Abstract
Nowadays, research efforts are strongly directed toward integrating Blockchain into Smart Healthcare Systems to achieve distribution, transparency, and immutability within the system. The IoT-based Healthcare System incorporates numerous Smart Devices to gather extensive data. The Hospital Authority collects this vital information for diverse analyses via an intermediary data collector. The healthcare data is very crucial and requires secure data transmission from Smart Devices to the Hospital Authority to prevent unauthorized access. The traditional authentication scheme faces challenges such as a single point failure, heavy reliance on the Trusted Third Party, and the absence of channel communication. This can increase the computational load and system latency. The proposed solution introduces the Blockchain-based Shareable Authentication Scheme (BSAS) for Smart Healthcare. The BSAS scheme leverages a Consortium Blockchain which is implemented by using Hyperledger Fabric that supports channel communication among different hospital departments. This eliminates the burden of repetitive registration across all departments and reduces computational overhead. Moreover, a mutual authentication and key agreement scheme employing lightweight operations ensures the secure transmission of data from smart devices to the hospital authorities. The formal analysis using the ROR model and informal analysis confirm the security of the BSAS scheme. Additionally, formal simulations with the Scyther tool reveal no attacks within the bounds. The evaluation of performance using Hyperledger Caliper indicates a consistent and maximum throughput of 100 transactions per second for read operations or an increasing trend for certain operations with a rise in transaction count. The latency remains consistently minimal for read operations and is below 6.5 s for other operations. This comprehensive analysis underscores that the scheme is resilient to various attacks, has computational efficiency, and additional security enhancements, including data immutability, confidential communication through channels, and a distributed system.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Data availability
This declaration is “not applicable”.
References
Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017)
Sengupta, J., Ruj, S., Bit, S.D.: A comprehensive survey on attacks, security issues and blockchain solutions for iot and iiot. J. Netw. Comput. Appl. 149, 102481 (2020)
Rani, D., Tripathi, S.: Design of blockchain-based authentication and key agreement protocol for health data sharing in cooperative hospital network. J. Supercomput. 80, 1–37 (2023)
Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014), 1–32 (2014)
Zhang, P., White, J., Schmidt, D.C., Lenz, G., Rosenbloom, S.T.: Fhirchain: applying blockchain to securely and scalably share clinical data. Comput. Struct. Biotechnol. J. 16, 267–278 (2018)
Aggarwal, S., Kumar, N.: Hyperledger. In: Advances in computers, pp. 323–343. Elsevier, Amsterdam (2021)
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart, D., Ferris, C., Laventman, G., Manevich, Y., et al.: Hyperledger fabric: a distributed operating system for permissioned blockchains. In: Proceedings of the thirteenth EuroSys conference, pp. 1–15 (2018)
Wang, J., Wu, L., Choo, K.K.R., He, D.: Blockchain-based anonymous authentication with key management for smart grid edge computing infrastructure. IEEE Trans. Ind. Inform. 16(3), 1984–1992 (2019)
Fotouhi, M., Bayat, M., Das, A.K., Far, H.A.N., Pournaghi, S.M., Doostari, M.A.: A lightweight and secure two-factor authentication scheme for wireless body area networks in health-care iot. Comput. Netw. 177, 107333 (2020)
Abbasinezhad-Mood, D., Ostad-Sharif, A., Nikooghadam, M., Mazinani, S.M.: A secure and efficient key establishment scheme for communications of smart meters and service providers in smart grid. IEEE Trans. Ind. Inf. 16(3), 1495–1502 (2019)
Zhou, Y., Liu, T., Tang, F., Tinashe, M.: An unlinkable authentication scheme for distributed iot application. IEEE Access 7, 14757–14766 (2019)
Sharma, G., Kalra, S.: A lightweight user authentication scheme for cloud-iot based healthcare services. Iran. J. Sci. Technol. Trans. Electr. Eng. 43(1), 619–636 (2019)
Zhou, L., Li, X., Yeh, K.H., Su, C., Chiu, W.: Lightweight iot-based authentication scheme in cloud computing circumstance. Future Gener. Comput. Syst. 91, 244–251 (2019)
Challa, S., Das, A.K., Odelu, V., Kumar, N., Kumari, S., Khan, M.K., Vasilakos, A.V.: An efficient ecc-based provably secure three-factor user authentication and key agreement protocol for wireless healthcare sensor networks. Comput. Electr. Eng. 69, 534–554 (2018)
Zhao, X., Li, D., Li, H.: Practical three-factor authentication protocol based on elliptic curve cryptography for industrial internet of things. Sensors 22(19), 7510 (2022)
Naseer, O., Ullah, S., Anjum, L.: Blockchain-based decentralized lightweight control access scheme for smart grids. Arab. J. Sci. Eng. 46(9), 8233–8243 (2021)
Zhang, H., Wang, J., Ding, Y.: Blockchain-based decentralized and secure keyless signature scheme for smart grid. Energy 180, 955–967 (2019)
Khatoon, A.: A blockchain-based smart contract system for healthcare management. Electronics 9(1), 94 (2020)
Tan, T.L., Salam, I., Singh, M.: Blockchain-based healthcare management system with two-side verifiability. PLoS ONE 17(4), e0266916 (2022)
Tomar, A., Gupta, N., Rani, D., Tripathi, S.: Blockchain-assisted authenticated key agreement scheme for iot-based healthcare system. Internet Things 23, 100849 (2023)
Hagui, I., Msolli, A., Ben Henda, N., Helali, A., Gassoumi, A., Nguyen, T.P., Hassen, F.: A blockchain-based security system with light cryptography for user authentication security. Multimed. Tools Appl. 1, 1–30 (2023)
Zhang, T., Zhang, Z., Zhao, K., Gupta, B.B., Arya, V.: A lightweight cross-domain authentication protocol for trusted access to industrial internet. Int. J. Semantic Web Inform. Syst. (IJSWIS) 19(1), 1–25 (2023)
Hameed, K., Garg, S., Amin, M.B., Kang, B.: A formally verified blockchain-based decentralised authentication scheme for the internet of things. J. Supercomput. 77(12), 14461–14501 (2021)
Kumar, M., Kumar, A., Verma, S., Bhattacharya, P., Ghimire, D., Kim, S.H., Hosen, A.S.: Healthcare internet of things (h-iot): current trends, future prospects, applications, challenges, and security issues. Electronics 12(9), 2050 (2023)
Mahajan, H.B., Rashid, A.S., Junnarkar, A.A., Uke, N., Deshpande, S.D., Futane, P.R., Alkhayyat, A., Alhayani, B.: Integration of healthcare 4.0 and blockchain into secure cloud-based electronic health records systems. Appl. Nanosci. 13(3), 2329–2342 (2023)
Hameed, K., Barika, M., Garg, S., Amin, M.B., Kang, B.: A taxonomy study on securing blockchain-based industrial applications: an overview, application perspectives, requirements, attacks, countermeasures, and open issues. J. Ind. Inform. Integr. 26, 100312 (2022)
Esposito, C., Ficco, M., Gupta, B.B.: Blockchain-based authentication and authorization for smart city applications. Inform. Process. Manag. 58(2), 102468 (2021)
Khalid, U., Asim, M., Baker, T., Hung, P.C., Tariq, M.A., Rafferty, L.: A decentralized lightweight blockchain-based authentication mechanism for iot systems. Clust. Comput. 23(3), 2067–2087 (2020)
Swan, M.: Blockchain: blueprint for a new economy. O’Reilly Media Inc (2015)
Hammi, M.T., Hammi, B., Bellot, P., Serhrouchni, A.: Bubbles of trust: a decentralized blockchain-based authentication system for iot. Comput. Secur. 78, 126–142 (2018)
Lin, C., He, D., Kumar, N., Huang, X., Vijayakumar, P., Choo, K.K.R.: Homechain: a blockchain-based secure mutual authentication system for smart homes. IEEE Internet Things J. 7(2), 818–829 (2019)
Lin, C., He, D., Huang, X., Choo, K.K.R., Vasilakos, A.V.: Bsein: a blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0. J. Netw. Comput. Appl. 116, 42–52 (2018)
Tang, F., Ma, S., Xiang, Y., Lin, C.: An efficient authentication scheme for blockchain-based electronic health records. IEEE Access 7, 41678–41689 (2019)
Chen, F., Tang, Y., Cheng, X., Xie, D., Wang, T., Zhao, C.: Blockchain-based efficient device authentication protocol for medical cyber-physical systems. Secur. Commun. Netw. 2021, 1–13 (2021)
Alfandi, O., Khanji, S., Ahmad, L., Khattak, A.: A survey on boosting iot security and privacy through blockchain. Clust. Comput. 24(1), 37–55 (2021)
Miller, A.: Permissioned and permissionless blockchains. Blockchain for distributed systems security. pp. 193–204 (2019)
Du, M., Chen, Q., Chen, J., Ma, X.: An optimized consortium blockchain for medical information sharing. IEEE Trans. Eng. Manage 68(6), 1677–1689 (2020)
Oliva, G.A., Hassan, A.E., Jiang, Z.M.J.: An exploratory study of smart contracts in the ethereum blockchain platform. Empir. Softw. Eng. 25(3), 1864–1904 (2020)
Espel, T., Katz, L., Robin, G.: Proposal for protocol on a quorum blockchain with zero knowledge. Cryptology ePrint Archive (2017)
Cremers, C.J.F., et al.: Scyther: semantics and verification of security protocols. Eindhoven university of Technology Eindhoven, Netherlands (2006)
Cremers, C.J.: The scyther tool: Verification, falsification, and analysis of security protocols: Tool paper. In: Computer Aided Verification: 20th International Conference, CAV 2008 Princeton, NJ, USA, July 7-14, 2008 Proceedings 20, pp. 414–418. Springer (2008)
Ahamad, S.S., Khan Pathan, A.S.: A formally verified authentication protocol in secure framework for mobile healthcare during covid-19-like pandemic. Connect. Sci. 33(3), 532–554 (2021)
Gupta, A., Tripathi, M., Sharma, A.: A provably secure and efficient anonymous mutual authentication and key agreement protocol for wearable devices in wban. Comput. Commun. 160, 311–325 (2020)
Wazid, M., Das, A.K., Bhat, V., Vasilakos, A.V.: Lam-ciot: lightweight authentication mechanism in cloud-based iot environment. J. Netw. Comput. Appl. 150, 102496 (2020)
Funding
This declaration is “not applicable”.
Author information
Authors and Affiliations
Contributions
Conceptualization: [Divya Rani]; Methodology: [Divya Rani]; Formal analysis and investigation: [Divya Rani]; Writing-original draft preparation: [Divya Rani]; Writing-review and editing: [Sachin Tripathi, Ashish Tomar]; Supervision: [Sachin Tripathi].
Corresponding author
Ethics declarations
Conflict of interest
On behalf of all authors, the corresponding authors declare that they have no known competing interests that are directly or indirectly related to the work submitted for publication.
Ethical approval
This declaration is “not applicable”.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Rani, D., Tripathi, S. & Tomar, A. BSAS: blockchain-based shareable authentication scheme for smart healthcare. Cluster Comput (2024). https://doi.org/10.1007/s10586-024-04358-x
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10586-024-04358-x