Abstract
The safety of transmitted data is an essential element of all Cloud-IoT-based electronic healthcare (e-healthcare) systems. Through a review of prior research, we see that there have been several different security frameworks proposed for the protection of communications between the patient, the provider and the cloud server, but most of them have significant weaknesses related to serious attack vectors such as man-in-the-middle, impersonation and denial-of-service attacks. The existence of these vulnerabilities places the sensitive health care information at risk of being compromised in terms of confidentiality and integrity. In recent years, Alzahrani et al. provided a provably secure cloud-centric authentication protocol for use with e-health care systems. It was found through a detailed analysis that their protocol lacked the robust authentication that is required to protect the system from impersonation attacks by attackers on the cloud server or the physician. Therefore, in order to resolve the issues associated with the lack of robustness, this paper provides a cloud-server-centric multi-factor authentication protocol for use in the health care environment. This protocol has the ability to combine the features of one-way hash functions, biometric identification and random number generation to provide increased security in the process of authenticating users to access the e-health care system while mitigating the previously identified vulnerabilities. The correctness and robustness of the protocol were formally analyzed using BAN Logic, the Real-Or-Random Security Model, formal verification using AVISPA Tool and practical implementation analysis. Additionally, the performance of the protocol was measured in terms of computational time, communication overhead and scalability. The results of the security analysis indicate that the proposed protocol can withstand all types of attacks on e-health care systems. Furthermore, the performance analysis demonstrated that the protocol achieved improved efficiencies over the current state-of-the-art protocols in each of the measured performance characteristics. As a result, the proposed protocol has the potential to be used in practice as part of cloud-IoT-based e-healthcare applications.