Authenticated key agreement scheme for fog-driven IoT healthcare system

The convergence of cloud computing and Internet of Things (IoT) is partially due to the pragmatic need for delivering extended services to a broader user base in diverse situations. However, cloud computing has its limitation for applications requiring low-latency and high mobility, particularly in adversarial settings (e.g. battlefields). To some extent, such limitations can be mitigated in a fog computing paradigm since the latter bridges the gap between remote cloud data center and the end devices (via some fog nodes). However, fog nodes are often deployed in remote and unprotected places. This necessitates the design of security solutions for a fog-based environment. In this paper, we investigate the fog-driven IoT healthcare system, focusing only on authentication and key agreement. Specifically, we propose a three-party authenticated key agreement protocol from bilinear pairings. We introduce the security model and present the formal security proof, as well as security analysis against common attacks. We then evaluate its performance, in terms of communication and computation costs.

[1]  Victor I. Chang,et al.  A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment , 2018, Future Gener. Comput. Syst..

[2]  Benhui Chen,et al.  Comments on "Provably Secure Dynamic Id-Based Anonymous Two-Factor Authenticated Key Exchange Protocol With Extended Security Model" , 2019, IEEE Trans. Inf. Forensics Secur..

[3]  Muhammad Khurram Khan,et al.  An Improved Remote User Authentication Scheme Using Elliptic Curve Cryptography , 2017, Wirel. Pers. Commun..

[4]  Ivan Stojmenovic,et al.  The Fog computing paradigm: Scenarios and security issues , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[5]  Athanasios V. Vasilakos,et al.  Secure Authentication for Remote Patient Monitoring with Wireless Medical Sensor Networks † , 2016, Sensors.

[6]  Mihir Bellare,et al.  Authenticated Key Exchange Secure against Dictionary Attacks , 2000, EUROCRYPT.

[7]  Sateesh Addepalli,et al.  Fog computing and its role in the internet of things , 2012, MCC '12.

[8]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[9]  Tie Qiu,et al.  Survey on fog computing: architecture, key technologies, applications and open issues , 2017, J. Netw. Comput. Appl..

[10]  Yu-Fang Chung,et al.  Secure user authentication scheme for wireless healthcare sensor networks , 2017, Comput. Electr. Eng..

[11]  Chia-Mei Chen,et al.  Communication-efficient three-party protocols for authentication and key agreement , 2009, Comput. Math. Appl..

[12]  Saru Kumari,et al.  An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, Ad Hoc Networks.

[13]  Mingzhe Jiang,et al.  Exploiting smart e-Health gateways at the edge of healthcare Internet-of-Things: A fog computing approach , 2018, Future Gener. Comput. Syst..

[14]  Cheng Huang,et al.  Vehicular Fog Computing: Architecture, Use Case, and Security and Forensic Challenges , 2017, IEEE Communications Magazine.

[15]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[16]  Victor I. Chang,et al.  Towards fog-driven IoT eHealth: Promises and challenges of IoT in medicine and healthcare , 2018, Future Gener. Comput. Syst..

[17]  Ping Wang,et al.  On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions , 2014, Comput. Networks.

[18]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[19]  Mingzhe Jiang,et al.  Fog Computing in Healthcare Internet of Things: A Case Study on ECG Feature Extraction , 2015, 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing.

[20]  Debiao He,et al.  Robust Biometrics-Based Authentication Scheme for Multiserver Environment , 2015, IEEE Systems Journal.

[21]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[22]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[23]  Cheng-Chi Lee,et al.  An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System , 2017, Sensors.

[24]  Simon Parkinson,et al.  Fog computing security: a review of current applications and security solutions , 2017, Journal of Cloud Computing.

[25]  Arwa Alrawais,et al.  Fog Computing for the Internet of Things: Security and Privacy Issues , 2017, IEEE Internet Computing.

[26]  F. Richard Yu,et al.  Fog Vehicular Computing: Augmentation of Fog Computing Using Vehicular Cloud Computing , 2017, IEEE Vehicular Technology Magazine.

[27]  Dong Hoon Lee,et al.  Efficient verifier-based password-authenticated key exchange in the three-party setting , 2007, Comput. Stand. Interfaces.

[28]  M. Shamim Hossain,et al.  A Security Model for Preserving the Privacy of Medical Big Data in a Healthcare Cloud Using a Fog Computing Facility With Pairing-Based Cryptography , 2017, IEEE Access.

[29]  Jiang Zhu,et al.  Fog Computing: A Platform for Internet of Things and Analytics , 2014, Big Data and Internet of Things.

[30]  Rongxing Lu,et al.  From Cloud to Fog Computing: A Review and a Conceptual Live VM Migration Framework , 2017, IEEE Access.