Software-driven secure framework for mobile healthcare applications in IoMT
Abstract
The traditional healthcare systems require more data storage and not a quick responsive mode. The new era of intelligent healthcare systems uses advanced frameworks and devices to work with Internet of things (IoT), Cloud Computing, edge computing devices, and the Internet of Medical Things (IoMT). These technology adoptions may drastically increase healthcare systems performance and are available anytime and anywhere to replace traditional medical methods – the organizations in the network exchange the patient data that has been gathered. The healthcare systems are therefore susceptible to a variety of threats. The attacker may exploit many attacks during the transmission. This paper introduces a novel mechanism of A Secure Robust Privacy-Preserving Authentication and Key Agreement Framework for Mobile Healthcare Applications. The proposed framework collects the patient’s data using wearable devices called sensors, and the collected data is shared with various entities using a secure mechanism. The proposed framework uses Elliptic Curve Cryptography (ECC). Digital sign is created and validated through the Elliptic Curve Digital Signature Algorithm (ECDSA). Security properties of the proposed framework are analyzed through standard model checking tool Automated Validation of Internet Security Protocols (AVISPA). The suggested protocol is simple to develop and can withstand network-related threats.
Get full access to this article
View all access and purchase options for this article.
References
1. Savaliya A Jhaveri RH Xin Q Alqithami S Ramani S Ahanger TA. Securing industrial communication with software-defined networking. Mathematical Biosciences and Engineering. 2021; 18(6): 8298-314.
2. Ramani SV Jhaveri RH. SDN Framework for Mitigating Time-Based Delay Attack. Journal of Circuits, Systems and Computers. 2022; 2250264.
3. Naga Srinivasu P Panigrahi R Singh A Bhoi AK. Probabilistic Buckshot-Driven Cluster Head Identification and Accumulative Data Encryption in WSN. Journal of Circuits, Systems and Computers. 2022; 2250303.
4. Swapna D Praveen SP. An Exploration of Distributed Access Control Mechanism Using BlockChain. In: Smart Intelligent Computing and Applications. Springer; 2020, pp. 13-20.
5. Shreya S Chatterjee K Singh A. A smart secure healthcare monitoring system with Internet of Medical Things. Computers and Electrical Engineering. 2022; 101: 107969.
6. Dolev D Yao AC. On the security of public key protocols. IEEE Transactions on Information Theory. 1983; 29(2): 198-208.
7. Ammenwerth E Buchauer A Bludau B Haux R. Mobile information and communication tools in the hospital. International Journal of Medical Informatics. 2000; 57(1): 21-40.
8. Boulos MNK Wheeler S Tavares C Jones R. How smartphones are changing the face of mobile and participatory healthcare: an overview, with example from eCAALYX. Biomedical Engineering Online. 2011; 10(1): 1-14.
9. Buabbas AJ Aldousari S Ayed AK Safar M Alkandari O. Usefulness of smartphone use among surgeons in clinical practice during the pandemic of COVID-19: a cross-sectional study. BMC Medical Informatics and Decision Making. 2021; 21(1): 1-9.
10. Crotty BH Slack WV. Designing online health services for patients. Israel journal of health policy research. 2016; 5(1): 1-3.
11. Zargar ST Joshi J Tipper D. A survey of defense mechanisms against distributed denial of service (DDoS) flooding attacks. IEEE communications surveys & tutorials. 2013; 15(4): 2046-69.
12. Badotra S Panda SN. SNORT based early DDoS detection system using Opendaylight and open networking operating system in software defined networking. Cluster Computing. 2021; 24(1): 501-13.
13. Chhabra M Gupta B Almomani A. A novel solution to handle DDOS attack in MANET. 2013.
14. Sindhura S Praveen SP Syedbi S Pratap VK Krishna TBM. An effective secure storage of data in cloud using ISSE encryption technique. Annals of the Romanian Society for Cell Biology. 2021; 5321-9.
15. Sterne D Djahandari K Balupari R La Cholter W Babson B Wilson B, et al. Active network based DDoS defense. In: Proceedings DARPA Active Networks Conference and Exposition. IEEE; 2002, pp. 193-203.
16. Anjum F Shoaib ASM Hossain AI Khan MM. Online health care. In: 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC). IEEE; 2018, pp. 580-3.
17. Ventola CL. Mobile devices and apps for health care professionals: uses and benefits. Pharmacy and Therapeutics. 2014; 39(5): 356.
18. Mopari IB Pukale S Dhore M. Detection of DDoS attack and defense against IP spoofing. In: Proceedings of the International Conference on Advances in Computing, Communication and Control. 2009, pp. 489-93.
19. Thing VL Sloman M Dulay N. Non-intrusive IP traceback for DDoS attacks. In: Proceedings of the 2nd ACM symposium on Information, computer and communications security. 2007, pp. 371-3.
20. Johnson D Menezes A Vanstone S. The elliptic curve digital signature algorithm (ECDSA). International Journal of Information Security. 2001; 1(1): 36-63.
21. Jhaveri RH Ramani SV Srivastava G Gadekallu TR Aggarwal V. Fault-resilience for bandwidth management in industrial software-defined networks. IEEE Transactions on Network Science and Engineering. 2021; 8(4): 3129-39.
22. Sundaravadivel P Kougianos E Mohanty SP Ganapathiraju MK. Everything you wanted to know about smart health care: Evaluating the different technologies and components of the internet of things for better health. IEEE Consumer Electronics Magazine. 2017; 7(1): 18-28.
23. Canetti R Krawczyk H. Universally composable notions of key exchange and secure channels. In: International Conference on the Theory and Applications of Cryptographic Techniques. Springer; 2002, pp. 337-51.
24. Automated validation of internet security protocols. Accessed: 2016-08-02. Available from: http://www.avispa-project.org//web-interface/basic.php.
25. Armando A Basin D Boichut Y Chevalier Y Compagna L Cuéllar J, et al. The AVISPA tool for the automated validation of internet security protocols and applications. In: International Conference on Computer Aided Verification. Springer; 2005, pp. 281-5.
26. AVISPA Team. AVISPA v1.0 User Manual. 2006.
27. HLSPL Tutorial. A Beginner’s Guide to Modelling and Analysing Internet Security Protocols. 2009. Available at [AH-03].
28. Viganò L. Automated security protocol analysis with the AVISPA tool. Electronic Notes in Theoretical Computer Science. 2006; 155: 61-86.
29. Farash MS Turkanović M Kumari S Hölbl M. An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Networks. 2016; 36: 152-76.
30. Challa S Wazid M Das AK Kumar N Reddy AG Yoon EJ, et al. Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access. 2017; 5: 3028-43.
31. Sharma G Kalra S. A lightweight user authentication scheme for cloud-IoT based healthcare services. Iranian Journal of Science and Technology, Transactions of Electrical Engineering. 2019; 43(1): 619-36.
32. Gupta K Sharma DK Gupta KD Kumar A. A tree classifier based network intrusion detection model for Internet of Medical Things. Computers and Electrical Engineering. 2022; 102: 108158.
33. Zhou L Li X Yeh KH Su C Chiu W. Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Generation Computer Systems. 2019;91:244-51.
34. Garg N Obaidat MS Wazid M Das AK Singh DP. SPCS-IoTEH: Secure Privacy-Preserving Communication Scheme for IoT-Enabled e-Health Applications. In: ICC 2021-IEEE International Conference on Communications. IEEE; 2021, pp. 1-6.
35. Huang CY Ma SP Chen KT. Using one-time passwords to prevent password phishing attacks. Journal of Network and Computer Applications. 2011; 34(4): 1292-301.
36. Karlof C Shankar U Tygar JD Wagner D. Dynamic pharming attacks and locked same-origin policies for web browsers. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM; 2007, pp. 58-71.
37. Lim IK Park YG Lee JK. Design of Security Training System for Individual Users. Wireless Personal Communications. 2016; 1-16.
38. Moghimi M Varjani AY. New rule-based phishing detection method. Expert systems with applications. 2016; 53: 231-42.
39. Gupta M Thakur N Bansal D Chaudhary G Davaasambuu B Hua Q. CNN-LSTM hybrid real-time IoT-based cognitive approaches for ISLR with WebRTC: auditory impaired assistive technology. Journal of Healthcare Engineering. 2022; 2022.
40. Tanwar S Kumar A. An efficient and secure identity based multiple signatures scheme based on RSA. Journal of Discrete Mathematical Sciences and Cryptography. 2019; 22(6): 953-71.
41. Karupusamy S Refonaa J Sankaran S Dahiya P Haq MA Kumar A. Effective energy usage and data compression approach using data mining algorithms for IoT data. Expert Systems. 2022; e12997.
42. Tanwar S Kumar A. A proposed scheme for remedy of man-in-the-middle attack on certificate authority. International Journal of Information Security and Privacy (IJISP). 2017; 11(3): 1-14.
43. Khan MAR Shavkatovich SN Nagpal B Kumar A Haq MA Tharini VJ, et al. Optimizing Hybrid Metaheuristic Algorithm with Cluster Head to Improve Performance Metrics On The IOT. Theoretical Computer Science. 2022.
44. Lee CC Chen CT Wu PH Chen TY. Three-factor control protocol based on elliptic curve cryptosystem for universal serial bus mass storage devices. IET Computers & Digital Techniques. 2013; 7(1): 48-55.
45. He D Zeadally S Xu B Huang X. An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks. IEEE Transactions on Information Forensics and Security. 2015; 10(12): 2681-91.
46. Gupta M Yadav R Tanwar G. Insider and flooding attack in cloud: A discussion. In: 2016 3rd International Conference on Computing for Sustainable Global Development (INDIACom). IEEE; 2016, pp. 530-5.
Cite
Cite
Cite
OR
Download to reference manager
If you have citation software installed, you can download citation data to the citation manager of your choice
Information, rights and permissions
Information
Published In
Article first published online: May 1, 2023
Issue published: May 2023
Keywords
Authors
Metrics and citations
Metrics
Journals metrics
This article was published in Intelligent Decision Technologies.
View All Journal MetricsPublication usage*
Total views and downloads: 141
*Publication usage tracking started in December 2016
Publications citing this one
Receive email alerts when this publication is cited
Web of Science: 5 view articles Opens in new tab
Crossref: 11
- Cyber threats in mobile healthcare applications: systematic review of enabling technologies, threat models, detection approaches, and future directions
- IoT Authentication Protocols: Challenges, and Comparative Analysis
- Enhanced feature selection and ensemble learning for cardiovascular disease prediction: hybrid GOL2-2 T and adaptive boosted decision fusion with babysitting refinement
- Enhancing Healthcare Security Using IoT and Blockchain through the Perspective of Novel Solidity Smart Contracts
- 2024 2nd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT)
- 2024 2nd International Conference on Intelligent Data Communication Technologies and Internet of Things (IDCIoT)
- q-Spherical Fuzzy Rough Frank Aggregation Operators in AI Neural Networks: Applications in Military Transport Systems
- 2023 3rd International Conference on Innovative Mechanisms for Industry Applications (ICIMIA)
- 2023 2nd International Conference on Automation, Computing and Renewable Systems (ICACRS)
- A Software Framework for Intelligent Security Measures Regarding Sensor Data in the Context of Ambient Assisted Technology
- View More
Figures and tables
Figures & Media
Tables
View Options
Access options
If you have access to journal content via a personal subscription, university, library, employer or society, select from the options below:
I am signed in as:
View my profileSign out
I can access personal subscriptions, purchases, paired institutional access and free tools such as favourite journals, email alerts and saved searches.
loading institutional access options
Alternatively, view purchase options below:
Purchase 24 hour online access to view and download content.
Access journal content via a DeepDyve subscription or find out more about this option.
