A cloud-assisted anonymous and privacy-preserving authentication scheme for internet of medical things

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2025-07-25 DOI:10.1016/j.cose.2025.104614

Ping Guo , Shuilong Xu , Wenfeng Liang

{"title":"A cloud-assisted anonymous and privacy-preserving authentication scheme for internet of medical things","authors":"Ping Guo , Shuilong Xu , Wenfeng Liang","doi":"10.1016/j.cose.2025.104614","DOIUrl":null,"url":null,"abstract":"<div><div>With the rapid advancement of the Internet of Medical Things (IoMT) and the increasing adoption of cloud computing, the storage and processing of medical data have become significantly more efficient. However, in cloud-assisted IoMT environments, data is exposed to risks due to open networks and semi-trusted cloud service providers, potentially compromising sensitive information. Ensuring data security is paramount; yet, existing authentication protocols often exhibit limitations, such as high computational overhead and security vulnerabilities. In this paper, we propose a cloud-assisted authentication scheme designed to ensure secure privacy protection for physiological data within the open network environment of IoMT, while accommodating the resource-constrained nature of sensor nodes. Our innovative remote anonymous authentication scheme leverages Elliptic Curve Cryptography to facilitate secure mutual authentication over insecure channels. During the authentication phase, the cloud server cannot ascertain the user's true identity, allowing patients to access services anonymously. To enhance security, we employ proxy re-encryption techniques, enabling users to decrypt the cloud server's encrypted shared intermediate ciphertexts securely. Comprehensive security and privacy analyses, along with performance evaluations, demonstrate that the proposed scheme offers superior cost-effectiveness, enhanced privacy protection, and improved execution efficiency compared to existing solutions.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"157 ","pages":"Article 104614"},"PeriodicalIF":5.4000,"publicationDate":"2025-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404825003037","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the rapid advancement of the Internet of Medical Things (IoMT) and the increasing adoption of cloud computing, the storage and processing of medical data have become significantly more efficient. However, in cloud-assisted IoMT environments, data is exposed to risks due to open networks and semi-trusted cloud service providers, potentially compromising sensitive information. Ensuring data security is paramount; yet, existing authentication protocols often exhibit limitations, such as high computational overhead and security vulnerabilities. In this paper, we propose a cloud-assisted authentication scheme designed to ensure secure privacy protection for physiological data within the open network environment of IoMT, while accommodating the resource-constrained nature of sensor nodes. Our innovative remote anonymous authentication scheme leverages Elliptic Curve Cryptography to facilitate secure mutual authentication over insecure channels. During the authentication phase, the cloud server cannot ascertain the user's true identity, allowing patients to access services anonymously. To enhance security, we employ proxy re-encryption techniques, enabling users to decrypt the cloud server's encrypted shared intermediate ciphertexts securely. Comprehensive security and privacy analyses, along with performance evaluations, demonstrate that the proposed scheme offers superior cost-effectiveness, enhanced privacy protection, and improved execution efficiency compared to existing solutions.

查看原文本刊更多论文

一种云辅助的医疗物联网匿名保密认证方案

随着医疗物联网（IoMT）的快速发展和云计算的日益普及，医疗数据的存储和处理效率显著提高。然而，在云辅助的IoMT环境中，由于开放的网络和半可信的云服务提供商，数据暴露在风险中，可能会泄露敏感信息。确保数据安全至关重要；然而，现有的身份验证协议经常显示出局限性，例如高计算开销和安全漏洞。在本文中，我们提出了一种云辅助认证方案，旨在确保IoMT开放网络环境中生理数据的安全隐私保护，同时适应传感器节点的资源约束特性。我们创新的远程匿名认证方案利用椭圆曲线加密技术在不安全的通道上促进安全的相互认证。在认证阶段，云服务器无法确定用户的真实身份，允许患者匿名访问服务。为了增强安全性，我们采用代理重加密技术，使用户能够安全地解密云服务器加密的共享中间密文。综合安全和隐私分析以及性能评估表明，与现有解决方案相比，所提出的方案具有卓越的成本效益、增强的隐私保护和改进的执行效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.