Advancing IoMT security: A two-factor authentication model employing PUF and Fuzzy logic techniques

Abstract

The rapid integration of Internet of Things technologies in healthcare has catalyzed the development of the Internet of Medical Things, markedly enhanced patient care while posing significant security risks. This paper introduces a comprehensive computational framework to safeguard Internet of Medical Things devices and healthcare providers through a sophisticated registration and authentication process. Our model incorporates cryptographic technologies such as Physical Unclonable Functions, fuzzy extractors, and hash functions to bolster the security during the registration and authentication processes for Internet of Medical Things devices and healthcare providers. The Physical Unclonable Function module enhances device security by producing unique, non-replicable responses for device authentication, significantly reinforcing the system's defense against physical and cloning attacks. Furthermore, the model leverages fuzzy logic for the real-time classification of patient health states, enhancing the decision-making accuracy. A comparative analysis confirms that our model exceeds existing models in communication cost, computational efficiency and security. The proposed scheme has been rigorously tested against various attacks using the Scyther tool. By employing a unique identifier generation method through Physical Unclonable Function and utilizing fuzzy logic for secure data transmission and patient classification, our framework addresses vulnerabilities such as man-in-the-middle, denial of service, impersonation, identity guessing, password guessing and replay attacks, which are prevalent in current Internet of Medical Things frameworks.