{"title":"iSecureHealth:使用 IoMT 设备交换健康数据的高效安全技术","authors":"Chayan Kanti Dhar, Abhishek Majumder","doi":"10.1016/j.smhl.2024.100504","DOIUrl":null,"url":null,"abstract":"<div><p>The Internet of Medical Things (IoMT) is a subset of the Internet of Things (IoT), which consists of internet-connected medical devices, hardware, and software applications that facilitate healthcare information technology. Transformation of the healthcare sector through the adoption of IoMT devices offers significant benefits, including efficient and timely medical interventions based on real-time monitoring of patients’ vitals. Security, authentication and privacy safeguards are the key hurdles in adopting medical-grade IoMT deployment. To address these critical hurdles, a lightweight, efficient and reliable key exchange scheme, termed iSecureHealth, has been proposed. The proposed system incorporates a security control node outside the User-IoMT-Gateway paradigm to enforce end-to-end secure data transactions for a medical-grade IoMT-based patient monitoring Environment. The secure data transaction techniques and key management comprise an authentication, authorization, and access (AAA) control layer, ensuring a secure data channel between IoMT sensors and the Gateway node (GNo) paradigm. Elliptic Curve Cryptography (ECC)-based key management, using the Elliptic Curve Diffie–Hellman Key Exchange technique, provides a secure, end-to-end private health data transmission through authorized IoMT devices. We used HMACSHA256 for JWT session key generation to design a lightweight automatic authentication scheme for iSecureHealth. For mutual authentication validation, a well-known BAN-Logic is applied. We considered the widely accepted random Oracle-based Real-Or-Random (ROR) model and Dolev–Yao (DY) logic for formal and informal security analysis, respectively. A generic ESP32/ESP-32S development board connected with a multisensory (MAX30102) was used for implementation. The publisher–subscriber-based lightweight Secure Message Queuing Telemetry Transport (SMQTT) protocol demonstrates real-time streaming of sensor-acquired data over the secure transport layer. Our experiments and results show that the performance of the proposed technique is better compared to the baselines.</p></div>","PeriodicalId":37151,"journal":{"name":"Smart Health","volume":"33 ","pages":"Article 100504"},"PeriodicalIF":0.0000,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"iSecureHealth: An efficient and secure technique to exchange health data using IoMT devices\",\"authors\":\"Chayan Kanti Dhar, Abhishek Majumder\",\"doi\":\"10.1016/j.smhl.2024.100504\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>The Internet of Medical Things (IoMT) is a subset of the Internet of Things (IoT), which consists of internet-connected medical devices, hardware, and software applications that facilitate healthcare information technology. Transformation of the healthcare sector through the adoption of IoMT devices offers significant benefits, including efficient and timely medical interventions based on real-time monitoring of patients’ vitals. Security, authentication and privacy safeguards are the key hurdles in adopting medical-grade IoMT deployment. To address these critical hurdles, a lightweight, efficient and reliable key exchange scheme, termed iSecureHealth, has been proposed. The proposed system incorporates a security control node outside the User-IoMT-Gateway paradigm to enforce end-to-end secure data transactions for a medical-grade IoMT-based patient monitoring Environment. The secure data transaction techniques and key management comprise an authentication, authorization, and access (AAA) control layer, ensuring a secure data channel between IoMT sensors and the Gateway node (GNo) paradigm. Elliptic Curve Cryptography (ECC)-based key management, using the Elliptic Curve Diffie–Hellman Key Exchange technique, provides a secure, end-to-end private health data transmission through authorized IoMT devices. We used HMACSHA256 for JWT session key generation to design a lightweight automatic authentication scheme for iSecureHealth. For mutual authentication validation, a well-known BAN-Logic is applied. We considered the widely accepted random Oracle-based Real-Or-Random (ROR) model and Dolev–Yao (DY) logic for formal and informal security analysis, respectively. A generic ESP32/ESP-32S development board connected with a multisensory (MAX30102) was used for implementation. The publisher–subscriber-based lightweight Secure Message Queuing Telemetry Transport (SMQTT) protocol demonstrates real-time streaming of sensor-acquired data over the secure transport layer. Our experiments and results show that the performance of the proposed technique is better compared to the baselines.</p></div>\",\"PeriodicalId\":37151,\"journal\":{\"name\":\"Smart Health\",\"volume\":\"33 \",\"pages\":\"Article 100504\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-08-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Smart Health\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2352648324000606\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"Health Professions\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Smart Health","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2352648324000606","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"Health Professions","Score":null,"Total":0}
iSecureHealth: An efficient and secure technique to exchange health data using IoMT devices
The Internet of Medical Things (IoMT) is a subset of the Internet of Things (IoT), which consists of internet-connected medical devices, hardware, and software applications that facilitate healthcare information technology. Transformation of the healthcare sector through the adoption of IoMT devices offers significant benefits, including efficient and timely medical interventions based on real-time monitoring of patients’ vitals. Security, authentication and privacy safeguards are the key hurdles in adopting medical-grade IoMT deployment. To address these critical hurdles, a lightweight, efficient and reliable key exchange scheme, termed iSecureHealth, has been proposed. The proposed system incorporates a security control node outside the User-IoMT-Gateway paradigm to enforce end-to-end secure data transactions for a medical-grade IoMT-based patient monitoring Environment. The secure data transaction techniques and key management comprise an authentication, authorization, and access (AAA) control layer, ensuring a secure data channel between IoMT sensors and the Gateway node (GNo) paradigm. Elliptic Curve Cryptography (ECC)-based key management, using the Elliptic Curve Diffie–Hellman Key Exchange technique, provides a secure, end-to-end private health data transmission through authorized IoMT devices. We used HMACSHA256 for JWT session key generation to design a lightweight automatic authentication scheme for iSecureHealth. For mutual authentication validation, a well-known BAN-Logic is applied. We considered the widely accepted random Oracle-based Real-Or-Random (ROR) model and Dolev–Yao (DY) logic for formal and informal security analysis, respectively. A generic ESP32/ESP-32S development board connected with a multisensory (MAX30102) was used for implementation. The publisher–subscriber-based lightweight Secure Message Queuing Telemetry Transport (SMQTT) protocol demonstrates real-time streaming of sensor-acquired data over the secure transport layer. Our experiments and results show that the performance of the proposed technique is better compared to the baselines.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
