E-health is the use of information and communication technology (ICT) for the healthcare-related services. It uses various types of digital technologies and telecommunications, such as computers, sensing devices, Internet, and mobile devices to deliver medical services. Internet of Medical Things (IoMT) is a communication environment optimized for low-power devices (for example, health sensors and actuators) and operation on, in, or around the human body (i.e., a patient). It can be used in various applications that are related to healthcare, such as “body automation,” “healthcare,” “medical monitoring,” “body interaction,” and “medical implants (i.e., pacemaker).” Most of the communications happen in IoMT-based e-healthcare system are wireless in nature. This may cause severe threats to the security of the system. Various information security-related attacks, i.e., replay, man-in-the-middle attack (MiTM), impersonation, privileged insider, unauthorised session key computation, credentials leakage, stolen verifier, malware injection are possible in IoMT-based e-healthcare system. These threats and attacks can create serious problems in the social life of an individual, as this may reveal their confidential healthcare information to other unauthorised parties. Therefore, it is essential to propose an access control and key management scheme to secure the communication of a IoMT-based e-healthcare system. Moreover, the security of such kind of scheme can also be enhanced through the deployment of a blockchain mechanism. Therefore, in this article, we propose a blockchain-enabled access control and key management protocol for IoMT-based e-healthcare system that is named as “BACKM-EHA” in short. The security analysis of proposed BACKM-EHA is also provided through the standard, i.e., “Real-Or-Random model.” The various conducted security analyses prove the security of BACKM-EHA against the different types of potential attacks. The performance of BACKM-EHA is better than the other existing schemes, as it requires less communication cost, computation cost, and provides more “security and functionality features.”
Read full abstract