Intelligent two-phase dual authentication framework for Internet of Medical Things.

IF 3.9 2区综合性期刊 Q1 MULTIDISCIPLINARY SCIENCES

Scientific Reports Pub Date : 2025-01-12 DOI:10.1038/s41598-024-84713-5

Muhammad Asif, Mohammad Abrar, Abdu Salam, Farhan Amin, Faizan Ullah, Sabir Shah, Hussain AlSalman

{"title":"Intelligent two-phase dual authentication framework for Internet of Medical Things.","authors":"Muhammad Asif, Mohammad Abrar, Abdu Salam, Farhan Amin, Faizan Ullah, Sabir Shah, Hussain AlSalman","doi":"10.1038/s41598-024-84713-5","DOIUrl":null,"url":null,"abstract":"<p><p>The Internet of Medical Things (IoMT) has revolutionized healthcare by bringing real-time monitoring and data-driven treatments. Nevertheless, the security of communication between IoMT devices and servers remains a huge problem because of the inherent sensitivity of the health data and susceptibility to cyber threats. Current security solutions, including simple password-based authentication and standard Public Key Infrastructure (PKI) approaches, typically do not achieve an appropriate balance between security and low computational overhead, resulting in the possibility of performance bottlenecks and increased vulnerability to attacks. To overcome these limitations, we present an intelligent two-phase dual authentication framework that improves the security of sensor-to-server communication in IoMT environments. During the registration phase, our framework is based on Elliptic Curve Diffie-Hellman (ECDH) for rapid key exchange, and during real-time communication, our framework uses the Advanced Encryption Standard Galois Counter Mode (AES-GCM) to encrypt data securely. The efficiency of the proposed framework was rigorously tested through simulations that evaluated encryption-decryption time, computational cost, latency, and packet delivery ratio. The security resilience was also evaluated against man-in-the-middle, replay, and brute force attacks. The results show that encryption/decryption time is reduced by over 45%, overall computational cost by 45.38%, and latency by 28.42% over existing approaches. Furthermore, the framework achieved a high packet delivery ratio and strong defense against cyber threats for maintaining the confidentiality and integrity of the medical data across IoMT networks. However, the dual authentication approach doesn't affect the functionality of medical IoT devices while enhancing IoMT security, which makes it an ideal integration option for existing healthcare systems.</p>","PeriodicalId":21811,"journal":{"name":"Scientific Reports","volume":"15 1","pages":"1760"},"PeriodicalIF":3.9000,"publicationDate":"2025-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC11725583/pdf/","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Scientific Reports","FirstCategoryId":"103","ListUrlMain":"https://doi.org/10.1038/s41598-024-84713-5","RegionNum":2,"RegionCategory":"综合性期刊","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"MULTIDISCIPLINARY SCIENCES","Score":null,"Total":0}

引用次数: 0

Abstract

The Internet of Medical Things (IoMT) has revolutionized healthcare by bringing real-time monitoring and data-driven treatments. Nevertheless, the security of communication between IoMT devices and servers remains a huge problem because of the inherent sensitivity of the health data and susceptibility to cyber threats. Current security solutions, including simple password-based authentication and standard Public Key Infrastructure (PKI) approaches, typically do not achieve an appropriate balance between security and low computational overhead, resulting in the possibility of performance bottlenecks and increased vulnerability to attacks. To overcome these limitations, we present an intelligent two-phase dual authentication framework that improves the security of sensor-to-server communication in IoMT environments. During the registration phase, our framework is based on Elliptic Curve Diffie-Hellman (ECDH) for rapid key exchange, and during real-time communication, our framework uses the Advanced Encryption Standard Galois Counter Mode (AES-GCM) to encrypt data securely. The efficiency of the proposed framework was rigorously tested through simulations that evaluated encryption-decryption time, computational cost, latency, and packet delivery ratio. The security resilience was also evaluated against man-in-the-middle, replay, and brute force attacks. The results show that encryption/decryption time is reduced by over 45%, overall computational cost by 45.38%, and latency by 28.42% over existing approaches. Furthermore, the framework achieved a high packet delivery ratio and strong defense against cyber threats for maintaining the confidentiality and integrity of the medical data across IoMT networks. However, the dual authentication approach doesn't affect the functionality of medical IoT devices while enhancing IoMT security, which makes it an ideal integration option for existing healthcare systems.

Abstract Image

查看原文本刊更多论文

医疗物联网智能两相双认证框架。

医疗物联网（IoMT）带来了实时监控和数据驱动的治疗，彻底改变了医疗保健行业。然而，由于健康数据固有的敏感性和对网络威胁的易感性，IoMT设备和服务器之间的通信安全仍然是一个巨大的问题。目前的安全解决方案，包括简单的基于密码的身份验证和标准的PKI （Public Key Infrastructure）方法，通常不能在安全性和低计算开销之间取得适当的平衡，从而可能导致性能瓶颈和增加攻击的脆弱性。为了克服这些限制，我们提出了一个智能的两阶段双重身份验证框架，以提高IoMT环境中传感器到服务器通信的安全性。在注册阶段，我们的框架基于椭圆曲线Diffie-Hellman （ECDH）进行快速密钥交换，在实时通信期间，我们的框架使用高级加密标准伽罗瓦计数器模式（AES-GCM）对数据进行安全加密。通过评估加密-解密时间、计算成本、延迟和数据包传送率的模拟，严格测试了所提出框架的效率。还针对中间人攻击、重播攻击和暴力攻击评估了安全弹性。结果表明，与现有方法相比，加密/解密时间减少了45%以上，总计算成本减少了45.38%，延迟减少了28.42%。此外，该框架实现了高数据包传送率和强大的网络威胁防御，以维护跨IoMT网络医疗数据的机密性和完整性。然而，双重身份验证方法不会影响医疗物联网设备的功能，同时增强了IoMT的安全性，这使其成为现有医疗保健系统的理想集成选择。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Scientific Reports Natural Science Disciplines-

CiteScore

7.50

自引率

4.30%

发文量

19567

审稿时长

3.9 months

期刊介绍： We publish original research from all areas of the natural sciences, psychology, medicine and engineering. You can learn more about what we publish by browsing our specific scientific subject areas below or explore Scientific Reports by browsing all articles and collections. Scientific Reports has a 2-year impact factor: 4.380 (2021), and is the 6th most-cited journal in the world, with more than 540,000 citations in 2020 (Clarivate Analytics, 2021). •Engineering Engineering covers all aspects of engineering, technology, and applied science. It plays a crucial role in the development of technologies to address some of the world''s biggest challenges, helping to save lives and improve the way we live. •Physical sciences Physical sciences are those academic disciplines that aim to uncover the underlying laws of nature — often written in the language of mathematics. It is a collective term for areas of study including astronomy, chemistry, materials science and physics. •Earth and environmental sciences Earth and environmental sciences cover all aspects of Earth and planetary science and broadly encompass solid Earth processes, surface and atmospheric dynamics, Earth system history, climate and climate change, marine and freshwater systems, and ecology. It also considers the interactions between humans and these systems. •Biological sciences Biological sciences encompass all the divisions of natural sciences examining various aspects of vital processes. The concept includes anatomy, physiology, cell biology, biochemistry and biophysics, and covers all organisms from microorganisms, animals to plants. •Health sciences The health sciences study health, disease and healthcare. This field of study aims to develop knowledge, interventions and technology for use in healthcare to improve the treatment of patients.