Smart Mutual Authentication Protocol for Cloud Based Medical Healthcare Systems Using Internet of Medical Things

Abstract

Technological development expands the computation process of smart devices that adopt the telecare medical information system (TMIS) to fulfill the demands of the healthcare organization. It provides better medical identification to claim the features namely trustworthy, efficient, and resourceful. Moreover, the telecare services automate the remote healthcare monitoring process to ease professional workloads. Importantly, it is conceived to be more timesaving, economical, and easy healthcare access. Cloud-Based Medical Healthcare (CBMH) system is a standard platform that gives its support to the patients for emergency treatment from the medical experts over Internet communication. Since the medical records are very sensitive, security protection is much necessitated. In addition, patient anonymity should be well preserved. In 2016, Chiou et al. proposed a mutual authentication protocol for the Telecare Medical Information System (TMIS) using Cloud Environment (CE). They claim that their protocol satisfies patient anonymity. However, this paper proves that the Chiou et al. scheme is not only completely insecure against the patient anonymity, health-report revelation, health-report forgery, report confidentiality, and non-repudiation but also fails to validate the service access against verifiability, undeniability and unforgeability. In order to provide better mutual authenticity, this paper suggests the framework of smart service authentication to cross-examine the common secret session key among the communication entities. In order to examine the security properties, formal and informal verification was carried out. Lastly, to prove the security and performance efficiency of a system, the proposed SSA framework was implemented using FPGA and Moteiv TMote Sky-Mote. A proposed smart service authentication (SSA) framework is presented to ensure better data security between the patients and the physicians. The formal and informal security analysis proves the significance of the SSA framework model to withstand the security attacks such as health-report forgery, health-report revelation, server-spoofing etc. As a result, it is claimed that it can be well suited for TMIS.