Authors: P. Jayasree, V. Manasa, T. Ramya, N. Mouni, T. Lakshmi Keerthana, Mrs. G. V. Leela Kumari
Certificate: View Certificate
In this paper, we have proposed ciphertext policy attribute based encryption (CP-ABE), which is secured against the attack under the chosen encrypted message attack and indistinguishable under the chosen cipher text attack . On comparing with other schemes, it has the least energy consumption in terms of communication and computation. Based on the proposed CP-ABE, we have implemented a cloud-based internet of medical things enabled smart healthcare system. The healthcare system has achieved secure patients details, and public integrity of patient details stored on the cloud without revealing information to any third entity. Further, we have scrutinized the performance of the proposed health care system in terms of computation energy and communication energy consumption.
The sensor is implanted on or in the patient's body, which collects the patient's Personal Health Information and transmits it to the healthcare provider over a wireless (cellular) network. Any attack on the sensor or unauthorized access to a patient's PHI could result in a life-threatening situation for the patient.
Therefore, the safety and privacy of the patient's PSR on the public network are the main unsolved problems of 's resource limitation challenge. Recently, mobile technology has brought benefits to intelligent healthcare, but the increasing use of data is putting undue pressure on it Mobile phone from network. An interesting solution is device-to-device (D2D) communication, which can work over short distances with the same time/frequency.
Recently, cloud-enabled IoT has potentially served the storage and computation capability for massive IoT data. However, the advantages that cloud leverages to IoT come with the cost of other security risks that have never been noticed in the conventional IoT system. In practice, a cloud is an honest-but-curious entity that follows a correct way to compute and store the massive collected data but curious to access the data inappropriately for an adversarial advantage.
The advantage of using blockchain technology in the electronic-health system is to build a convenient platform that enables an authorized medical entity to diagnose a patient’s disease remotely. However, public auditing can provide an effective solution to verify the integrity of stored data remotely.
Since many privacy-preserving schemes –  have been discussed, but providing a secure data transmission scheme for cloud-centric IoMT-enabled healthcare is still a challenge. Signature and encryption are two fundamental cryptographic primitives for achieving authenticity and privacy of data, respectively, in a public-key environment. These two essential building-blocks may be composed in several ways, such as sign-then-encrypt, encrypt-then-sign, digital signature with message recovery, and signcryption (authenticated encryption) to ensure authenticity and privacy of data simultaneously. The sign-then-encrypt and encrypt-then-sign schemes have a simple structure, which provides data authentication and privacy with a cost equivalent to the combined cost of signature and encryption schemes. In signature with message recovery scheme, anyone can extract the embedded message without knowing secret information.
Recently, a more efficient solution, signcryption has emerged to design a system that simultaneously achieves privacy and authenticity with a cost significantly smaller than sign-then-encrypt and encrypt-then-sign schemes. Besides, it allows a designated recipient to unsigncrypt and access the message using his secret key.
The motivation for using electronic health records with attribute based encryption access policy in blockchain technology is to improve data privacy and security, enhanced data sharing, patient control and consent and interoperability. The use of CP-ABE access policy in blockchain technology can provide a secure, efficient and patient-centric approach to managing electronic health records.
The main objective of using electronic health records with attribute-based encryption access policy in blockchain technology is to provide a secure, efficient and patient-centric approach to managing health information.
C. Existing System
In existing system, the state-of-the-art secure and efficient cloud-centric IoMT enabled smart health care system with public verifiability. The system novelty implements an escrow-free identity-based aggregate signcryption (EF-IDASC) scheme to secure data transmission, which is also proposed in this article. The proposed smart healthcare system fetches the medical data from multiple sensors implanted on the patient’s body, sign crypts and aggregates them under the proposed EFIDASC scheme, and outsources the data on the medical cloud server via smartphone. The system does not reveal any information about the identity and medical data of the patient.Li et al.present an Identity-based signcryption for low-power devices (sensors) in an online/offline setting that simultaneously fulfills the authentication and confidentiality without authenticating a recipient’s public key separately. Omala et al. proposed a lightweight certificate less signcryption (CLSC) scheme for secure data transmission for the WBAN system. Yin et al. give an efficient hybrid signcryption scheme in a certificateless setting for secure communication for WSNs. Unlike scheme, schemes and are resistant to key escrow attack. Zhang et al.discuss a data communication scheme for the e-health system using certificateless generalized signcryption (CLGSC) scheme. Caixue Zhou points out that Zhang et al.’s scheme is susceptible to an insider attack. Thus, the scheme is insecure and vulnerable in terms of data confidentiality. Recently, Zhou has presented an improvised CLGSC scheme for the mobile healthcare system.
In order to reduce the costs of transmission and overhead of verification, Selvi et al. discuss three aggregated signcryption schemes in the identity-based setting, which achieve public verifiability. Wang et al. propose a first identity-based aggregated signcryption scheme using multi-linear mapping in the standard model. Kar proposes a new identity-based aggregated signcryption scheme for low-processor devices. However, schemes are susceptible to the key escrow problem, which is addressed by Eslami et al., followed by presenting an aggregate-signcryption scheme in the certificateless setting. Niu et al.  propose a secure transmission scheme for heterogeneous devices, which transmits k messages from k senders in certificateless settings to m recipients in the IBC setting. Kumar et al. propose identity based signcryption scheme for secure peer-to-peer video on demand protocol.
Yang et al.  proposed a distributed secure data management with an efficient keyword search system for health IoT. Elhoseny et al.  presented a hybrid encryption approach that is built using Rivest, Shamir and Adleman (RSA), and Advance Encryption Standard (AES) algorithms for preserving the diagnostic text data in medical images. From the above discussion, we observed that it is challenged to implement a secure and efficient cloud-centric IoMT-enables smart health care system that achieves public verifiability.
D. Proposed System
First, we propose an escrow-free identity-based aggregated signcryption (EF-IDASC) scheme, which addresses the key escrow problem based on the idea given in the existing system.
The system proves that the proposed EF-IDASC scheme is existentially un forgeable under chosen message attack (EUFCMA) and adaptively indistinguishable under the chosen cipher text attack (IND-CCA) in the random oracle model (ROM) and well-known Bilinear Diffie-Hellman Problem (BDHP).
The system compares the proposed EF-IDASC scheme with other related signcryption schemes, in which we show that the proposed scheme consumes the least energy as compared to related schemes. - Then, we propose a secure D2D aggregated-data communication protocol in the cloud-centric IoMT environment for smart health care, that security is based on the proposed EF-IDASC scheme.
Further, we evaluate the energy consumption cost (in mJ) in terms of computation, storage and communication.
The proposed secure healthcare system achieves the patient’s anonymity, pubic auditing of the integrity of stored data on the cloud, and mutual authenticity of patient’s data with public verifiability.
The Any forgery or modification in the signcrypted data will be caught by the SD during unsigncryption. Assuming the BDH problem is hard to solve, any malicious attacker cannot modify the original data.
II. LITERATURE SURVEY
Demonstrating that the CLS scheme fails to achieve the claimed security properties by presenting four types of signature forgery attacks. Also proposing a robust certificate less signature scheme to address the aforementioned challenges. RCLS only needs public channels and is proven secure against both public key replacement attacks and malicious but-passive third parties in the standard model.
III. SYSTEM MODEL
V. FUTURE WORK
Implementing an Efficient Key-Policy Attribute-Based Encryption by encrypting all attributes and designing attribute-based search technique.
In this paper, we have proposed escrow-free identity-based aggregate signcryption (EF-IDASC) scheme, which is secured against the existential forgery attack under the chosen message attack (EUF-CMA) and indistinguishable under the chosen cipher text attack (IND-CCA2). On comparing with other schemes, it has the least energy consumption in terms of communication and computation. Based on the proposed EFIDASC, we have implemented a cloud-centric internet of medical things enabled smart healthcare system. The healthcare system has achieved secure patients PHI within BAN, and outside the BAN, and public integrity of PHI stored on the cloud without revealing information to any third entity. Further, we have scrutinized the performance of the proposed cloud-centric IoMT-based health care system in terms of computation energy and communication energy consumption.
 Y. Zhang, R. Deng, D. Zheng, J. Li, P. Wu, and J. Cao, “Efficient and robust certificateless signature for data IoT,” IEEE Trans. Ind. Informatics, 2019.  M. Kumar and S. Chand, “A Lightweight Cloud-Assisted Identity-based Anonymous Authentication and Key Agreement Protocol for secure.Wireless Body Area Network,” IEEE Syst. J., vol.Early acce, 2020.  W. Sun, Z. Cai, Y. Li, F. Liu, S. Fang, and G. Wang, “Security and privacy in the medical Internet of Things: A review,” Secur. Commun.Networks, vol. 2018, 2018.  A. Zhang, J. Chen, R. Q. Hu, and Y. Qian, “SeDS: Secure data sharing strategy for D2D communication in LTE-Advanced networks,” IEEE Trans. Veh. Technol., vol. 65, no. 4, pp. 2659–2672, 2016.  Z. Li, Z. Yang, and S. Xie, “Computing Resource Trading for Edge- Cloud-assisted Internet of Things,” IEEE Trans. Ind. Informatics, 2019.  W. Wang, P. Xu, and L. T. Yang, “Secure data collection, storage and access in cloud-assisted IoT,” IEEE Cloud Comput., vol. 5, no. 4, pp. 77– 88, 2018.  D. He, S. Zeadally, and L. Wu, “Certificateless public auditing scheme for cloud-assisted wireless body area networks,” IEEE Syst. J., vol. 12, no. 1, pp. 64–73, 2015.  V. Sureshkumar, R. Amin, V. R. Vijaykumar, and S. Rajasekar, “Robust secure communication protocol for smart healthcare system with FPGA implementation,”Futur.Gener.Comput.Syst., 2019.  H. Xiong and Z. Qin, “Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks,” IEEE Trans. Inf. forensics Secur., vol. 10, no. 7, pp. 1442–1455, 2015.  J. Shen, S. Chang, J. Shen, Q. Liu, and X. Sun, “A lightweight multi-layer authentication protocol for wireless body area networks,” Futur.Gener.Comput.Syst., vol. 78, pp. 956–963, 2018.  J. A. Akinyele, M. W. Pagano, M. D. Green, C. U. Lehmann, Z. N. J. Peterson, and A. D. Rubin, “Securing electronic medical records using attribute-based encryption on mobile devices,” in Proceedings of the 1st ACM workshop on Security and privacy in smartphones and mobile devices, 2011, pp. 75–86.  C. Hu, H. Li, Y. Huo, T. Xiang, and X. Liao, “Secure and efficient data communication protocol for wireless body area networks,” IEEE Trans. Multi-Scale Comput.Syst., vol. 2, no. 2, pp. 94–107, 2016.  B. Chandrasekaran, R. Balakrishnan, and Y. Nogami, “Secure Data Communication using File Hierarchy Attribute Based Encryption in Wireless Body Area Networks,” 2018.  F. Li, M. K. Khan, K. Alghathbar, and T. Takagi, “Identity-based online/offline signcryption for low power devices,” J. Netw. Comput.Appl., vol. 35, no. 1, pp. 340–347, 2012.  A. A. Omala, N. Robert, and F. Li, “A provably-secure transmission scheme for wireless body area networks,” J. Med. Syst., vol. 40, no. 11, p. 247, 2016.
Copyright © 2023 P. Jayasree, V. Manasa, T. Ramya, N. Mouni, T. Lakshmi Keerthana, Mrs. G. V. Leela Kumari. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.