Literature Review of IoT Authentication Protocols in Healthcare at CSU

Verified

Added on 2023/06/07

AI Summary

This assignment presents a literature review focused on authentication methods for IoT devices in healthcare. It examines various algorithms and protocols proposed for securing IoT environments, including enhanced mutual authentication models, two-phased authentication protocols for wireless sensor networks, and secure authentication schemes based on Elliptic Curve Cryptography (ECC). The review covers threshold cryptography-based authentication schemas, secure and efficient authentication architectures using smart gateways, and lightweight mutual authentication schemas utilizing Constrained Application Protocol (CoAP). The annotated bibliography provides summaries of key papers discussing CoAP applications, RFID tags and public-key cryptography, threshold cryptography-based group authentication, and robust authentication schemes for observing resources in IoT environments, highlighting the challenges and potential solutions for IoT security in healthcare.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: IoT IN HEALTHCARE
IoT in Healthcare
[Name of the Student]
[Name of the University]
[Author note]

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1IoT IN HEALTHCARE
Literature review:
There exists various type of algorithms which has been proposed in order to
authenticate the IoT devices. Yang, Hao, and Zhang (2013), was associated with proposing
an enhanced model for mutual authentication that is to be used by the IoT environment. The
authors also proposed some kind of improvements as well to the algorithms of authentication
related to the challenges-response based RFID authentication protocol which are used in the
distributed database environment. Besides this the authors of this paper were also associated
with making this protocol suitable for the environment of IoT based control system. The
paper depicted three major steps which includes the following:
i. Adding of backups for each and every terminal devices that are used in order to control,
ii. Adding different monitoring devices so as to follow or monitor the devices present at the
terminals
iii. at last, the addition of a push in alarm mechanism so as to alarm about any kind of
authentication failure
The paper by Porambage et al., (2014), was associated with providing a Two-phased
Authentication protocol which is to be used by the Wireless Sensor Networks while operating
with a Distributed IoT Application that has been proposed in this paper. The authentication
protocol proposed in this paper is considered to be a certificate based authentication approach
which is associated with allowing the IoT devices as well as the control based station to
authenticate each other along with recognizing each other. Besides this a secure connection is
also established which helps in secure transfer of the data. In addition to this the protocol is
also associated with supporting the limitations of the resources at the sensor nodes along with
taking into account the scalability and heterogeneity of the network. Usage of the Certificate
authority has helped a lot in issuing the certificates. Once the existing nodes receive their own

2IoT IN HEALTHCARE
certificate they become capable of moving and changing their location. This CA are in turn
responsible for validation of the sensors identity along with communicating the other entities
which appears in the network. Initialization of the connection can be done by connecting the
CA at the first stage so as to confirm the destinations identity. This type of approach can be
sated to be an end-to-end application layer authentication approach that is entirely based upon
the different security features of the lower layer.
Kalra and Sood (2015), in their paper was associated with proposing a secure
authentication scheme that is to be used by the IoT as well as the cloud servers. The proposed
schema is entirely dependent upon the ECC or the Elliptic Curve Cryptography based
algorithm that is responsible for providing support to other security solution whenever it is
compared with any of the other Public Key Cryptography or the PKC algorithm. The major
reason lying behind this is that the size that the keys are having are very small. Along with
this the authentication protocol is associated with the usage of the EEC. This is generally
done for the devices that are embedded and are associated with the usage of the HTTP
protocol. All the devices are configured by making use of the TCP/IP. The authentication
protocol that has been proposed is designed in such a way that it would be using the HTTP
cookies that are implemented for the purpose of getting fitted to the embedded devices, which
generally consists of a constrained environment and is controlled by the cloud servers. The
protocol can be classified into three different phases which mainly includes the Registration
phase, Pre-computed and login phase and authentication phase. Registration of the embedded
devices are done with the cloud servers in the registration phase which is responsible for
sending back of the cookies present in the embedded devices. Whereas in the Pre-
computation and login phase, there is a need of sending a login request before a connection is
created between the device and the server. In the last phase or the authentication phase the
embedded device along with the cloud servers needs to authenticate each other mutually. This

3IoT IN HEALTHCARE
authentication is to be done by usage of the EEC algorithm. Despite of the fact that the EEC
algorithm consists of small encryption keys this is responsible for making the size of the
encrypted messages to grow more and more.
Mahalle, Prasad, and Prasad (2014), was associated with proposing a Threshold
Cryptography-based Authentication Schema that is to be used by the IoT devices. The model
proposed in this paper is associated with providing authentication to the differnt IoT devices
that entirely depends on the group communication model. This TCGA is mainly designed in
order to implement this in a Wi-Fi environment. Besides there occurs the creation of a secret
channel or a session key for each of the group authentication which can also be utilized for
the group applications as well. There would exist a group head for each of the group who
would be associated with the generation of the key and whenever the keys are distributed to a
new group member when they are added to the group which helps in preservation of the
group keys by preventing any kind of leakage. There modules can be categorized into five
major sections and this mainly includes the key distribution, key update, group credit
generation, authentication listener and message decryption.
Moosavi et al., (2015), was associated with proposing SEA. SEA is considered to be
one of the secure and efficient Authentication and Authorization architecture that are to be
used by the IoT technology mainly for the IoT devices operating in Healthcare sector. This is
generally done by making use of Smart Gateways. This is the architecture that is entirely
dependent upon the certificate based DTLS handshake protocol.
Jan et al., (2015), has been associated with putting forward a lightweight mutual
authentication schema which as associated with validating the identities of the IoT devices
that are taking part before they are associated with taking part in a particular network. In
addition to the above mentioned authentication schema the authors also proposed a decreased

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4IoT IN HEALTHCARE
communication overhead. Beisdes this the CoAP or the Constrained Application Protocol is
chosen as the under layer protocol which is associated with providing a link of
communication between the IoT devices. Completion of the authentication is done by
utilization of 128-bit AES or the Advanced Encryption Standard. Firstly client identification
is done along with identification of the server. This is initially followed by the providing of
various kind of resources to the clients that is generally dependent upon the specific
conditions which are determined in accordance to the request. Besides this there is a
minimization of the transmitted packet number by the conditional specific data transmission
and this initially results in the reduction of the consumption and computation of energy.
Along with this there is also decrease in the bandwidth utilization while communicating.
Mietz, Abraham, and Romer, (2014) was associated with proposing a new CoAP
option. The CoAP is seen to be operational in the application layer and is responsible for
providing the ability related to the retrieval of the data from various devices and this type of
data might be including the metadata and its sensor measurements and many more. Along
with this different kind of real time applications are associated with the utilization of the
information. However in some cases it is seen that not retrieving of the raw communication
data is a security requirement. The proposed option is also associated with reducing the
number of messages whenever the sensor resources are observed and this is also responsible
for reduction in the consumption of energy. This is also responsible for increase in the
lifespan of a device.
Annotated Bibliography:
Mietz, R., Abraham, P., & Romer, K. (2014, April). High-level states with CoAP: Giving
meaning to raw sensor values to support IoT applications. In Intelligent Sensors,

5IoT IN HEALTHCARE
Sensor Networks and Information Processing (ISSNIP), 2014 IEEE Ninth
International Conference on (pp. 1-6). IEEE.
This paper has been associated with discussing about the numerous sensors
that are being used in our daily life. This sensors are in turn associated with helping in
the process of measuring the state of an entity. All this informatins can be accessed by
making use of the internet which helps in representation of the real-world objects in
the virtual world. The paper has also been associated with the usage of the CoAP in
the application layer which helps in retrieving of the data from various sensors and
devices. This informations can be used on different real-time applications. The paper
helps in understanding the basic principles of IoT and the various constrained
application protocol as well. High level state option is also depicted in brief which
helps in creation of the new resources on the CoAP server. The major pros of this
paper is that it helps in better understanding of CoAP and how this can be used so as
to improve the health conditions.
Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., & Verbauwhede, I. (2007,
March). Public-key cryptography for RFID-tags. In null (pp. 217-222). IEEE.
This paper is associated with providing a brief overview of the RFID tags
which is a new generation of the bar codes that consists of some additional
functionality. RFID tags are generally used for the purpose of anti-counterfeiting
which is an emerging application and is generally by embedding of the RFID in a
product. This paper also discusses about the PKC or the public key cryptography
which is associated with offering various kind of attractive solutions in order to tackle
the various problems. The main aim of this paper includes the investigation regarding
the choosing of an appropriate PKC identification protocol that would be used by the

6IoT IN HEALTHCARE
anti-counterfeiting devices. The paper also provides a brief overview of the feasibility
related to the identification protocols that is dependent upon the ECC or the Elliptical
Curve Cryptography. The major pros of this paper is that it helps in understanding the
basic concept of RFID along with understanding the way how it operates as well as its
feasibility. Whereas the paper consists of lot of technical portions that acts as a major
drawback and besides this the paper does not provide a clear view if the PKC can be
implemented upon the RFID tags or not.
Mahalle, P. N., Prasad, N. R., & Prasad, R. (2014). Novel Threshold Cryptography-
based Group Authentication (TCGA) Scheme for the Internet of Things (IoT).
This paper is associated with providing a clear overview of the basic concepts
of the RFID which are being used in our daily life. The major aim of this paper is to
put forward the concept f authentication that is to be used by the IoT devices. The
paper has also been associated with reviewing different works related to the
authentication in the IoT devices. The report has also been associated with proposing
a TCGA Scheme which is an extended work of the Paillier Threshold Cryptography.
This proposed Scheme is associated with generation of the secret session keys
whenever an authentication is completed. The major pros of this paper is that it helps
in obtaining a clear understanding of the essential need of authentication. The paper
also helps in understanding the various challenges as well that might be faced by the
IoT technology regarding their authentication. Whereas the major drawback of this
paper is that no such clear mechanisms has been provided that can be used for the
purpose of elimination of the various problems.
Jan, M. A., Nanda, P., He, X., Tan, Z., & Liu, R. P. (2014, September). A robust
authentication scheme for observing resources in the internet of things

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

7IoT IN HEALTHCARE
environment. In Trust, Security and Privacy in Computing and Communications
(TrustCom), 2014 IEEE 13th International Conference on (pp. 205-211). IEEE.
The major working principle of the IoT has been described in this paper along
with discussing about the broadness of the scope that the internet is having while they
are incorporated with the physical objects so as to make them identifiable to the other
participating entities. Besides this the paper also depicts the fact that most of this are
vendor specific and are lacking in some unified standards which is responsible for
rendering of the seamless integration and interoperable operations of the IoT. The
paper has been associated with proposing with a light weight mutual authentication
scheme that is associated with validating the identities of the devices taking part
before they are engaged with the communication needed for observing the resources.
The major advantage of this paper is that it provides an appropriate mechanism need
for authentication along with a robust defence solution so as to protect the system
from any kind of attacks.
Liu, J., Xiao, Y., & Chen, C. P. (2012, June). Authentication and access control in the
internet of things. In Distributed Computing Systems Workshops (ICDCSW), 2012
32nd International Conference on (pp. 588-592). IEEE.
This paper is associated with putting forward an system which would be
helping in the authentication and controlling the access of the IoT devices. The
authors of this report has been associated with considering the various inherent
vulnerabilities regarding the security and privacy issues that are faced by the IoT
devices that are deployed on a wide basis. The existing authentication and access
control methods have been analysed in this paper which is followed by the designing

8IoT IN HEALTHCARE
of a feasible system for the IoT. Major security and privacy related issues have been
discussed in brief.

9IoT IN HEALTHCARE
References:
Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., & Verbauwhede, I. (2007,
March). Public-key cryptography for RFID-tags. In null (pp. 217-222). IEEE.
Jan, M. A., Nanda, P., He, X., Tan, Z., & Liu, R. P. (2014, September). A robust
authentication scheme for observing resources in the internet of things environment.
In Trust, Security and Privacy in Computing and Communications (TrustCom), 2014
IEEE 13th International Conference on (pp. 205-211). IEEE.
Kalra, S., & Sood, S. K. (2015). Secure authentication scheme for IoT and cloud
servers. Pervasive and Mobile Computing, 24, 210-223.
Liu, J., Xiao, Y., & Chen, C. P. (2012, June). Authentication and access control in the
internet of things. In Distributed Computing Systems Workshops (ICDCSW), 2012
32nd International Conference on (pp. 588-592). IEEE.
Mahalle, P. N., Prasad, N. R., & Prasad, R. (2014). Novel Threshold Cryptography-based
Group Authentication (TCGA) Scheme for the Internet of Things (IoT).
Mietz, R., Abraham, P., & Romer, K. (2014, April). High-level states with CoAP: Giving
meaning to raw sensor values to support IoT applications. In Intelligent Sensors,
Sensor Networks and Information Processing (ISSNIP), 2014 IEEE Ninth
International Conference on (pp. 1-6). IEEE.
Moosavi, S. R., Gia, T. N., Rahmani, A. M., Nigussie, E., Virtanen, S., Isoaho, J., &
Tenhunen, H. (2015). SEA: a secure and efficient authentication and authorization
architecture for IoT-based healthcare using smart gateways. Procedia Computer
Science, 52, 452-459.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

10IoT IN HEALTHCARE
Porambage, P., Schmitt, C., Kumar, P., Gurtov, A., & Ylianttila, M. (2014, April). Two-
phase authentication protocol for wireless sensor networks in distributed IoT
applications. In Wireless Communications and Networking Conference (WCNC),
2014 IEEE (pp. 2728-2733). IEEE.
Rhee, K., Kwak, J., Kim, S., & Won, D. (2005, April). Challenge-response based RFID
authentication protocol for distributed database environment. In International
Conference on Security in Pervasive Computing (pp. 70-84). Springer, Berlin,
Heidelberg.
YANG, J. C., Hao, P. A. N. G., & ZHANG, X. (2013). Enhanced mutual authentication
model of IoT. The Journal of China Universities of Posts and
Telecommunications, 20, 69-74.