Skip to main content
SpringerLink
Log in

PPAM-mIoMT: a privacy-preserving authentication with device verification for securing healthcare systems in 5G networks

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

A Publisher Correction to this article was published on 11 November 2023

This article has been updated

Abstract

In 5G, the next generation of technologies like the Internet of Medical Things (IoMT) cooperate with networking artifacts to provide seamless connectivity. To provide effective information sharing, the Internet infrastructure integrates various components of medical information systems such as computing devices, software tools, and application services. The information systems access a massive Internet of Medical Things (mIoMT) to discover a series of network infrastructures with technological innovations to offer remote diagnosis and treatment. In collecting healthcare information, innovative applications utilize medical sensor networks to drive extensive information processing including mobility support. However, the convergence of IoT and the cloud addresses the security gap while centralizing the devices into edge computing systems to protect the transmission flow through the device gateway. Considering this fact, an authentication scheme with privacy preservation was proposed using a key exchange protocol and digital signature by Soleymani et al. to guarantee data confidentiality and integrity. However, this scheme is still incapable of validating the integrity of data with the edge systems properly. Thus, this paper presents privacy-preserving authentication with device verification (PP-ADV) for securing healthcare systems in 5G networks. To protect the device privacy and server identities with registered users, the proposed PP-ADV utilizes two cryptographic primitives namely elliptic curve arithmetic and a collision-free hash function to achieve the significant properties of key agreement protocol including authenticity and confidentiality. Formal and informal analyses show that the proposed PP-ADV can restrict vulnerabilities such as privileged insider and forgery to achieve high-level privacy protection with seamless verification to improve system efficiency compared with other state-of-the-art approaches. Also, a board simulation testbed was designed using Raspberry Pi with Arduino IDE to examine the quality metrics including data transmission ratio, authentication delay, and throughput rate. The testbed analysis demonstrates that the proposed PP-ADV gains less delay \(\approx 292.28s\) and improved throughput \(\approx 87.73\) to meet the design criteria of 5G-enabled remote healthcare systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

Data availability

Data sharing is not applicable to this article as no datasets were generated or analyzed during the current study.

Change history

References

  1. Pirmagomedov, R., Moltchanov, D., Samuylov, A., Orsino, A., Torsner, J., Andreev, S., Koucheryavy, Y.: Characterizing throughput and convergence time in dynamic multi-connectivity 5G deployments. Comput. Commun. 187, 45–58 (2022)

    Article  Google Scholar 

  2. Pise, A.A., Almusaini, K.K., Ahanger, T.A., Farouk, A., Pareek, P.K., Nuagah, S.J.: Enabling artificial intelligence of things (AIoT) healthcare architectures and listing security issues. Comput. Intell. Neurosci. 2022, 14 (2022)

    Article  Google Scholar 

  3. Maayan, G.D.: The IoT rundown for 2020: stats, risks, and solutions. Security Today, 13. (2020)

  4. David, D.B.: Mutual authentication scheme for multimedia medical information systems. Multimed. Tools Appl. 76(8), 10741–10759 (2017)

    Article  Google Scholar 

  5. Abbas, G., Mehmood, A., Carsten, M., Epiphaniou, G., Lloret, J.: Safety, security and privacy in machine learning based internet of things. J. Sens. Actuator Netw. 11(3), 38 (2022)

    Article  Google Scholar 

  6. Mehta, R., Khanna, K., Sahni, J.: IoT in healthcare: a 360-degree view. In: Rodrigues, J.J.P.C., Agarwal, P., Khanna, K. (eds.) IoT for Sustainable Smart Cities and Society, pp. 85–106. Springer, Cham (2022)

    Chapter  Google Scholar 

  7. Chatterjee, S., Chaudhuri, R., Kumar, A., Aránega, A.Y., Biswas, B.: Development of an integrative model for electronic vendor relationship management for improving technological innovation, social change and sustainability performance. Technol. Forecast. Soc. Chang. 186, 122213 (2023)

    Article  Google Scholar 

  8. Mazhar, T., Irfan, H.M., Haq, I., Ullah, I., Ashraf, M., Shloul, T.A., Elkamchouchi, D.H.: Analysis of challenges and solutions of IoT in smart grids using AI and machine learning techniques: a review. Electronics 12(1), 242 (2023)

    Article  Google Scholar 

  9. Rahman, A., Hasan, K., Kundu, D., Islam, M.J., Debnath, T., Band, S.S., Kumar, N.: On the ICN-IoT with federated learning integration of communication: concepts, security-privacy issues, applications, and future perspectives. Futur. Gener. Comput. Syst. 138, 61–88 (2023)

    Article  Google Scholar 

  10. Reddy, A.G., Suresh, D., Phaneendra, K., Shin, J.S., Odelu, V.: Provably secure pseudo-identity based device authentication for smart cities environment. Sustain. Cities Soc. 41, 878–885 (2018)

    Article  Google Scholar 

  11. Das, S., Namasudra, S.: Lightweight and efficient privacy-preserving mutual authentication scheme to secure Internet of Things-based smart healthcare. Trans. Emerg. Telecommun. Technol. (2023). https://doi.org/10.1002/ett.4716

    Article  Google Scholar 

  12. Alfaqawi, M., Gateau, M., Huard, P., Reungoat, P., Le Mercier, M.C., Davai, S., Ben Mabrouk, M.: A comprehensive study on 5G: RAN architecture, enabling technologies, challenges, and deployment. In: Matin, M.A. (ed.) A Glimpse Beyond 5G in Wireless Networks, pp. 1–57. Springer, Cham (2023)

    Google Scholar 

  13. Deebak, B.D., Al-Turjman, F.: Secure-user sign-in authentication for IoT-based eHealth systems. Complex Intell. Syst. 9(3), 2629–2649 (2023)

    Article  Google Scholar 

  14. Fadi, A.T., David, D.B.: Seamless authentication: for IoT-big data technologies in smart industrial application systems. IEEE Trans. Ind. Inform. 17(4), 2919–2927 (2020)

    Google Scholar 

  15. Lu, R., Lin, X., Shen, X.: SPOC: a secure and privacy-preserving opportunistic computing framework for mobile-healthcare emergency. IEEE Trans. Parallel Distrib. Syst. 24(3), 614–624 (2012)

    Article  Google Scholar 

  16. Jain, U., Pirasteh, S., Hussain, M.: Lightweight, secure, efficient, and dynamic scheme for mutual authentication of devices in Internet-of-Things-Fog environment. Concurr. Comput.: Pract. Exp. 35(1), e7428 (2023)

    Article  Google Scholar 

  17. Bhatia, J., Italiya, K., Jadeja, K., Kumhar, M., Chauhan, U., Tanwar, S., Raboaca, M.S.: An overview of fog data analytics for IoT applications. Sensors 23(1), 199 (2023)

    Article  Google Scholar 

  18. Deebak, B.D.: Lightweight authentication and key management in mobile-sink for smart IoT-assisted systems. Sustain. Cities Soc. 63, 102416 (2020)

    Article  Google Scholar 

  19. Al-Muhtadi, J., Saleem, K., Al-Rabiaah, S., Imran, M., Gawanmeh, A., Rodrigues, J.J.: A lightweight cyber security framework with context-awareness for pervasive computing environments. Sustain. Cities Soc. 66, 102610 (2021)

    Article  Google Scholar 

  20. Kim, J., Park, N.: Lightweight knowledge-based authentication model for intelligent closed circuit television in mobile personal computing. Pers. Ubiquitous Comput. 26, 345–353 (2022)

    Article  Google Scholar 

  21. Dammak, M., Boudia, O.R.M., Messous, M.A., Senouci, S.M., & Gransart, C.: Token-based lightweight authentication to secure IoT networks. In: 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (pp. 1–4). IEEE (2019)

  22. Ghahramani, M., Javidan, R., Shojafar, M.: A secure biometric-based authentication protocol for global mobility networks in smart cities. J. Supercomput. 76, 8729–8755 (2020)

    Article  Google Scholar 

  23. Aghili, S.F., Mala, H., Shojafar, M., Peris-Lopez, P.: LACO: lightweight three-factor authentication, access control and ownership transfer scheme for e-health systems in IoT. Future Gener. Comput. Syst. 96, 410–424 (2019)

    Article  Google Scholar 

  24. Mohseni-Ejiyeh, A., Ashouri-Talouki, M., Mahdavi, M.: An incentive-aware lightweight secure data sharing scheme for D2D communication in 5G cellular networks. ISC Int. J. Inf. Secur. 10(1), 15–27 (2018)

    Google Scholar 

  25. Zhou, C.: An improved lightweight certificateless generalized signcryption scheme for mobile-health system. Int. J. Distrib. Sens. Netw. 15(1), 1550147718824465 (2019)

    Article  Google Scholar 

  26. Amin, R., Islam, S.H., Biswas, G.P., Khan, M.K., Kumar, N.: A robust and anonymous patient monitoring system using wireless medical sensor networks. Future Gener. Comput. Syst. 80, 483–495 (2018)

    Article  Google Scholar 

  27. Shuai, M., Liu, B., Yu, N., Xiong, L.: Lightweight and secure three-factor authentication scheme for remote patient monitoring using on-body wireless networks. Secur. Commun. Netw. (2019). https://doi.org/10.1155/2019/8145087

    Article  Google Scholar 

  28. Wong, A.M.K., Hsu, C.L., Le, T.V., Hsieh, M.C., Lin, T.W.: Three-factor fast authentication scheme with time bound and user anonymity for multi-server E-health systems in 5G-based wireless sensor networks. Sensors 20(9), 2511 (2020)

    Article  Google Scholar 

  29. Jia, X., He, D., Kumar, N., Choo, K.K.R.: Authenticated key agreement scheme for fog-driven IoT healthcare system. Wirel. Netw. 25(8), 4737–4750 (2019)

    Article  Google Scholar 

  30. Wang, D., Wang, P., Wang, C.: Efficient multi-factor user authentication protocol with forward secrecy for real-time data access in WSNs. ACM Trans. Cyber-Phys. Syst. 4(3), 1–26 (2020)

    Article  MathSciNet  Google Scholar 

  31. Wu, T.Y., Wang, T., Lee, Y.Q., Zheng, W., Kumari, S., Kumar, S.: Improved authenticated key agreement scheme for fog-driven IoT healthcare system. Secur. Commun. Netw. (2021). https://doi.org/10.1155/2021/6658041

    Article  Google Scholar 

  32. Masud, M., Gaba, G.S., Kumar, P., Gurtov, A.: A user-centric privacy-preserving authentication protocol for IoT-Am I environments. Comput. Commun. 196, 45–54 (2022)

    Article  Google Scholar 

  33. Al-Sarawi, S., Anbar, M., Alieyan, K., & Alzubaidi, M.: Internet of Things (IoT) communication protocols. In: 2017 8th International Conference on Information Technology (ICIT) (pp. 685–690). IEEE (2017)

  34. Deebak, B.D., Fadi, A.T.: Lightweight authentication for IoT/Cloud-based forensics in intelligent data computing. Future Gener. Comput. Syst. 116, 406–425 (2021)

    Article  Google Scholar 

  35. Mao, W.: A structured operational modelling of the dolev-yao threat model. In: International Workshop on Security Protocols (pp. 34–46). Springer, Berlin, Heidelberg (2004)

  36. Canetti, R., Jain, A., & Scafuro, A.: Practical UC security with a global random oracle. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, (pp. 597–608), (2014)

  37. Amanlou, S., Hasan, M.K., Bakar, K.A.A.: Lightweight and secure authentication scheme for IoT network based on publish–subscribe fog computing model. Comput. Netw. 199, 108465 (2021)

    Article  Google Scholar 

  38. Deebak, B.D., Al-Turjman, F., Mostarda, L.: Seamless secure anonymous authentication for cloud-based mobile edge computing. Comput. Electr. Eng. 87, 106782 (2020)

    Article  Google Scholar 

  39. Pagnutti, M.A., Ryan, R.E., Gold, M.J., Harlan, R., Leggett, E., Pagnutti, J.F.: Laying the foundation to use Raspberry Pi 3 V2 camera module imagery for scientific and engineering purposes. J. Electron. Imaging 26(1), 013014 (2017)

    Article  Google Scholar 

  40. Kusriyanto, M., & Putra, B.D.: Smart home using local area network (LAN) based arduino mega 2560. In: 2016 2nd International Conference on Wireless and Telematics (ICWT) (pp. 127–131), IEEE, (2016)

  41. Ruan, O., Zhang, Y., Zhang, M., Zhou, J., Harn, L.: After-the-fact leakage-resilient identity-based authenticated key exchange. IEEE Syst. J. 12(2), 2017–2026 (2017)

    Article  Google Scholar 

  42. Nyangaresi, V.O.: Privacy preserving three-factor authentication protocol for secure message forwarding in wireless body area networks. Ad Hoc Netw. 142, 103117 (2023)

    Article  Google Scholar 

  43. Nyangaresi, V.O., Abduljabbar, Z.A., Mutlaq, K.A.A., Hussain, M.A., & Hussien, Z.A.: Forward and backward key secrecy preservation scheme for medical Internet of Things. In: Human-Centric Smart Computing: Proceedings of ICHCSC 2022 (pp. 15–29). Singapore: Springer Nature Singapore, (2022)

  44. Nyangaresi, V.O., & Ma, J.: A formally verified message validation protocol for intelligent IoT E-health systems. In: 2022 IEEE World Conference on Applied Intelligence and Computing (AIC) (pp. 416–422). IEEE, (2022)

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, Vellore Institute of Technology, Vellore, 632014, India

    Muralidhara Rao Patruni & Abdul Gaffar Humayun

Authors
  1. Muralidhara Rao Patruni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdul Gaffar Humayun
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Patruni Muralidhara Rao has participated in writing the manuscript considering conceptual design, modeling, experimentation and deriving results. Abdul Gaffar H has participated in modeling, design and verification in the development of the manuscript.

Corresponding author

Correspondence to Abdul Gaffar Humayun.

Ethics declarations

Conflict of interest

The authors have no competing interests to declare that are relevant to the content of this article.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Patruni, M.R., Humayun, A.G. PPAM-mIoMT: a privacy-preserving authentication with device verification for securing healthcare systems in 5G networks. Int. J. Inf. Secur. 23, 679–698 (2024). https://doi.org/10.1007/s10207-023-00762-3

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00762-3

Keywords

Search

Navigation