Abstract
In 5G, the next generation of technologies like the Internet of Medical Things (IoMT) cooperate with networking artifacts to provide seamless connectivity. To provide effective information sharing, the Internet infrastructure integrates various components of medical information systems such as computing devices, software tools, and application services. The information systems access a massive Internet of Medical Things (mIoMT) to discover a series of network infrastructures with technological innovations to offer remote diagnosis and treatment. In collecting healthcare information, innovative applications utilize medical sensor networks to drive extensive information processing including mobility support. However, the convergence of IoT and the cloud addresses the security gap while centralizing the devices into edge computing systems to protect the transmission flow through the device gateway. Considering this fact, an authentication scheme with privacy preservation was proposed using a key exchange protocol and digital signature by Soleymani et al. to guarantee data confidentiality and integrity. However, this scheme is still incapable of validating the integrity of data with the edge systems properly. Thus, this paper presents privacy-preserving authentication with device verification (PP-ADV) for securing healthcare systems in 5G networks. To protect the device privacy and server identities with registered users, the proposed PP-ADV utilizes two cryptographic primitives namely elliptic curve arithmetic and a collision-free hash function to achieve the significant properties of key agreement protocol including authenticity and confidentiality. Formal and informal analyses show that the proposed PP-ADV can restrict vulnerabilities such as privileged insider and forgery to achieve high-level privacy protection with seamless verification to improve system efficiency compared with other state-of-the-art approaches. Also, a board simulation testbed was designed using Raspberry Pi with Arduino IDE to examine the quality metrics including data transmission ratio, authentication delay, and throughput rate. The testbed analysis demonstrates that the proposed PP-ADV gains less delay \(\approx 292.28s\) and improved throughput \(\approx 87.73\) to meet the design criteria of 5G-enabled remote healthcare systems.
Similar content being viewed by others
Data availability
Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.
Change history
11 November 2023
A Correction to this paper has been published: https://doi.org/10.1007/s10207-023-00775-y
References
Pirmagomedov, R., Moltchanov, D., Samuylov, A., Orsino, A., Torsner, J., Andreev, S., Koucheryavy, Y.: Characterizing throughput and convergence time in dynamic multi-connectivity 5G deployments. Comput. Commun. 187, 45–58 (2022)
Pise, A.A., Almusaini, K.K., Ahanger, T.A., Farouk, A., Pareek, P.K., Nuagah, S.J.: Enabling artificial intelligence of things (AIoT) healthcare architectures and listing security issues. Comput. Intell. Neurosci. 2022, 14 (2022)
Maayan, G.D.: The IoT rundown for 2020: stats, risks, and solutions. Security Today, 13. (2020)
David, D.B.: Mutual authentication scheme for multimedia medical information systems. Multimed. Tools Appl. 76(8), 10741–10759 (2017)
Abbas, G., Mehmood, A., Carsten, M., Epiphaniou, G., Lloret, J.: Safety, security and privacy in machine learning based internet of things. J. Sens. Actuator Netw. 11(3), 38 (2022)
Mehta, R., Khanna, K., Sahni, J.: IoT in healthcare: a 360-degree view. In: Rodrigues, J.J.P.C., Agarwal, P., Khanna, K. (eds.) IoT for Sustainable Smart Cities and Society, pp. 85–106. Springer, Cham (2022)
Chatterjee, S., Chaudhuri, R., Kumar, A., Aránega, A.Y., Biswas, B.: Development of an integrative model for electronic vendor relationship management for improving technological innovation, social change and sustainability performance. Technol. Forecast. Soc. Chang. 186, 122213 (2023)
Mazhar, T., Irfan, H.M., Haq, I., Ullah, I., Ashraf, M., Shloul, T.A., Elkamchouchi, D.H.: Analysis of challenges and solutions of IoT in smart grids using AI and machine learning techniques: a review. Electronics 12(1), 242 (2023)
Rahman, A., Hasan, K., Kundu, D., Islam, M.J., Debnath, T., Band, S.S., Kumar, N.: On the ICN-IoT with federated learning integration of communication: concepts, security-privacy issues, applications, and future perspectives. Futur. Gener. Comput. Syst. 138, 61–88 (2023)
Reddy, A.G., Suresh, D., Phaneendra, K., Shin, J.S., Odelu, V.: Provably secure pseudo-identity based device authentication for smart cities environment. Sustain. Cities Soc. 41, 878–885 (2018)
Das, S., Namasudra, S.: Lightweight and efficient privacy-preserving mutual authentication scheme to secure Internet of Things-based smart healthcare. Trans. Emerg. Telecommun. Technol. (2023). https://doi.org/10.1002/ett.4716
Alfaqawi, M., Gateau, M., Huard, P., Reungoat, P., Le Mercier, M.C., Davai, S., Ben Mabrouk, M.: A comprehensive study on 5G: RAN architecture, enabling technologies, challenges, and deployment. In: Matin, M.A. (ed.) A Glimpse Beyond 5G in Wireless Networks, pp. 1–57. Springer, Cham (2023)
Deebak, B.D., Al-Turjman, F.: Secure-user sign-in authentication for IoT-based eHealth systems. Complex Intell. Syst. 9(3), 2629–2649 (2023)
Fadi, A.T., David, D.B.: Seamless authentication: for IoT-big data technologies in smart industrial application systems. IEEE Trans. Ind. Inform. 17(4), 2919–2927 (2020)
Lu, R., Lin, X., Shen, X.: SPOC: a secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency. IEEE Trans. Parallel Distrib. Syst. 24(3), 614–624 (2012)
Jain, U., Pirasteh, S., Hussain, M.: Lightweight, secure, efficient, and dynamic scheme for mutual authentication of devices in Internet-of-Things-Fog environment. Concurr. Comput.: Pract. Exp. 35(1), e7428 (2023)
Bhatia, J., Italiya, K., Jadeja, K., Kumhar, M., Chauhan, U., Tanwar, S., Raboaca, M.S.: An overview of fog data analytics for IoT applications. Sensors 23(1), 199 (2023)
Deebak, B.D.: Lightweight authentication and key management in mobile-sink for smart IoT-assisted systems. Sustain. Cities Soc. 63, 102416 (2020)
Al-Muhtadi, J., Saleem, K., Al-Rabiaah, S., Imran, M., Gawanmeh, A., Rodrigues, J.J.: A lightweight cyber security framework with context-awareness for pervasive computing environments. Sustain. Cities Soc. 66, 102610 (2021)
Kim, J., Park, N.: Lightweight knowledge-based authentication model for intelligent closed circuit television in mobile personal computing. Pers. Ubiquitous Comput. 26, 345–353 (2022)
Dammak, M., Boudia, O.R.M., Messous, M.A., Senouci, S.M., & Gransart, C.: Token-based lightweight authentication to secure IoT networks. In: 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1–4). IEEE (2019)
Ghahramani, M., Javidan, R., Shojafar, M.: A secure biometric-based authentication protocol for global mobility networks in smart cities. J. Supercomput. 76, 8729–8755 (2020)
Aghili, S.F., Mala, H., Shojafar, M., Peris-Lopez, P.: LACO: lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT. Future Gener. Comput. Syst. 96, 410–424 (2019)
Mohseni-Ejiyeh, A., Ashouri-Talouki, M., Mahdavi, M.: An incentive-aware lightweight secure data sharing scheme for D2D communication in 5G cellular networks. ISC Int. J. Inf. Secur. 10(1), 15–27 (2018)
Zhou, C.: An improved lightweight certificateless generalized signcryption scheme for mobile-health system. Int. J. Distrib. Sens. Netw. 15(1), 1550147718824465 (2019)
Amin, R., Islam, S.H., Biswas, G.P., Khan, M.K., Kumar, N.: A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener. Comput. Syst. 80, 483–495 (2018)
Shuai, M., Liu, B., Yu, N., Xiong, L.: Lightweight and secure three-factor authentication scheme for remote patient monitoring using on-body wireless networks. Secur. Commun. Netw. (2019). https://doi.org/10.1155/2019/8145087
Wong, A.M.K., Hsu, C.L., Le, T.V., Hsieh, M.C., Lin, T.W.: Three-factor fast authentication scheme with time bound and user anonymity for multi-server E-health systems in 5G-based wireless sensor networks. Sensors 20(9), 2511 (2020)
Jia, X., He, D., Kumar, N., Choo, K.K.R.: Authenticated key agreement scheme for fog-driven IoT healthcare system. Wirel. Netw. 25(8), 4737–4750 (2019)
Wang, D., Wang, P., Wang, C.: Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in WSNs. ACM Trans. Cyber-Phys. Syst. 4(3), 1–26 (2020)
Wu, T.Y., Wang, T., Lee, Y.Q., Zheng, W., Kumari, S., Kumar, S.: Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Secur. Commun. Netw. (2021). https://doi.org/10.1155/2021/6658041
Masud, M., Gaba, G.S., Kumar, P., Gurtov, A.: A user-centric privacy-preserving authentication protocol for IoT-Am I environments. Comput. Commun. 196, 45–54 (2022)
Al-Sarawi, S., Anbar, M., Alieyan, K., & Alzubaidi, M.: Internet of Things (IoT) communication protocols. In: 2017 8th International Conference on Information Technology (ICIT) (pp. 685–690). IEEE (2017)
Deebak, B.D., Fadi, A.T.: Lightweight authentication for IoT/Cloud-based forensics in intelligent data computing. Future Gener. Comput. Syst. 116, 406–425 (2021)
Mao, W.: A structured operational modelling of the dolev-yao threat model. In: International Workshop on Security Protocols (pp. 34–46). Springer, Berlin, Heidelberg (2004)
Canetti, R., Jain, A., & Scafuro, A.: Practical UC security with a global random oracle. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, (pp. 597–608), (2014)
Amanlou, S., Hasan, M.K., Bakar, K.A.A.: Lightweight and secure authentication scheme for IoT network based on publish–subscribe fog computing model. Comput. Netw. 199, 108465 (2021)
Deebak, B.D., Al-Turjman, F., Mostarda, L.: Seamless secure anonymous authentication for cloud-based mobile edge computing. Comput. Electr. Eng. 87, 106782 (2020)
Pagnutti, M.A., Ryan, R.E., Gold, M.J., Harlan, R., Leggett, E., Pagnutti, J.F.: Laying the foundation to use Raspberry Pi 3 V2 camera module imagery for scientific and engineering purposes. J. Electron. Imaging 26(1), 013014 (2017)
Kusriyanto, M., & Putra, B.D.: Smart home using local area network (LAN) based arduino mega 2560. In: 2016 2nd International Conference on Wireless and Telematics (ICWT) (pp. 127–131), IEEE, (2016)
Ruan, O., Zhang, Y., Zhang, M., Zhou, J., Harn, L.: After-the-fact leakage-resilient identity-based authenticated key exchange. IEEE Syst. J. 12(2), 2017–2026 (2017)
Nyangaresi, V.O.: Privacy preserving three-factor authentication protocol for secure message forwarding in wireless body area networks. Ad Hoc Netw. 142, 103117 (2023)
Nyangaresi, V.O., Abduljabbar, Z.A., Mutlaq, K.A.A., Hussain, M.A., & Hussien, Z.A.: Forward and backward key secrecy preservation scheme for medical Internet of Things. In: Human-Centric Smart Computing: Proceedings of ICHCSC 2022 (pp. 15–29). Singapore: Springer Nature Singapore, (2022)
Nyangaresi, V.O., & Ma, J.: A formally verified message validation protocol for intelligent IoT E-health systems. In: 2022 IEEE World Conference on Applied Intelligence and Computing (AIC) (pp. 416–422). IEEE, (2022)
Author information
Authors and Affiliations
Contributions
Patruni Muralidhara Rao has participated in writing the manuscript considering conceptual design, modeling, experimentation and deriving results. Abdul Gaffar H has participated in modeling, design and verification in the development of the manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors have no competing interests to declare that are relevant to the content of this article.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Patruni, M.R., Humayun, A.G. PPAM-mIoMT: a privacy-preserving authentication with device verification for securing healthcare systems in 5G networks. Int. J. Inf. Secur. 23, 679–698 (2024). https://doi.org/10.1007/s10207-023-00762-3
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-023-00762-3