Walid I. Khedr , Aya Salama , Marwa M. Khashaba , Osama M. Elkomy
{"title":"ASAP: A lightweight authenticated secure association protocol for IEEE 802.15.6 based medical BAN","authors":"Walid I. Khedr , Aya Salama , Marwa M. Khashaba , Osama M. Elkomy","doi":"10.1016/j.iot.2024.101363","DOIUrl":null,"url":null,"abstract":"<div><p>Medical Body Area Networks (MBANs), a specialized subset of Wireless Body Area Networks (WBANs), are crucial for enabling medical data collection, processing, and transmission. The IEEE 802.15.6 standard governs these networks but falls short in practical MBAN scenarios. This paper introduces ASAP, a Lightweight Authenticated Secure Association Protocol integrated with IEEE 802.15.6. ASAP prioritizes patient privacy with randomized node ID generation and temporary shared keys, preventing node tracking and privacy violations. It optimizes network performance by consolidating Master Keys (MK), Pairwise Temporal Keys (PTK), and Group Temporal Keys (GTK) creation into a unified process, ensuring the efficiency of the standard four-message association protocol. ASAP enhances security by eliminating the need for pre-shared keys, reducing the attack surface, and improving forward secrecy. The protocol achieves mutual authentication without pre-shared keys or passwords and supports advanced cryptographic algorithms on nodes with limited processing capabilities. Additionally, it imposes connection initiation restrictions, requiring valid certificates for nodes, thereby addressing gaps in IEEE 802.15.6. Formal verification using Verifpal confirms ASAP's resilience against various attacks. Implementation results show ASAP's superiority over standard IEEE 802.15.6 protocols, establishing it as a robust solution for securing MBAN communications in medical environments.</p></div>","PeriodicalId":29968,"journal":{"name":"Internet of Things","volume":"28 ","pages":"Article 101363"},"PeriodicalIF":6.0000,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Internet of Things","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2542660524003044","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Medical Body Area Networks (MBANs), a specialized subset of Wireless Body Area Networks (WBANs), are crucial for enabling medical data collection, processing, and transmission. The IEEE 802.15.6 standard governs these networks but falls short in practical MBAN scenarios. This paper introduces ASAP, a Lightweight Authenticated Secure Association Protocol integrated with IEEE 802.15.6. ASAP prioritizes patient privacy with randomized node ID generation and temporary shared keys, preventing node tracking and privacy violations. It optimizes network performance by consolidating Master Keys (MK), Pairwise Temporal Keys (PTK), and Group Temporal Keys (GTK) creation into a unified process, ensuring the efficiency of the standard four-message association protocol. ASAP enhances security by eliminating the need for pre-shared keys, reducing the attack surface, and improving forward secrecy. The protocol achieves mutual authentication without pre-shared keys or passwords and supports advanced cryptographic algorithms on nodes with limited processing capabilities. Additionally, it imposes connection initiation restrictions, requiring valid certificates for nodes, thereby addressing gaps in IEEE 802.15.6. Formal verification using Verifpal confirms ASAP's resilience against various attacks. Implementation results show ASAP's superiority over standard IEEE 802.15.6 protocols, establishing it as a robust solution for securing MBAN communications in medical environments.
期刊介绍:
Internet of Things; Engineering Cyber Physical Human Systems is a comprehensive journal encouraging cross collaboration between researchers, engineers and practitioners in the field of IoT & Cyber Physical Human Systems. The journal offers a unique platform to exchange scientific information on the entire breadth of technology, science, and societal applications of the IoT.
The journal will place a high priority on timely publication, and provide a home for high quality.
Furthermore, IOT is interested in publishing topical Special Issues on any aspect of IOT.