar Pal,Saru Kumari,Arun Kumar Sangaiah,Xiong Li,Fan Wu

DOI: https://doi.org/10.1007/s12652-018-1015-9

IF: 3.662

2024-01-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:With the rapid growth of wireless medical sensor networks ( WMSNs ) based healthcare applications, protecting both the privacy and security from illegitimate users, are major concern issues since patient’s precise information is vital for the proper diagnosis procedure. So, authentication protocol is one of the efficient mechanisms to deal with trustworthy and authentic users. Several authentication protocols have been proposed in WMSNs environment. However, the most of these protocols are so susceptible to security threats and not suitable for practical use. In this article, recently proposed Amin et al.’s authentication scheme is reviewed and some vulnerabilities like off-line password guessing attack, user impersonation attack, known session-key temporary information attack, the revelation of secret parameters, and identity guessing attack are pointed out. To overcome all the above mentioned vulnerabilities, we have proposed an enhanced three-factor based remote user authentication protocol in WMSNs environment. Further, the proposed protocol is validated using Burrows–Abadi–Needham logic and then simulated using Automated Validation of Internet Security Protocols and Applications tool. Moreover, the security analysis ensures that the proposed protocol is well protected from various types of malicious attacks. In addition, the performance evaluation shows better efficiency and suitability of our protocol over other related protocols.

Zeyad A. Al-Odat,Sudarshan K. Srinivasan,Eman M. Al-Qtiemat,Sana Shuja

DOI: https://doi.org/10.48550/arXiv.1908.06086

2019-08-16

Computers and Society

Abstract:This paper introduces a reliable health care system for diabetic patients based on the Internet of Things technology. A diabetic health care system with a hardware implementation is presented. The proposed work employs Alaris 8100 infusion pump, Keil LPC-1768 board, and IoT-cloud to monitor the diabetic patients. The security of diabetic data over the cloud and the communication channel between health care system components are considered as part of the main contributions of this work. Moreover, an easy way to control and monitor the diabetic insulin pump is implemented. The \mbox{patient\textquotesingle s} records are stored in the cloud using the Keil board that is connected to the infusion pump. The reliability of the proposed scheme is accomplished by testing the system for five performance characteristics (availability, confidentiality, integrity, authentication, and authorization). The Kiel board is embedded with Ethernet port and Cortex-M3 micro-controller that controls the insulin infusion pump. The secure hash algorithm and secure socket shell are employed to achieve the reliability components of the proposed scheme. The results show that the proposed design is reliable, secure and authentic according to different test experiments and a case study of the Markov model. Moreover, a 99.3\% availability probability has been achieved after analyzing the case study.

Debiao He,Neeraj Kumar,Jianhua Chen,Cheng-Chi Lee,Naveen Chilamkurti,Seng-Soo Yeo

DOI: https://doi.org/10.1007/s00530-013-0346-9

IF: 3.9

2013-01-01

Multimedia Systems

Abstract:With the fast development of wireless communication technologies and semiconductor technologies, the wireless sensor network (WSN) has been widely used in many applications. As an application of the WSN, the wireless medical sensor network (WMSN) could improve health-care quality and has become important in the modern medical system. In the WMSN, physiological data are collected by sensors deployed in the patient's body and sent to health professionals' mobile devices through wireless communication. Then health professionals could get the status of the patient anywhere and anytime. The data collected by sensors are very sensitive and important. The leakage of them could compromise the patient's privacy and their malicious modification could harm the patient's health. Therefore, both security and privacy are two important issues in WMSNs. Recently, Kumar et al. proposed an efficient authentication protocol for health-care applications using WMSNs and claimed that it could withstand various attacks. However, we find that their protocol is vulnerable to the off-line password guessing attack and the privileged insider attack. We also point out that their protocol cannot provide user anonymity. In this paper, we will propose a robust anonymous authentication protocol for health-care applications using WMSNs. Compared with Kumar et al.'s protocol, the proposed protocol has strong security and computational efficiency. Therefore, it is more suitable for health-care applications using WMSNs.

Mutaz Elradi S. Saeed,Qun-Ying Liu,Guiyun Tian,Bin Gao,Fagen Li

DOI: https://doi.org/10.1109/jiot.2018.2876133

IF: 10.6

2018-01-01

IEEE Internet of Things Journal

Abstract:Internet of Things (IoT) is a new technology which offers enormous applications that make people's lives more convenient and enhances cities' development. In particular, smart healthcare applications in IoT have been receiving increasing attention for industrial and academic research. However, due to the sensitiveness of medical information, security and privacy issues in IoT healthcare systems are very important. Designing an efficient secure scheme with less computation time and energy consumption is a critical challenge in IoT healthcare systems. In this paper, a lightweight online/offline certificateless signature (L-OOCLS) is proposed, then a heterogeneous remote anonymous authentication protocol (HRAAP) is designed to enable remote wireless body area networks (WBANs) users to anonymously enjoy healthcare service based on the IoT applications. The proposed L-OOCLS scheme is proven secure in random oracle model and the proposed HRAAP can resist various types of attacks. Compared with the existing relevant schemes, the proposed HRAAP achieves less computation overhead as well as less power consumption on WBANs client. In addition, to nicely meet the application in the IoT, an application scenario is given.

Shanvendra Rai,Rituparna Paul,Subhasish Banerjee,Preetisudha Meher,Rai, Shanvendra,Paul, Rituparna,Banerjee, Subhasish,Meher, Preetisudha

DOI: https://doi.org/10.1007/s11276-024-03690-9

IF: 2.701

2024-03-07

Wireless Networks

Abstract:Wireless medical sensor network (WMSN) is an application of the Internet of Things (IoT) that plays a very important role in today's era for the healthcare industry, especially after the COVID-19 pandemic. To maintain the security and privacy of the real-time health information of the users or patients, the proper mutual authentication and key agreement (AKA) is the foremost necessity. In this context, Shadi Nashwan proposed an end-to-end authentication scheme for a healthcare IoT system i.e. WMSN, and claimed that their scheme could resist so many existing possible threats and could maintain a low computational cost too. Unfortunately, during this research, it is found that their scheme can be threatened by eavesdropping and jamming/desynchronization attacks and have many computational flaws, as well. Moreover, they also assumed that the gateway node (GWN) is always trustworthy, but in reality, it is not always feasible, as the GWN may act as a local server. Hence, in this article, a new AKA scheme has been proposed using the user's physiological information like ECG data in order to make the WMSN more secure and reliable. In addition, the proposed scheme can resist many well-known threats like GWN spoofing attack, key escrow problem and can guard against GWN stolen database problem, also. To proof the superiority of the proposed scheme, the informal and formal security analysis have been performed using automated validation of internet security protocols and applications (i.e. AVISPA) and Burrows–Abadi–Needham (BAN) logic, respectively. Based on the comparative study with existing schemes concerning security features, computational and communicational cost, and storage requirement; the proposed scheme can perform better than the existing schemes and well suitable for practical implementations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Iman Jafarian,Siavash Khorsandi

2024-06-25

Abstract:The Internet of Medical Things has revolutionized the healthcare industry, enabling the seamless integration of connected medical devices and wearable sensors to enhance patient care and optimize healthcare services. However, the rapid adoption of the Internet of Medical Things also introduces significant security challenges that must be effectively addressed to preserve patient privacy, protect sensitive medical data, and ensure the overall reliability and safety of Internet of Medical Things systems. In this context, a key agreement protocol is used to securely establish shared cryptographic keys between interconnected medical devices and the central system, ensuring confidential and authenticated communication. Recently Chen et al. proposed a lightweight authentication and key agreement protocol for the Internet of health things. In this article, we provide a descriptive analysis of their proposed scheme and prove that Chen et al.'s scheme is vulnerable to Known session-specific temporary information attacks and stolen verifier attacks.

Cryptography and Security

Tallat Jabeen,Ishrat Jabeen,Humaira Ashraf,N. Z. Jhanjhi,Abdulsalam Yassine,M. Shamim Hossain

DOI: https://doi.org/10.3390/s23115055

IF: 3.9

2023-05-25

Sensors

Abstract:The Internet of Things (IoT) uses wireless networks without infrastructure to install a huge number of wireless sensors that track system, physical, and environmental factors. There are a variety of WSN uses, and some well-known application factors include energy consumption and lifespan duration for routing purposes. The sensors have detecting, processing, and communication capabilities. In this paper, an intelligent healthcare system is proposed which consists of nano sensors that collect real-time health status and transfer it to the doctor’s server. Time consumption and various attacks are major concerns, and some existing techniques contain stumbling blocks. Therefore, in this research, a genetic-based encryption method is advocated to protect data transmitted over a wireless channel using sensors to avoid an uncomfortable data transmission environment. An authentication procedure is also proposed for legitimate users to access the data channel. Results show that the proposed algorithm is lightweight and energy efficient, and time consumption is 90% lower with a higher security ratio.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Chun-Ta Li,Tsu-Yang Wu,Chin-Ling Chen,Cheng-Chi Lee,Chien-Ming Chen

DOI: https://doi.org/10.3390/s17071482

2017-06-23

Abstract:In recent years, with the increase in degenerative diseases and the aging population in advanced countries, demands for medical care of older or solitary people have increased continually in hospitals and healthcare institutions. Applying wireless sensor networks for the IoT-based telemedicine system enables doctors, caregivers or families to monitor patients' physiological conditions at anytime and anyplace according to the acquired information. However, transmitting physiological data through the Internet concerns the personal privacy of patients. Therefore, before users can access medical care services in IoT-based medical care system, they must be authenticated. Typically, user authentication and data encryption are most critical for securing network communications over a public channel between two or more participants. In 2016, Liu and Chung proposed a bilinear pairing-based password authentication scheme for wireless healthcare sensor networks. They claimed their authentication scheme cannot only secure sensor data transmission, but also resist various well-known security attacks. In this paper, we demonstrate that Liu-Chung's scheme has some security weaknesses, and we further present an improved secure authentication and data encryption scheme for the IoT-based medical care system, which can provide user anonymity and prevent the security threats of replay and password/sensed data disclosure attacks. Moreover, we modify the authentication process to reduce redundancy in protocol design, and the proposed scheme is more efficient in performance compared with previous related schemes. Finally, the proposed scheme is provably secure in the random oracle model under ECDHP.

Zahid Mehmood,Anwar Ghani,Gongliang Chen,Ahmed S. Alghamdi

DOI: https://doi.org/10.1109/ACCESS.2019.2935313

IF: 3.9

2019-01-01

IEEE Access

Abstract:The use of modern technology for the Goodwell of human beings especially in medical science is a hot research area. Telecare Medicine Information System (TMIS) is very popular in health care services in developed countries where a physician can remotely get patients related information. The security of such information is very critical as its misuse can have adverse effects on the patients' life. The information transmitted over a public channel is protected using authentication protocols. For this purpose, various biometrics-based authentication protocols including Omid et al.'s protocol have been proposed. However, in this article, it has been analyzed that Omid et al.'s protocol is susceptible to user impersonation attack and also fails to protect user identity. Hence, to remedy the problems an improved mechanism is needed to secure the three-factor authentication framework for the practical application. Therefore, a robust and efficient biometrics-based authentication and key agreement protocols for E-Health Services has been proposed. Further, it has been shown through formal and informal analysis that the proposed scheme is provably secure.

Khushil Kumar Saini,Damandeep Kaur,Devender Kumar,Bijendra Kumar

DOI: https://doi.org/10.1007/s11042-024-18114-1

IF: 2.577

2024-01-14

Multimedia Tools and Applications

Abstract:Wireless Sensor Networks (WSNs) play a significant role in the health care industry in this digitised world. This technology is used to monitor and store the health-related data for patients. As a result, if such data is not kept secure, it can pose a serious threat to the patient's life. Maintaining the anonymity of such data is an equally important task. As WSNs use an open channel to transfer data between sensor nodes, users and gateway, they are vulnerable to attackers. A user authentication strategy for remote healthcare applications has been recently developed by Soni et al. However, it has been noted in this work that this user authentication approach is not secure against user impersonation attack and offline password-guessing attack. Additionally, to overcome the shortcomings of the Soni et al.'s protocol, an effective user authentication protocol for wireless healthcare sensor networks has been put forth. The formal security verification of the proposed protocol is carried out using the ProVerif tool and the formal verification of mutual authentication is demonstrated using BAN logic. Its performance in terms of cost associated with communication, storage and computation along with its security aspects is compared to those of the other similar schemes. From such a comparison, it is evident that the proposed protocol is more secure.

computer science, information systems, theory & methods,engineering, electrical & electronic, software engineering

S. Satheesh Kumar,Manjula Sanjay Koti

DOI: https://doi.org/10.1007/s13721-021-00329-z

2021-08-12

Network Modeling Analysis in Health Informatics and Bioinformatics

Abstract:In recent decades, broad range of Internet of Things (IoT) technologies are deployed such as machine to machine communication, Internet Technologies (IT), robots, smart devices, and wireless sensor networks. IoT is a spectacular technology in the modern world of IT in which the objects can do data transmission and connect using the intranet or internet networks. Data security and privacy is one of the top most challenging issue where several researchers are showing interest that to especially in healthcare domain. For this reason, a hybrid combination of Elliptic Curve Digital Signature Algorithm (ECDSA), Rivest Cipher 4 (RC4), and Secure Hash Algorithm (SHA-256) is proposed for protecting the reliable data which is transmitted from the IoT based healthcare systems. In the proposed model, the ECDSA is used for improving the RC4 in which the encryption of key is processed by ECDSA for performing the XOR operation in RC4. Furthermore, the security is ensured by transforming the incoming data using the SHA-256 technique. Experimental results show that the proposed model outperforms for 10 MB of data in terms of encryption time that obtained as 631 ms, decryption time is 616 ms, and throughput obtained by the proposed models is 11.71 MB/ms when compared with other existing techniques such as ECC+3DES+SHA-256, RC4+AES+SHA-256, and ECC+RC2+SHA-256.

Zeyad A. Al-Odat,Sudarshan K. Srinivasan,Eman Al-qtiemat,Mohana Asha Latha Dubasi,Sana Shuja

DOI: https://doi.org/10.48550/arXiv.1812.02357

2018-12-06

Abstract:This paper introduces an Internet of Things (IoT)-based data acquisition and monitoring scheme for insulin pumps. The proposed work employs embedded system hardware (Keil LPC1768-board) for data acquisition and monitoring. The hardware is used as an abstract layer between the insulin pump and the cloud. Diabetes data are secured before they are sent to the cloud for storage. Each patient's record is digitally signed using a secure hash algorithm mechanism. The proposed work will protect the patient's records from being breached from unauthorized entities, and authenticates them from improper modifications. The design is tested and verified using $\mu$Vision studio, the Keil board mentioned above, and an ALARIS 8100 infusion pump. Moreover, a test case for a real cloud example is presented with the help of the Center of Computationally Assisted System and Technology. This center provided the infrastructure service to test our work.

Human-Computer Interaction,Cryptography and Security

Mosarrat Jahan,Fatema Tuz Zohra,Md. Kamal Parvez,Upama Kabir,Abdul Mohaimen Al Radi,Shaily Kabir

DOI: https://doi.org/10.1016/j.smhl.2023.100413

2021-11-11

Abstract:Wireless Body Area Network (WBAN) ensures high-quality healthcare services by endowing distant and continual monitoring of patients' health conditions. The security and privacy of the sensitive health-related data transmitted through the WBAN should be preserved to maximize its benefits. In this regard, user authentication is one of the primary mechanisms to protect health data that verifies the identities of entities involved in the communication process. Since WBAN carries crucial health data, every entity engaged in the data transfer process must be authenticated. In literature, an end-to-end user authentication mechanism covering each communicating party is absent. Besides, most of the existing user authentication mechanisms are designed assuming that the patient's mobile phone is trusted. In reality, a patient's mobile phone can be stolen or comprised by malware and thus behaves maliciously. Our work addresses these drawbacks and proposes an end-to-end user authentication and session key agreement scheme between sensor nodes and medical experts in a scenario where the patient's mobile phone is semi-trusted. We present a formal security analysis using BAN logic. Besides, we also provide an informal security analysis of the proposed scheme. Both studies indicate that our method is robust against well-known security attacks. In addition, our scheme achieves comparable computation and communication costs concerning the related existing works. The simulation shows that our method preserves satisfactory network performance.

Cryptography and Security

Mohit Kumar,Priya Mukherjee,Sahil Verma,Kavita,Maninder Kaur,S Singh,Martyna Kobielnik,Marcin Woźniak,Jana Shafi,Muhammad Fazal Ijaz

DOI: https://doi.org/10.3390/s22239448

2022-12-02

Abstract:The wearable healthcare equipment is primarily designed to alert patients of any specific health conditions or to act as a useful tool for treatment or follow-up. With the growth of technologies and connectivity, the security of these devices has become a growing concern. The lack of security awareness amongst novice users and the risk of several intermediary attacks for accessing health information severely endangers the use of IoT-enabled healthcare systems. In this paper, a blockchain-based secure data storage system is proposed along with a user authentication and health status prediction system. Firstly, this work utilizes reversed public-private keys combined Rivest-Shamir-Adleman (RP2-RSA) algorithm for providing security. Secondly, feature selection is completed by employing the correlation factor-induced salp swarm optimization algorithm (CF-SSOA). Finally, health status classification is performed using advanced weight initialization adapted SignReLU activation function-based artificial neural network (ASR-ANN) which classifies the status as normal and abnormal. Meanwhile, the abnormal measures are stored in the corresponding patient blockchain. Here, blockchain technology is used to store medical data securely for further analysis. The proposed model has achieved an accuracy of 95.893% and is validated by comparing it with other baseline techniques. On the security front, the proposed RP2-RSA attains a 96.123% security level.