Secure system with security protocol for interactions in healthcare Internet of Things

• Autorzy: Szymoniak, Sabina
• Języki publikacji: EN

Abstrakty

EN

The Internet of Things is a network of connected devices that can communicate and share data over the Internet. These devices often have sensors that collect data for various purposes, such as usage statistics, data processing, or performing specific actions based on the collected data. Also, medical Internet of Things devices are crucial in monitoring critical functions, measuring blood glucose levels, indicating when patients require medicine, and ensuring timely medication delivery. Communication in the Internet of Things is demanding, requiring diverse protocols that address communication security concerns. These protocols must be robust and secure, considering technical factors such as the network objective, energy requirements, and the nature of the communication because they can be exploited. This paper proposes an innovative system with a security protocol that supports and improves communication security in modern Internet of Things networks. The protocol aims to enhance communication safety between interconnected devices for information exchange in medicine or healthcare, ensuring the confidentiality and integrity of sent data and devices. The proposed protocol, tested through formal and automated verification, meets all security goals, including identity verification, anonymity protection, and access revokement. It also protects against man-in-the-middle, modification, replay, and impersonation attacks.

Słowa kluczowe

PL

protokoły bezpieczeństwa; bezpieczeństwo; Internet rzeczy; opieka zdrowotna

EN

security protocols; security; Internet of Things; healthcare

• Czasopismo: Bulletin of the Polish Academy of Sciences. Technical Sciences
• Rocznik: 2024
• Tom: Vol. 72, nr 5
• Strony: art. no. e151049
• Opis fizyczny: Bibliogr. 39 poz., rys., tab.

Twórcy

autor

Szymoniak, Sabina

• Department of Computer Science, Cz˛estochowa University of Technology, Poland,

Bibliografia

• [1] S. Szymoniak, “Key distribution and authentication protocols in wireless sensor networks: A survey,” ACM Comput. Surv., vol. 56, no. 6, p. 144, 2023, doi: 10.1145/3638043.
• [2] H. Wu, M. Dyson, and K. Nazarpour, “Arduino-based myoelectric control: Towards longitudinal study of prosthesis use,” Sensors, vol. 21, no. 3, p. 763, 2021, doi: 10.3390/s21030763.
• [3] A. Chen et al., “Machine-learning enabled wireless wearable sensors to study individuality of respiratory behaviors.” Biosens. Bioelectron., vol. 173, p. 112799, 2020.
• [4] S. Singh, A.S. Nandan, G. Sikka, A. Malik, and A. Vidyarthi, “A secure energy-efficient routing protocol for disease data transmission using iomt,” Comput. Electr. Eng., vol. 101, p. 108113, 2022, doi: 10.1016/j.compeleceng.2022.108113.
• [5] H. Zhou et al., “Robust and sensitive pressure/strain sensors from solution processable composite hydrogels enhanced by hollow-structured conducting polymers,” Chem. Eng. J., vol. 403, p. 126307, 2021, doi: 10.1016/j.cej.2020.126307.
• [6] A. Bag and N.-E. Lee, “Recent advancements in development of wearable gas sensors,” Adv. Mater. Technol., vol. 6, no. 3, p. 2000883, 2021, doi: 10.1002/admt.202000883.
• [7] A. Nait Aicha, G. Englebienne, K.S. Van Schooten, M. Pijnappels, and B. Kröse, “Deep learning to predict falls in older adults based on daily-life trunk accelerometry,” Sensors, vol. 18, no. 5, p. 1654, 2018, doi: 10.3390/s18051654.
• [8] M.R. Alshammari and K. M. Elleithy, “Efficient and secure key distribution protocol for wireless sensor networks,” Sensors, vol. 18, no. 10, p. 3569, 2018, doi: 10.3390/s18103569.
• [9] H. Ye, C.-J. Lee, T.-Y. Wu, X.-D. Yang, B.-Y. Chen, and R.-H. Liang, “Body-centric nfc: Body-centric interaction with nfc devices through near-field enabled clothing,” in Designing Interactive Systems Conference, 2022, pp. 1626–1639.
• [10] T.A. Al-Amiedy, M. Anbar, B. Belaton, A.H.H. Kabla, I.H. Hasbullah, and Z.R. Alashhab, “A systematic literature review on machine and deep learning approaches for detecting attacks in rpl-based 6lowpan of internet of things,” Sensors, vol. 22, no. 9, p. 3400, 2022, doi: 10.3390/s22093400.
• [11] A. Stanforda-Clarka and A. Nipper, “Mqtt: The standard for iot messaging,” 2021. [Online]. Available: https://mqtt.org/ (Accessed 2022-05-30).
• [12] A. Lacava, V. Zottola, A. Bonaldo, F. Cuomo, and S. Basagni, “Securing bluetooth low energy networking: An overview of security procedures and threats,” Comput. Netw., vol. 211, p. 108953, 2022, doi: 10.1016/j.comnet.2022.108953.
• [13] D. Upadhyay, J. Manero, M. Zaman, and S. Sampalli, “Intrusion detection in scada based power grids: Recursive feature elimination model with majority vote ensemble algorithm,” IEEE Trans. Netw. Sci. Eng., vol. 8, no. 3, pp. 2559–2574, 2021, doi: 10.1109/TNSE.2021.3099371.
• [14] S. Szymoniak, “Security protocols analysis including various time parameters,” Math. Biosci. Eng., vol. 18, no. 2, pp. 1136–1153, 2021.
• [15] D. Galinec, W. Steingartner, and V. Zebic, “Cyber rapid response team: An option within hybrid threats,” in INFORMATICS 2019 - IEEE 15th International Scientific Conference on Informatics, Proceedings, 2019, pp. 43–49.
• [16] W. Steingartner, D. Galinec, and A. Kozina, “Threat defense: Cyber deception approach and education for resilience in hybrid threats model,” Symmetry, vol. 13, no. 4, p. 597, 2021.
• [17] M. Roggenbach, S.A. Shaikh, and H.N. Nguyen, “Formal verification of security protocols,” Formal Methods for Software Engineering: Languages, Methods, Application Domains, p. 395, 2022.
• [18] X.-H. Nguyen and K.-H. Le, “Robust detection of unknown dos/ddos attacks in iot networks using a hybrid learning model,” Internet of Things, vol. 23, p. 100851, 2023, doi: 10.1016/j.iot.2023.100851.
• [19] A.F. Otoom et al., “Deep learning for accurate detection of brute force attacks on iot networks,” Procedia Comput. Sci., vol. 220, pp. 291–298, 2023.
• [20] B. Zahednejad and C.-Z. Gao, “A secure and efficient ake scheme for iot devices using puf and cancellable biometrics,” Internet Things, vol. 24, p. 100937, 2023.
• [21] M. Burrows, M. Abadi, and R.M. Needham, “A logic of authentication,” Proc. R. Soc. London Ser. A-Math. Phys. Eng. Sci., vol. 426, no. 1871, pp. 233–271, 1989.
• [22] A. Attir, F. Naït-Abdesselam, and K.M. Faraoun, “Lightweight anonymous and mutual authentication scheme for wireless body area networks,” Computer Networks, vol. 224, p. 109625, 2023, doi: 10.1016/j.comnet.2023.109625.
• [23] J.A.H. Alegria, M.C. Bastarrica, and A. Bergel, “Avispa: a tool for analyzing software process models,” J. Softw. Evol. Process., vol. 26, no. 4, pp. 434–450, 2014, doi: 10.1002/smr.1578.
• [24] V.O. Nyangaresi, “Privacy preserving three-factor authentication protocol for secure message forwarding in wireless body area networks,” Ad Hoc Netw., vol. 142, p. 103117, 2023, doi: 10.1016/j.adhoc.2023.103117.
• [25] M. Abdalla, P.-A. Fouque, and D. Pointcheval, “Password-based authenticated key exchange in the three-party setting,” in International Workshop on Public Key Cryptography. Springer, 2005, pp. 65–84.
• [26] X. Jia, M. Luo, H. Wang, J. Shen, and D. He, “A blockchain-assisted privacy-aware authentication scheme for internet of medical things,” IEEE Internet Things J., vol. 9, no. 21, pp. 21 838–21 850, 2022.
• [27] X. Wang et al., “A new rfid ultra-lightweight authentication protocol for medical privacy protection in smart living,” Comput. Commun., vol. 186, pp. 121–132, 2022.
• [28] M. Rasslan, M.M. Nasreldin, and H.K. Aslan, “Ibn sina: A patient privacy-preserving authentication protocol in medical internet of things,” Comput. Secur., vol. 119, p. 102753, 2022.
• [29] K. Xue, W. Meng, S. Li, D.S. Wei, H. Zhou, and N. Yu, “A secure and efficient access and handover authentication protocol for internet of things in space information networks,” IEEE Internet Things J., vol. 6, no. 3, pp. 5485–5499, 2019.
• [30] M. Masud, G.S. Gaba, P. Kumar, and A. Gurtov, “A user-centric privacy-preserving authentication protocol for iot-ami environments,” Comput. Commun., vol. 196, pp. 45–54, 2022, doi: 10.1016/j.comcom.2022.09.021.
• [31] A. Rejeb, K. Rejeb, S.J. Simske, and J.G. Keogh, “Blockchain technology in the smart city: A bibliometric review,” Qual. Quant., vol. 56, no. 5, pp. 2875–2906, 2022.
• [32] A. Aljofey, A. Rasool, Q. Jiang, and Q. Qu, “A feature-based robust method for abnormal contracts detection in ethereum blockchain,” Electronics, vol. 11, no. 18, p. 2937, 2022.
• [33] C.-M. Chen, Z. Chen, S. Kumari, and M.-C. Lin, “Lap-ioht: A lightweight authentication protocol for the internet of health things,” Sensors, vol. 22, no. 14, p. 5401, 2022.
• [34] W. Steingartner, D. Možnik, and D. Galinec, “Disinformation campaigns and resilience in hybrid threats conceptual model,” in 2022 IEEE 16th International Scientific Conference on Informatics (Informatics). IEEE, 2022, pp. 287–292.
• [35] M. Bakiri, C. Guyeux, J.-F. Couchot, and A.K. Oudjida, “Survey on hardware implementation of random number generators on fpga: Theory and experimental analyses,” Comput. Sci. Rev., vol. 27, pp. 135–153, 2018.
• [36] R.L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM, vol. 21, no. 2, pp. 120–126, 1978.
• [37] M. Nasereddin, A. ALKhamaiseh, M. Qasaimeh, and R. Al-Qassas, “A systematic review of detection and prevention techniques of sql injection attacks,” Inf. Secur. J.-Glob. Perspect., vol. 32, no. 4, pp. 252–265, 2023.
• [38] C.N. Siahaan, M. Rufisanto, R. Nolasco, S. Achmad, and C.R.P. Siahaan, “Study of cross-site request forgery on web-based application: Exploitations and preventions,” Procedia Comput.er Sci., vol. 227, pp. 92–100, 2023.
• [39] H. Touil, N.E. Akkad, K. Satori, N.F. Soliman, and W. El-Shafai, “Efficient braille transformation for secure password hashing,” IEEE Access, vol. 12, pp. 5212–5221, 2024, doi: 10.1109/ACCESS.2024.3349487.

Identyfikatory

DOI

10.24425/bpasts.2024.151049