A Secure Biometric-Based User Authentication Scheme for Cyber-Physical Systems in Healthcare
Abstract
The effectiveness and advantages of Cyber-Physical Systems (CPS) are significantly influenced by the interconnectivity of individual devices or nodes, such as Internet of Things (IoT) devices. The exchange of data that is pertinent to a comprehensive job or capability plays a crucial role in numerous CPS applications, including healthcare monitoring in smart cities and homes and many more. Data exploitation in remote healthcare systems may have catastrophic consequences for patients; hence, a safe cryptographic technique is necessary. To address these security difficulties, a highly effective biometric based three-factor mutual authentication along with a key agreement scheme has been put forth that leverages the lightweight Elliptic Curve Cryptosystem (ECC). This scheme has been specifically designed to cater to the unique requirements of remote healthcare systems. The approach has been validated utilizing the Burrows-Abadi-Needham (BAN) logic, which verifies the effectiveness of mutual authentication. Also, the resistance to active and passive attacks was demonstrated through the use of the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Furthermore, a preliminary security evaluation is conducted to verify the resilience of the proposed system against several cryptographic attacks. Additionally, the suggested method is evaluated against existing state-of-the-art schemes and demonstrates superior performance in various security dimensions.
References
Ahlawat, P., & Bathla, R. (2023). A multi objective optimization modeling in WSN for enhancing the attacking efficiency of node capture attack. International Journal of System Assurance Engineering and Management, 14(6), 2187–2207. https://doi.org/10.1007/s13198-023-02048-2
Alghamdi, A., Shahrani, A. M. A., AlYami, S. S., Khan, I. R., Sri, P. S. G. A., Dutta, P., Rizwan, A., & Venkatareddy, P. (2023). Security and energy efficient cyber-physical systems using predictive modeling approaches in wireless sensor network. Wireless Networks. https://doi.org/10.1007/s11276-023-03345-1
Ali, R., Pal, A. K., Kumari, S., Sangaiah, A. K., Li, X., & Wu, F. (2018). An enhanced three factor based authentication protocol using wireless medical sensor networks for healthcare monitoring. Journal of Ambient Intelligence & Humanized Computing/Journal of Ambient Intelligence and Humanized Computing, 15(1), 1165–1186. https://doi.org/10.1007/s12652-018-1015-9
Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P. H., Heám, P. C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., Von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., & Vigneron, L. (2005). The AVISPA tool for the automated validation of internet security protocols and applications. In Lecture notes in Computer Science, pp. 281–285. https://doi.org/10.1007/11513988_27
Chetry, A., & Sharma, U. (2023). Anonymity in decentralized apps: Study of implications for cybercrime investigations. International Journal of Experimental Research and Review, 32, 195–205. https://doi.org/10.52756/ijerr.2023.v32.017
Cho, Y., Oh, J., Kwon, D., Son, S., Yu, S., Park, Y., & Park, Y. (2022). A secure Three-Factor authentication protocol for E-Governance system based on multiserver environments. IEEE Access, 10, 74351–74365. https://doi.org/10.1109/access.2022.3191419
Das, A. K., Kumari, S., Odelu, V., Li, X., Wu, F., & Huang, X. (2016). Provably secure user authentication and key agreement scheme for wireless sensor networks. Security and Communication Networks, 9(16), 3670–3687. https://doi.org/10.1002/sec.1573
Dawn, N., Ghosh, T., Ghosh, S., Saha, A., Mukherjee, P., Sarkar, S., Guha, S., & Sanyal, T. (2023). Implementation of Artificial Intelligence, Machine Learning, and Internet of Things (IoT) in revolutionizing Agriculture: A review on recent trends and challenges. Int. J. Exp. Res. Rev., 30, 190-218. https://doi.org/10.52756/ijerr.2023.v30.018
Far, H. a. N., Bayat, M., Das, A. K., Fotouhi, M., Pournaghi, S. M., & Doostari, M. A. (2021). LAPTAS: lightweight anonymous privacy-preserving three-factor authentication scheme for WSN-based IIoT. Wireless Networks, 27(2), 1389–1412. https://doi.org/10.1007/s11276-020-02523-9
Hemalatha, T., Bhuvaneswari, A., Poornima, N., Shubha, B., Santhi, K., Lawanyashri, M., & Mara, G. C. (2023). Secure and private data sharing in CPS e-health systems based on CB-SMO techniques. Measurement. Sensors, 27, 100787. https://doi.org/10.1016/j.measen.2023.100787
Huang, W. (2024). ECC-based three-factor authentication and key agreement scheme for wireless sensor networks. Scientific Reports, 14(1). https://doi.org/10.1038/s41598-024-52134-z
Jain, N., Awasthi, Y., & Jain, R. (2023). An IoT-based soil analysis system using optical sensors and multivariate regression. Int. J. Exp. Res. Rev., 31(Spl Volume), 23-32. https://doi.org/10.52756/10.52756/ijerr.2023.v31spl.003
Jha, K., Jain, A., & Srivastava, S. (2023a). An Efficient Speaker Identification Approach for Biometric Access Control System. In:2023 5th International Conference on Recent Advances in Information Technology (RAIT), IEEE, pp. 1-5. https://doi.org/10.1109/RAIT57693.2023.10127101
Jha, K., Jain, A., & Srivastava, S. (2024a). Analysis of Human Voice for Speaker Recognition: Concepts and Advancement. Journal of Electrical Systems, 20(1), 582-599. https://doi.org/10.52783/jes.806
Jha, K., Srivastava, S., & Jain, A. (2023b). Integrating Global and Local Features for Efficient Face Identification Using Deep CNN Classifier. In:2023 International Conference on Device Intelligence, Computing and Communication Technologies, (DICCT), IEEE pp. 532-536. https://doi.org/10.1109/DICCT56244.2023.10110170
Jha, K., Srivastava, S., & Jain, A. (2024b). Cryptanalysis of a Biometric based Anonymous Authentication Approach for IoT Environment. International Journal of Microsystems and IoT, 2(2), 591–597. https://doi.org/10.5281/zenodo.10804461
Jha, R., & Singh, M. K. (2024). Electric Mobility Adoption in India–Policy & Initiatives to Promote E-Mobility in Jharkhand. International Management Review, 20(1), 63-74.
Lekha, J., Sandhya, K., Archana, U., Anilkumar, C., Soman, S. J., & Satheesh, S. (2023). Secure medical sensor monitoring framework using novel optimal encryption algorithm driven by Internet of Things. Measurement. Sensors, 30, 100929. https://doi.org/10.1016/j.measen.2023.100929
Liu, W., Wang, X., Peng, W., & Xing, Q. (2019). Center-Less single Sign-On with Privacy-Preserving remote Biometric-Based ID-MAKA scheme for mobile cloud computing services. IEEE Access, 7, 137770–137783. https://doi.org/10.1109/access.2019.2942987
Mirsaraei, A. G., Barati, A., & Barati, H. (2022). A secure three-factor authentication scheme for IoT environments. Journal of Parallel and Distributed Computing, 169, 87–105. https://doi.org/10.1016/j.jpdc.2022.06.011
Mondal, S., Nag, A., Barman, A. K., & Karmakar, M. (2023). Machine Learning-based maternal health risk prediction model for IoMT framework. International Journal of Experimental Research and Review, 32, 145–159. https://doi.org/10.52756/ijerr.2023.v32.012
Nyangaresi, V. O. (2022). Lightweight anonymous authentication protocol for resource-constrained smart home devices based on elliptic curve cryptography. Journal of Systems Architecture, 133, 102763. https://doi.org/10.1016/j.sysarc.2022.102763
Pal, D., Funilkul, S., Charoenkitkarn, N., & Kanthamanon, P. (2018). Internet-of-Things and Smart Homes for Elderly Healthcare: An end user perspective. IEEE Access, 6, 10483–10496. https://doi.org/10.1109/access.2018.2808472
Rai, A., Kundu, K., Dev, R., Keshari, J., & Gupta, D. (2023). Design and development Virtual Doctor Robot for contactless monitoring of patients during COVID-19. Int. J. Exp. Res. Rev., 31(Spl Volume), 42-50. https://doi.org/10.52756/10.52756/ijerr.2023.v31spl.005
Saini, K. K., Kaur, D., Kumar, D., & Kumar, B. (2024). An efficient three-factor authentication protocol for wireless healthcare sensor networks. Multimedia Tools and Applications. https://doi.org/10.1007/s11042-024-18114-1
Saqib, M., Jasra, B., & Moon, A. H. (2022). A lightweight three factor authentication framework for IoT based critical applications. Journal of King Saud University. Computer and Information Sciences/Maǧalaẗ Ǧamʼaẗ Al-malīk Saud: Ùlm Al-ḥasib Wa Al-maʼlumat, 34(9), 6925–6937. https://doi.org/10.1016/j.jksuci.2021.07.023
Sarkar, A., & Singh, B. (2019). A cancelable biometric based secure session key agreement protocol employing elliptic curve cryptography. International Journal of System Assurance Engineering and Management, 10(5), 1023–1042. https://doi.org/10.1007/s13198-019-00832-7
Soni, P., Pal, A. K., & Khushboo, K. (2019a). A User Convenient Secure Authentication Scheme for Accessing e-Governance Services. In: 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT), IEEE, pp.1-7. https://doi.org/10.1109/ICCCNT45670.2019.8944393
Soni, P., Pal, A. K., & Islam, S. H. (2019b). An improved three-factor authentication scheme for patient monitoring using WSN in remote health-care system. Computer methods and programs in biomedicine, 182, 105054. https://doi.org/10.1016/j.cmpb.2019.105054
Soni, P., Pal, A. K., Islam, S. H., Singh, A., & Kumar, P. (2021). Provably secure and biometric-based secure access of E-Governance services using mobile devices. Journal of Information Security and Applications, 63, 103016. https://doi.org/10.1016/j.jisa.2021.103016
Vinoth, R., Deborah, L. J., Vijayakumar, P., & Kumar, N. (2021). Secure Multifactor Authenticated Key Agreement Scheme for Industrial IoT. IEEE Internet of Things Journal, 8(5), 3801–3811. https://doi.org/10.1109/jiot.2020.3024703
Wang, Z., Deng, D., Hou, S., Guo, Y., & Li, S. (2023). Design of three-factor secure and efficient authentication and key-sharing protocol for IoT devices. Computer Communications, 203, 1–14. https://doi.org/10.1016/j.comcom.2023.02.015
Wu, T., Yang, L., Lee, Z., Chen, C., Pan, J., & Islam, S. H. (2021). Improved ECC-Based Three-Factor Multiserver Authentication scheme. Security and Communication Networks, 2021, 1–14. https://doi.org/10.1155/2021/6627956
Copyright (c) 2024 International Academic Publishing House (IAPH)
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.