Skip to main content
SpringerLink
Log in

Lightweight two-factor authentication framework with privacy preserving for smart eHealth

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Unattended Wireless Sensor Networks (U-WSNs) use a non-stationary objects so-called sink node (SN) or mobile sink (MS) to perform a few data computation processes including collection and analysis. This network has a wide range of medical applications to exploit the key features of primary sensing units associated with their computing devices such as blood pressure, pulse oximeter and insulin pump to play a crucial role in stimulating the monitoring systems remotely (hostile environment). In traditional WSNs, the sensing units report the observed data to SN/MS via dedicated network, whereas in U-WSNs, the sensing units gather and keep the observed data in their local cache. At a later time, SN/MS accesses the network throughout the time interval to recover the observed data from the local cache. To fulfill the potential features of SN/MS, the emerging technologies practiced in healthcare applications use fundamental features of the Internet of Things (IoT). Despite the fact of being more accessible and potentially in service, security is highly concerned in restraining the unsatisfied threats in 5G infrastructure. Thus, in this paper, a lightweight two-factor authentication with anonymous data access framework is proposed (L2FA-ADA) using SN/MS. To examine the key properties of cryptographic protocols, the appropriate key agreement schemes were extensively researched. Moreover, the proposed L2FA-ADA utilizes a strategy of two-factor authentication with anonymous data access to ensure perfect forward secrecy with a significant degree of security efficiency. The security analysis including formal and informal shows that the proposed L2FA-ADA is provably protected in securing data privacy, integrity, and confidentiality. In conclusion, using a practical testbed, the key metrics such as transmission efficiency and overhead ratio were evaluated to signify the performance efficiencies of the proposed L2FA-ADA compared to other relevant state-of-the-art approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Data availability

Not applicable.

References

  1. Ma X, Liu J, Jiang H (2015) Resource allocation for heterogeneous applications with device-to-device communication underlaying cellular networks. IEEE J Sel Areas Commun 34(1):15–26

    Article  Google Scholar 

  2. Al-Sarawi S, Anbar M, Abdullah R, Al Hawari AB (2020, July) Internet of Things market analysis forecasts, 2020–2030. In: 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4). IEEE, pp 449–453

  3. Almuhaideb AM, Alghamdi HA (2022) Secure and efficient WBAN authentication protocols for intra-BAN tier. J Sens Actuator Netw 11(3):44

    Article  Google Scholar 

  4. Moon AH, Iqbal U, Bhat GM (2016) Mutual entity authentication protocol based on ECDSA for WSN. Procedia Comput Sci 89:187–192

    Article  Google Scholar 

  5. Saqib M, Jasra B, Moon AH (2020) Mutual authentication protocol for green Internet of Things in content centric network. J Green Eng (JGE) 10(9)

  6. Saqib M, Jasra B, Moon AH (2020, November) A systematized security and communication protocols stack review for Internet of Things. In: 2020 IEEE International Conference for Innovation in Technology (INOCON). IEEE, pp 1–9

  7. Almuhaideb AM, Alqudaihi KS (2021) Authentication in wireless body area network: Taxonomy and open challenges. J Internet Things 3(4):159

    Article  Google Scholar 

  8. Almuhaideb AM, Alghamdi HA (2022) Design of inter-BAN authentication protocols for WBAN in a cloud-assisted environment. Big Data Cognit Comput 6(4):124

    Article  Google Scholar 

  9. Kayes ASM, Rahayu W, Dillon T (2019) Critical situation management utilizing IoT-based data resources through dynamic contextual role modeling and activation. Computing 101(7):743–772

    Article  MathSciNet  Google Scholar 

  10. Yan X, Ma M (2022) A privacy-preserving handover authentication protocol for a group of MTC devices in 5G networks. Comput Secur 116:102601

    Article  Google Scholar 

  11. Lu K, Qian Y, Guizani M, Chen HH (2008) A framework for a distributed key management scheme in heterogeneous wireless sensor networks. IEEE Trans Wirel Commun 7:639–647

    Article  Google Scholar 

  12. Limbasiya T, Sahay SK, Sridharan B (2021) Privacy-preserving mutual authentication and key agreement scheme for multi-server healthcare system. Inf Syst Front 23(4):835–848

    Article  Google Scholar 

  13. Tian E, Yue D, Yang TC, Gu Z, Lu G (2011) T-S fuzzy model-based robust stabilization for networked control systems with probabilistic sensor and actuator failure. IEEE Trans Fuzzy Syst 19(3):553–561

    Article  Google Scholar 

  14. Hassan M, Mansoor K, Tahir S, Iqbal W (2019, August) Enhanced lightweight cloud-assisted mutual authentication scheme for wearable devices. In: 2019 International Conference on Applied and Engineering Mathematics (ICAEM). IEEE, pp 62–67

  15. Deebak BD, Al-Turjman F (2020) Smart mutual authentication protocol for cloud based medical healthcare systems using Internet of medical things. IEEE J Sel Areas Commun 39(2):346–360

    Article  Google Scholar 

  16. Deebak BD, Al-Turjman F, Mostarda L (2020) Seamless secure anonymous authentication for cloud-based mobile edge computing. Comput Electr Eng 87:106782

    Article  Google Scholar 

  17. Deebak BD, Al-Turjman F (2021) Robust lightweight privacy-preserving and session scheme interrogation for fog computing systems. J Inf Secur Appl 58:102689

    Google Scholar 

  18. Ometov A, Bezzateev S, Mäkitalo N, Andreev S, Mikkonen T, Koucheryavy Y (2018) Multi-factor authentication: A survey. Cryptography 2(1):1

    Article  Google Scholar 

  19. Rasheed A, Mahapatra RN (2012) The three-tier security scheme in wireless sensor networks with mobile sinks. IEEE Trans Parallel Distrib Syst 23(5):958–965

    Article  Google Scholar 

  20. He D, Chen Y, Chen J (2012) Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol. Nonlinear Dyn 69:1149–1157

    Article  MathSciNet  Google Scholar 

  21. Deebak BD, Al-Turjman F (2021) Secure-user sign-in authentication for IoT-based eHealth systems. Complex Intell Syst 1–21

  22. Dharminder D, Kumar U, Gupta P (2021) A construction of a conformal Chebyshev chaotic map based authentication protocol for healthcare telemedicine services. Complex Intell Syst 7:2531–2542

    Article  Google Scholar 

  23. Amin R, Kumar N, Biswas GP, Iqbal R, Chang V (2018) A lightweight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. Futur Gener Comput Syst 78:1005–1019

    Article  Google Scholar 

  24. Wei F, Zhang R, Ma C (2018) A provably secure anonymous two-factor authenticated key exchange protocol for cloud computing. Fund Inform 157(1):201–220

    MathSciNet  Google Scholar 

  25. Dsouza C, Ahn GJ, Taguinod M (2014, August) Policy-driven security management for fog computing: Preliminary framework and a case study. In: Proceedings of the 2014 IEEE 15th international conference on information reuse and integration (IEEE IRI 2014). IEEE, pp 16–23

  26. Shivraj VL, Rajan MA, Singh M, Balamuralidhar P (2015, February) One time password authentication scheme based on elliptic curves for Internet of Things (IoT). In: 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW). IEEE, pp 1–6

  27. Sarker IH, Kayes ASM (2020) ABC-RuleMiner: User behavioral rule-based machine learning method for context-aware intelligent services. J Netw Comput Appl 168:102762

    Article  Google Scholar 

  28. Lu R, Heung K, Lashkari AH, Ghorbani AA (2017) A lightweight privacy-preserving data aggregation scheme for fog computing-enhanced IoT. IEEE Access 5:3302–3312

    Article  Google Scholar 

  29. Kumar PM, Gandhi UD (2020) Enhanced DTLS with CoAP-based authentication scheme for the Internet of things in healthcare application. J Supercomput 76(6):3963–3983

    Article  Google Scholar 

  30. Ibrahim MH (2016) Octopus: an edge-fog mutual authentication scheme. Int J Netw Secur 18(6):1089–1101

    MathSciNet  Google Scholar 

  31. Amor AB, Abid M, Meddeb A (2017, October) A privacy-preserving authentication scheme in an edge-fog environment. In: 2017 IEEE/ACS 14th International Conference on Computer Systems and Applications (AICCSA). IEEE, pp 1225–1231

  32. Xu G, Qiu S, Ahmad H, Xu G, Guo Y, Zhang M, Xu H (2018) A multi-server two-factor authentication scheme with un-traceability using elliptic curve cryptography. Sensors 18(7):2394

    Article  PubMed  PubMed Central  ADS  Google Scholar 

  33. Lee J, Yu S, Park K, Park Y, Park Y (2019) Secure three-factor authentication protocol for multi-gateway IoT environments. Sensors 19(10):2358

    Article  PubMed  PubMed Central  ADS  Google Scholar 

  34. Yu S, Park K, Park Y (2019) A secure lightweight three-factor authentication scheme for IoT in cloud computing environment. Sensors 19(16):3598

    Article  PubMed  PubMed Central  ADS  Google Scholar 

  35. Watters P, Scolyer-Gray P, Kayes ASM, Chowdhury MJM (2019) This would work perfectly if it weren't for all the humans: Two factor authentication in late modern societies. First Monday 24(7)

  36. Kalaria R, Kayes ASM, Rahayu W, Pardede E (2021) A secure mutual authentication approach to fog computing environment. Comput Secur 102483

  37. He D, Kumar N, Chen J, Lee CC, Chilamkurti N, Yeo SS (2015) Robust anonymous authentication protocol for healthcare applications using wireless medical sensor networks. Multimedia Syst 21(1):49–60

    Article  Google Scholar 

  38. Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for healthcare applications with wireless medical sensor networks. Multimedia Syst 23(2):195–205

    Article  Google Scholar 

  39. Amin R, Islam SH, Biswas GP, Khan MK, Kumar N (2018) A robust and anonymous patient monitoring system using wireless medical sensor networks. Futur Gener Comput Syst 80:483–495

    Article  Google Scholar 

  40. Kumari S, Om H (2016) Authentication protocol for wireless sensor networks applications like safety monitoring in coal mines. Comput Netw 104:137–154

    Article  Google Scholar 

  41. Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727–737

    Article  Google Scholar 

  42. Wazid M, Das AK, Shetty S, JPC Rodrigues J, Park Y (2019) LDAKM-EIoT: Lightweight device authentication and key management mechanism for edge-based IoT deployment. Sensors 19(24):5539

    Article  PubMed  PubMed Central  ADS  Google Scholar 

  43. Deebak BD, Hwang SO (2023) Intelligent drone-assisted robust lightweight multi-factor authentication for military zone surveillance in the 6G era. Comput Netw 225:109664

    Article  Google Scholar 

  44. He D, Cai Y, Zhu S, Zhao Z, Chan S, Guizani M (2023) A lightweight authentication and key exchange protocol with anonymity for IoT. IEEE Trans Wirel Commun 22(11):7862–7872

    Article  Google Scholar 

  45. Nikooghadam M, Amintoosi H (2023) Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme. Int J Commun Syst 36(1):e4332

    Article  Google Scholar 

  46. Gupta S, Arya PK, Sharma HK (2023) User anonymity-based secure authentication protocol for telemedical server systems. Int J Inf Comput Secur 20(1–2):199–219

    Google Scholar 

  47. Patel C, Doshi N (2023) LDA-2IoT: A level dependent authentication using two factor for IoT paradigm. Comput Netw 109580

  48. Ryu J, Oh J, Kwon D, Son S, Lee J, Park Y, Park Y (2022) Secure ECC-based three-factor mutual authentication protocol for telecare medical information system. IEEE Access 10:11511–11526

    Article  Google Scholar 

  49. Deebak BD (2020) Lightweight authentication and key management in mobile-sink for smart IoT-assisted systems. Sustain Cities Soc 102416

  50. Farash MS, Chaudhry SA, Heydari M, Sajad Sadough SM, Kumari S, Khan MK (2017) A lightweight anonymous authentication scheme for consumer roaming in ubiquitous networks with provable security. Int J Commun Syst 30(4):e3019

    Article  Google Scholar 

  51. Dolev D, Yao A (1983) On the security of public key protocols. IEEE Trans Inf Theory 29(2):198–208

    Article  MathSciNet  Google Scholar 

  52. Deebak BD (2016) Secure and efficient mutual adaptive user authentication scheme for heterogeneous wireless sensor networks using multimedia client–server systems. Wireless Pers Commun 87(3):1013–1035

    Article  Google Scholar 

  53. Burrows M, Abadi M, Needham R (1990) Logic of authentication. ACM Trans Comput Syst 8(1):18–36

    Article  Google Scholar 

  54. Ever YK (2020) A secure authentication scheme framework for mobile-sinks used in the internet of drones applications. Comput Commun 155:143–149

    Article  Google Scholar 

  55. He D, Wang D, Xie Q, Chen K (2017) Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation. Sci China Inf Sci 60(5):05210f

    Article  Google Scholar 

  56. Xu X, Zeng Z, Yang S, Shao H (2020) A novel blockchain framework for industrial IoT edge computing. Sensors 20(7):2061

    Article  PubMed  PubMed Central  ADS  Google Scholar 

  57. Huang H (2019, August) Architecture of audio broadcasting coverage monitoring system based on internet of things. In: 2019 IEEE International Conference on Smart Internet of Things (SmartIoT). IEEE, pp 320–324

  58. Habaebi MH, Merrad Y, Islam MR, Elsheikh EA, Sliman FM, Mesri M (2023) Extending CloudSim to simulate sensor networks. SIMULATION 99(1):3–22

    Article  Google Scholar 

  59. Mahmud R, Pallewatta S, Goudarzi M, Buyya R (2022) iFogSim2: An extended iFogSim simulator for mobility, clustering, and microservice management in edge and fog computing environments. J Syst Softw 190:111351

    Article  Google Scholar 

  60. Abbas AM, Zekry A, Youssef KY, Mahmoud II (2020, December) Simulink based modeling and performance analysis of NB-IoT uplink scheduler. In: 2020 8th International Japan-Africa Conference on Electronics, Communications, and Computations (JAC-ECC). IEEE, pp 11–17

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, Vellore Institute of Technology, Vellore, 632014, India

    Patruni Muralidhara Rao & B. D. Deebak

Authors
  1. Patruni Muralidhara Rao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. B. D. Deebak
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

R. Muralidhara Rao contributed to Methodology, Formal Analysis, Investigation, and Writing – Original Draft Preparation. B. D. Deebak contributed to Conceptualization, Writing—Review and Editing, and Supervision.

Corresponding author

Correspondence to B. D. Deebak.

Ethics declarations

Ethics approval

Not applicable.

Consent to publish

Not applicable.

Competing interests

The authors declare no competing interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article is part of Topical Collection: Special Issue on 2 - Track on Security and Privacy

Guest Editor: Rongxing Lu

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Rao, P.M., Deebak, B.D. Lightweight two-factor authentication framework with privacy preserving for smart eHealth. Peer-to-Peer Netw. Appl. 17, 373–396 (2024). https://doi.org/10.1007/s12083-023-01596-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-023-01596-5

Keywords

Search

Navigation