Abstract
Cloud technology and internet of things (IoT) is a quickly developing computing technology through which resources are shared via internet. IoT facilitates seamless interactions between humans and heterogeneous devices including personalized healthcare systems. It has the potential to provide ensure supervision of the elderly, telemonitoring, teleconsultations, and computer-assisted rehabilitation. These healthcare services allow easy access of patient data in real time. However, IoT-based remote patient monitoring and other healthcare applications are growing fast; the hurdle to its growth is security. This chapter proposes a novel remote user authentication scheme for IoT-enabled healthcare applications. The scheme is lightweight and robust to attacks and also has low computational overhead. The proposed scheme satisfies the desired essential attributes of security. A formal verification performed using ProVerif proves the security of the scheme.
TopIntroduction
Today’s world is facing a severe upsurge of dreadful diseases with the emergence of new infections such as COVID-19, Zika virus, hantavirus and many more. The number of elderly population is also growing (Mutlag et al., 2019). The increase in health problems, elderly population and significant healthcare costs motivates people to shift to remote health management. Remote health management is facilitated by computer-aided technologies. Recently, Internet of Things (IoT) has emerged as a potential solution to healthcare problems (Darwish et al., 2017). IoT is a network of connected devices that interact with one another, plays an important role in enabling automation in many fields such as remote and smart healthcare systems. IoT paradigm has the potential to help patients by connecting medical devices to the Internet and carrying out various telehealth services such as the supervision of elderlies, telemonitoring, teleconsultations, and computer-assisted rehabilitation (Shah et al., 2021).
IoT comprises of network of multiple embedded devices which gather and swap data among themselves. These intelligent devices known as things, are connected via the Internet to collect, share and analyse data from the environment (Zargar et al., 2021). These devices generate huge and complex data. To overcome their limited storage and processing capacity, integration of IoT devices with cloud servers as large resource pools is a potential solution (Sharma & Kalra, 2018). Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Cloud computing gives the centralized platform for accessing this data. The collected data can be stored and processed using cloud computing. Cloud computing has given way for accessing the data from any part of the world at any time. This decreases the infrastructure cost and maintenance.
IoT is a global expanding network. Figure 1 depicts sensor deployment in the environment. The bio-sensors are deployed on the patient. The sensors sense the patient’s data and send it to the gateway node. This data is shifted to cloud for later use, processing and storage. The data which is residing in the cloud can be further accessed by users such as medical professionals, nurses, guardians, etc. Though it has several advantages, security threats are challenging in the cloud domain (Kumar et al., 2018). Thus, there is need to authenticate users who are accessing these nodes. Authentication of remote user who is accessing this data is of vital importance. Conventional authentication schemes employed only single factor, i.e password for validating the identity of the user. However, these schemes are at high risk of breach as passwords are easily forgotten and guessed. Additionally, these schemes are not applicable in this dynamic IoT environment (Jia et al., 2018). Employing smart card which is a multi-factor authentication addresses major security issues. All the involved entities are mutually authenticated and generate a session key. This session key is used to encrypt subsequent communication going to take place between entities (Ostad-Sharif et al., 2019, Sharma & Kalra, 2021). This paper proposes a secure and multi-factor authentication and key agreement scheme for healthcare applications. The scheme has low computation cost, thus, achieves real world implementation of the resource constrained environment.
Figure 1. Cloud-IoT framework for healthcare applications
Key Terms in this Chapter
Replay Attack: A replay attack is a network attack in which attacker records the messages and fraudulently repeats it as an authentic entity.
Man-in-the-middle Attack: An attacker listens to the ongoing conversation of two authentic entities. Then, attacker acts as a legitimate entity with intercepted message.
Offline Password Guessing Attack: An attacker may capture the transmitted messages and attempts to decrypt secret information. The password of the user must be of high entropy, minimising brute-force attack.
Hash Function: The proposed scheme uses the lightweight cryptographic hash function and is defined as: “h: {0, 1}* ? {0, 1} l , where l is the output length of h(·)”.
Insider Attack: The entrusted entity who has authorized access may steal or modify the secret information.
Mutual Authentication: This is foremost requirement for IoT authentication. It is a two-way authentication process where both communicating parties authenticate each other. Mutual authentication makes the scheme immune to spoofing and mimicking attacks.
Forward Secrecy: The attacker cannot decrypt the messages using previous transmitted information using current information being transmitted.
User Impersonation Attack: In an impersonation attack, an attacker records information being transmitted by an authentic user and attempts to imitate as a legal user. If a malevolent entity is successful in impersonating as a legitimate user, he will get access to sensitive information of the user.