A formally verified authentication protocol in secure framework for mobile healthcare during COVID-19-like pandemic

Abstract

Existing schemes in the realm of mobile healthcare (also, e-Healthcare) based on cloud and IoMT (Internet of Medical Things) do not ensure end-to-end security and are not compliant with HIPAA (Health Insurance Portability and Accountability Act). It is also very difficult often for these schemes to obtain evidence from the cloud in case of security breaches. In addition to these issues, mobile healthcare applications are prone to various types of attacks and formal proof is often unavailable. In this work, we propose our community cloud framework in an IoMT setting that ensures end-to-end security and circumvents many of the existing negative aspects using the Trusted Platform Module (TPM). We provide necessary proofs using BAN logic and Scyther tool. Also, we show that the energy consumption and the costs of communication and computation for our proposed protocol are far less than that of the existing protocols. We have implemented our protocol using Kotlin language in Android Studio ensuring all the required security properties.