基于 CP-ABE 加密技术的用于保护医疗物联网 (IoMT) 的增强型可验证轻量级身份验证协议

IF 2.4 4区 计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
Jihane Jebrane, Saiida Lazaar
{"title":"基于 CP-ABE 加密技术的用于保护医疗物联网 (IoMT) 的增强型可验证轻量级身份验证协议","authors":"Jihane Jebrane, Saiida Lazaar","doi":"10.1007/s10207-024-00906-z","DOIUrl":null,"url":null,"abstract":"<p>The integration of the Internet of Things into patient monitoring devices has garnered significant attention, especially in response to the COVID-19 pandemic’s increased focus on telecare services. However, Internet of Medical Things (IoMT) devices are constrained by computational power, memory, and bandwidth, making them vulnerable to security risks associated with data transmissions over public networks. Effective authentication is essential for safeguarding patient data and preventing unauthorized control of medical sensors. Existing IoMT authentication protocols frequently fall short, exposing critical vulnerabilities such as replay and impersonation attacks. This paper extends our prior work on the Improved Lightweight Authentication Protocol (ILAPU-Q), which is based on elliptic curves and the U-Quark hash function. We enhance the ILAPU-Q scheme and present a more secure authentication protocol for embedded medical devices. This enhancement relies on Ciphertext Policy-Attribute Based Encryption (CP-ABE), enabling data sources to protect information by cryptographically enforcing access policies. Implementing CP-ABE within the Telemedicine Information System framework eliminates the need for secure data transmission or storage at a dedicated location. Comprehensive security evaluations, conducted using AVISPA and Burrows-Abadi-Needham logic (BAN Logic), confirm the protocol’s resilience against a broad spectrum of attacks. Moreover, performance assessments reveal significant advancements in computational efficiency, communication overhead, and storage requirements. Notably, our protocol demonstrates an efficiency improvement of approximately 95–98% over other protocols. This substantial improvement in security and performance underscores the practical value and potential of our protocol in advancing IoMT security standards.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"46 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"An enhanced and verifiable lightweight authentication protocol for securing the Internet of Medical Things (IoMT) based on CP-ABE encryption\",\"authors\":\"Jihane Jebrane, Saiida Lazaar\",\"doi\":\"10.1007/s10207-024-00906-z\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The integration of the Internet of Things into patient monitoring devices has garnered significant attention, especially in response to the COVID-19 pandemic’s increased focus on telecare services. However, Internet of Medical Things (IoMT) devices are constrained by computational power, memory, and bandwidth, making them vulnerable to security risks associated with data transmissions over public networks. Effective authentication is essential for safeguarding patient data and preventing unauthorized control of medical sensors. Existing IoMT authentication protocols frequently fall short, exposing critical vulnerabilities such as replay and impersonation attacks. This paper extends our prior work on the Improved Lightweight Authentication Protocol (ILAPU-Q), which is based on elliptic curves and the U-Quark hash function. We enhance the ILAPU-Q scheme and present a more secure authentication protocol for embedded medical devices. This enhancement relies on Ciphertext Policy-Attribute Based Encryption (CP-ABE), enabling data sources to protect information by cryptographically enforcing access policies. Implementing CP-ABE within the Telemedicine Information System framework eliminates the need for secure data transmission or storage at a dedicated location. Comprehensive security evaluations, conducted using AVISPA and Burrows-Abadi-Needham logic (BAN Logic), confirm the protocol’s resilience against a broad spectrum of attacks. Moreover, performance assessments reveal significant advancements in computational efficiency, communication overhead, and storage requirements. Notably, our protocol demonstrates an efficiency improvement of approximately 95–98% over other protocols. This substantial improvement in security and performance underscores the practical value and potential of our protocol in advancing IoMT security standards.</p>\",\"PeriodicalId\":50316,\"journal\":{\"name\":\"International Journal of Information Security\",\"volume\":\"46 1\",\"pages\":\"\"},\"PeriodicalIF\":2.4000,\"publicationDate\":\"2024-09-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s10207-024-00906-z\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-024-00906-z","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

将物联网集成到病人监护设备中已引起了广泛关注,尤其是 COVID-19 大流行对远程护理服务的日益重视。然而,医疗物联网(IoMT)设备受到计算能力、内存和带宽的限制,很容易受到与公共网络数据传输相关的安全风险的影响。有效的身份验证对于保护患者数据和防止未经授权控制医疗传感器至关重要。现有的 IoMT 身份验证协议往往存在不足,暴露出重放和冒充攻击等关键漏洞。本文扩展了我们之前在改进型轻量级身份验证协议(ILAPU-Q)方面的工作,该协议基于椭圆曲线和 U-Quark 哈希函数。我们改进了 ILAPU-Q 方案,为嵌入式医疗设备提出了一个更安全的身份验证协议。这一改进依赖于基于密文策略属性的加密(CP-ABE),使数据源能够通过加密执行访问策略来保护信息。在远程医疗信息系统框架内实施 CP-ABE,就无需在专用地点进行安全数据传输或存储。使用 AVISPA 和 Burrows-Abadi-Needham 逻辑(BAN 逻辑)进行的全面安全评估证实,该协议可抵御各种攻击。此外,性能评估还显示了在计算效率、通信开销和存储要求方面的显著进步。值得注意的是,我们的协议比其他协议的效率提高了约 95-98%。安全性和性能的大幅提升凸显了我们的协议在推进 IoMT 安全标准方面的实用价值和潜力。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

An enhanced and verifiable lightweight authentication protocol for securing the Internet of Medical Things (IoMT) based on CP-ABE encryption

An enhanced and verifiable lightweight authentication protocol for securing the Internet of Medical Things (IoMT) based on CP-ABE encryption

The integration of the Internet of Things into patient monitoring devices has garnered significant attention, especially in response to the COVID-19 pandemic’s increased focus on telecare services. However, Internet of Medical Things (IoMT) devices are constrained by computational power, memory, and bandwidth, making them vulnerable to security risks associated with data transmissions over public networks. Effective authentication is essential for safeguarding patient data and preventing unauthorized control of medical sensors. Existing IoMT authentication protocols frequently fall short, exposing critical vulnerabilities such as replay and impersonation attacks. This paper extends our prior work on the Improved Lightweight Authentication Protocol (ILAPU-Q), which is based on elliptic curves and the U-Quark hash function. We enhance the ILAPU-Q scheme and present a more secure authentication protocol for embedded medical devices. This enhancement relies on Ciphertext Policy-Attribute Based Encryption (CP-ABE), enabling data sources to protect information by cryptographically enforcing access policies. Implementing CP-ABE within the Telemedicine Information System framework eliminates the need for secure data transmission or storage at a dedicated location. Comprehensive security evaluations, conducted using AVISPA and Burrows-Abadi-Needham logic (BAN Logic), confirm the protocol’s resilience against a broad spectrum of attacks. Moreover, performance assessments reveal significant advancements in computational efficiency, communication overhead, and storage requirements. Notably, our protocol demonstrates an efficiency improvement of approximately 95–98% over other protocols. This substantial improvement in security and performance underscores the practical value and potential of our protocol in advancing IoMT security standards.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
International Journal of Information Security
International Journal of Information Security 工程技术-计算机:理论方法
CiteScore
6.30
自引率
3.10%
发文量
52
审稿时长
12 months
期刊介绍: The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation. Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信