使用分布式账本的支持电子医疗保健的无线体域网络的弹性身份验证协议

IF 3.7 3区计算机科学 Q2 COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS

Journal of Computational Science Pub Date : 2025-05-23 DOI:10.1016/j.jocs.2025.102617

Munir Hussain , Amjad Mehmood , Muhammad Altaf Khan , Jaime Lloret , Carsten Maple

{"title":"使用分布式账本的支持电子医疗保健的无线体域网络的弹性身份验证协议","authors":"Munir Hussain , Amjad Mehmood , Muhammad Altaf Khan , Jaime Lloret , Carsten Maple","doi":"10.1016/j.jocs.2025.102617","DOIUrl":null,"url":null,"abstract":"<div><div>The recent developments in telecommunication technologies and monitoring devices have brought many changes in modern electronic healthcare systems (EHSs) by improving quality and decreasing healthcare expenses. Despite the benefits, they have privacy and security issues because the communication between patients and service providers takes place generally over public channels. Several user authentication protocols using distributed ledger technology (DLT) have recently been proposed to address these issues in EHSs. However, many are still vulnerable to a single point of failure (SPoF), privacy, and security attacks. Besides, they suffered from high communication and computational costs. Therefore, in this paper, we proposed a user authentication protocol using DLT to avoid these issues. A Burrows-Abadi-Needham (BAN) logic proof method has been used to check the security of the proposed protocol and ensure it achieves the desired security goals. In addition, an informal security analysis has been conducted to verify its important security requirements. A formal security analysis has been performed via the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Real-or-Random (ROR) model for further security strength. The results demonstrate that the proposed user authentication protocol is SAFE against all types of Man-in-the-Middle (MitM) attacks, impersonation, replay, and forgery attacks. Finally, performance analysis has been performed and results show that it achieves better performance by consuming 29.63 % and 13.21 % less communication and computational overheads as compared to existing related user authentication protocols. The security and performance analysis make it a more appropriate choice for the EHSs.</div></div>","PeriodicalId":48907,"journal":{"name":"Journal of Computational Science","volume":"89 ","pages":"Article 102617"},"PeriodicalIF":3.7000,"publicationDate":"2025-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Resilient authentication protocol for electronic healthcare enabled wireless body area networks using distributed ledger\",\"authors\":\"Munir Hussain , Amjad Mehmood , Muhammad Altaf Khan , Jaime Lloret , Carsten Maple\",\"doi\":\"10.1016/j.jocs.2025.102617\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The recent developments in telecommunication technologies and monitoring devices have brought many changes in modern electronic healthcare systems (EHSs) by improving quality and decreasing healthcare expenses. Despite the benefits, they have privacy and security issues because the communication between patients and service providers takes place generally over public channels. Several user authentication protocols using distributed ledger technology (DLT) have recently been proposed to address these issues in EHSs. However, many are still vulnerable to a single point of failure (SPoF), privacy, and security attacks. Besides, they suffered from high communication and computational costs. Therefore, in this paper, we proposed a user authentication protocol using DLT to avoid these issues. A Burrows-Abadi-Needham (BAN) logic proof method has been used to check the security of the proposed protocol and ensure it achieves the desired security goals. In addition, an informal security analysis has been conducted to verify its important security requirements. A formal security analysis has been performed via the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Real-or-Random (ROR) model for further security strength. The results demonstrate that the proposed user authentication protocol is SAFE against all types of Man-in-the-Middle (MitM) attacks, impersonation, replay, and forgery attacks. Finally, performance analysis has been performed and results show that it achieves better performance by consuming 29.63 % and 13.21 % less communication and computational overheads as compared to existing related user authentication protocols. The security and performance analysis make it a more appropriate choice for the EHSs.</div></div>\",\"PeriodicalId\":48907,\"journal\":{\"name\":\"Journal of Computational Science\",\"volume\":\"89 \",\"pages\":\"Article 102617\"},\"PeriodicalIF\":3.7000,\"publicationDate\":\"2025-05-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Computational Science\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S1877750325000948\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Computational Science","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1877750325000948","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS","Score":null,"Total":0}

引用次数: 0

摘要

电信技术和监控设备的最新发展通过提高质量和降低医疗费用，为现代电子医疗系统（EHSs）带来了许多变化。尽管有这些好处，但它们存在隐私和安全问题，因为患者和服务提供者之间的通信通常是通过公共渠道进行的。最近提出了几种使用分布式账本技术（DLT）的用户身份验证协议来解决EHSs中的这些问题。然而，许多仍然容易受到单点故障（SPoF）、隐私和安全攻击。此外，它们的通信和计算成本也很高。因此，在本文中，我们提出了一个使用DLT的用户身份验证协议来避免这些问题。采用BAN （Burrows-Abadi-Needham）逻辑证明方法对所提出协议的安全性进行检验，确保协议达到预期的安全目标。此外，还进行了非正式的安全分析，以核实其重要的安全需求。通过互联网安全协议和应用程序的自动验证（AVISPA）工具和Real-or-Random （ROR）模型进行了正式的安全分析，以进一步提高安全强度。结果表明，所提出的用户身份验证协议对所有类型的中间人（MitM）攻击、模拟、重放和伪造攻击都是安全的。最后，进行了性能分析，结果表明，与现有的相关用户身份验证协议相比，它通过减少29.63 %和13.21 %的通信和计算开销来实现更好的性能。安全性和性能分析使其成为ehs更合适的选择。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Resilient authentication protocol for electronic healthcare enabled wireless body area networks using distributed ledger

The recent developments in telecommunication technologies and monitoring devices have brought many changes in modern electronic healthcare systems (EHSs) by improving quality and decreasing healthcare expenses. Despite the benefits, they have privacy and security issues because the communication between patients and service providers takes place generally over public channels. Several user authentication protocols using distributed ledger technology (DLT) have recently been proposed to address these issues in EHSs. However, many are still vulnerable to a single point of failure (SPoF), privacy, and security attacks. Besides, they suffered from high communication and computational costs. Therefore, in this paper, we proposed a user authentication protocol using DLT to avoid these issues. A Burrows-Abadi-Needham (BAN) logic proof method has been used to check the security of the proposed protocol and ensure it achieves the desired security goals. In addition, an informal security analysis has been conducted to verify its important security requirements. A formal security analysis has been performed via the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and Real-or-Random (ROR) model for further security strength. The results demonstrate that the proposed user authentication protocol is SAFE against all types of Man-in-the-Middle (MitM) attacks, impersonation, replay, and forgery attacks. Finally, performance analysis has been performed and results show that it achieves better performance by consuming 29.63 % and 13.21 % less communication and computational overheads as compared to existing related user authentication protocols. The security and performance analysis make it a more appropriate choice for the EHSs.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Computational Science COMPUTER SCIENCE, INTERDISCIPLINARY APPLICATIONS-COMPUTER SCIENCE, THEORY & METHODS

CiteScore

5.50

自引率

3.00%

发文量

227

审稿时长

41 days

期刊介绍： Computational Science is a rapidly growing multi- and interdisciplinary field that uses advanced computing and data analysis to understand and solve complex problems. It has reached a level of predictive capability that now firmly complements the traditional pillars of experimentation and theory. The recent advances in experimental techniques such as detectors, on-line sensor networks and high-resolution imaging techniques, have opened up new windows into physical and biological processes at many levels of detail. The resulting data explosion allows for detailed data driven modeling and simulation. This new discipline in science combines computational thinking, modern computational methods, devices and collateral technologies to address problems far beyond the scope of traditional numerical methods. Computational science typically unifies three distinct elements: • Modeling, Algorithms and Simulations (e.g. numerical and non-numerical, discrete and continuous); • Software developed to solve science (e.g., biological, physical, and social), engineering, medicine, and humanities problems; • Computer and information science that develops and optimizes the advanced system hardware, software, networking, and data management components (e.g. problem solving environments).