Advancing IoMT security: A two-factor authentication model employing PUF and Fuzzy logic techniques

IF 4.8 2区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Sidra Kalam, Ajit Kumar Keshri
{"title":"Advancing IoMT security: A two-factor authentication model employing PUF and Fuzzy logic techniques","authors":"Sidra Kalam,&nbsp;Ajit Kumar Keshri","doi":"10.1016/j.cose.2024.104138","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid integration of Internet of Things technologies in healthcare has catalyzed the development of the Internet of Medical Things, markedly enhanced patient care while posing significant security risks. This paper introduces a comprehensive computational framework to safeguard Internet of Medical Things devices and healthcare providers through a sophisticated registration and authentication process. Our model incorporates cryptographic technologies such as Physical Unclonable Functions, fuzzy extractors, and hash functions to bolster the security during the registration and authentication processes for Internet of Medical Things devices and healthcare providers. The Physical Unclonable Function module enhances device security by producing unique, non-replicable responses for device authentication, significantly reinforcing the system's defense against physical and cloning attacks. Furthermore, the model leverages fuzzy logic for the real-time classification of patient health states, enhancing the decision-making accuracy. A comparative analysis confirms that our model exceeds existing models in communication cost, computational efficiency and security. The proposed scheme has been rigorously tested against various attacks using the Scyther tool. By employing a unique identifier generation method through Physical Unclonable Function and utilizing fuzzy logic for secure data transmission and patient classification, our framework addresses vulnerabilities such as man-in-the-middle, denial of service, impersonation, identity guessing, password guessing and replay attacks, which are prevalent in current Internet of Medical Things frameworks.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"148 ","pages":"Article 104138"},"PeriodicalIF":4.8000,"publicationDate":"2024-10-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824004437","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

The rapid integration of Internet of Things technologies in healthcare has catalyzed the development of the Internet of Medical Things, markedly enhanced patient care while posing significant security risks. This paper introduces a comprehensive computational framework to safeguard Internet of Medical Things devices and healthcare providers through a sophisticated registration and authentication process. Our model incorporates cryptographic technologies such as Physical Unclonable Functions, fuzzy extractors, and hash functions to bolster the security during the registration and authentication processes for Internet of Medical Things devices and healthcare providers. The Physical Unclonable Function module enhances device security by producing unique, non-replicable responses for device authentication, significantly reinforcing the system's defense against physical and cloning attacks. Furthermore, the model leverages fuzzy logic for the real-time classification of patient health states, enhancing the decision-making accuracy. A comparative analysis confirms that our model exceeds existing models in communication cost, computational efficiency and security. The proposed scheme has been rigorously tested against various attacks using the Scyther tool. By employing a unique identifier generation method through Physical Unclonable Function and utilizing fuzzy logic for secure data transmission and patient classification, our framework addresses vulnerabilities such as man-in-the-middle, denial of service, impersonation, identity guessing, password guessing and replay attacks, which are prevalent in current Internet of Medical Things frameworks.
推进 IoMT 安全:采用 PUF 和模糊逻辑技术的双因素认证模型
物联网技术在医疗保健领域的快速融合催化了医疗物联网的发展,在显著提高患者护理水平的同时也带来了巨大的安全风险。本文介绍了一个全面的计算框架,通过复杂的注册和认证流程来保护医疗物联网设备和医疗服务提供商的安全。我们的模型采用了物理不可克隆函数、模糊提取器和哈希函数等加密技术,以加强医疗物联网设备和医疗服务提供商在注册和认证过程中的安全性。物理不可克隆函数模块通过产生唯一的、不可复制的设备验证响应来增强设备的安全性,从而大大加强了系统对物理攻击和克隆攻击的防御能力。此外,该模型还利用模糊逻辑对病人的健康状况进行实时分类,提高了决策的准确性。对比分析证实,我们的模型在通信成本、计算效率和安全性方面都超过了现有模型。我们使用 Scyther 工具针对各种攻击对所提出的方案进行了严格测试。通过采用物理不可克隆函数生成唯一标识符的方法,并利用模糊逻辑进行安全数据传输和患者分类,我们的框架解决了当前医疗物联网框架中普遍存在的中间人、拒绝服务、冒充、身份猜测、密码猜测和重放攻击等漏洞。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Computers & Security
Computers & Security 工程技术-计算机:信息系统
CiteScore
12.40
自引率
7.10%
发文量
365
审稿时长
10.7 months
期刊介绍: Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信