In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.
The Internet of Things (IoT) technology along with cloud computing has gained much attention in recent years for its potential to upgrade conventional healthcare systems. Outsourcing healthcare data to a cloud environment from IoT devices is very essential as IoT devices are lightweight. To maintain confidentiality and to achieve fine‐grained access control, the ciphertext policy attribute‐based encryption (CP‐ABE) technique is utilized very often in an IoT‐based healthcare system for encrypting patients' healthcare data. However, an attribute revocation may affect the other users with the same attribute set, as well as the entire system due to its security concerns. This paper proposes a novel CP‐ABE‐based fine‐grained access control scheme to solve the attribute revocation problem. The proposed technique includes multiple attribute authorities to reduce the work overhead of having a single authority in the traditional CP‐ABE systems. In addition, the proposed scheme outsources the decryption process to a decryption assistant entity to reduce the decryption overhead of the end‐users. To prove the efficiency of the proposed scheme, both formal security analysis and performance comparisons are presented in this paper. Results and discussion prove the effectiveness of the proposed scheme over some well‐known schemes.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.