PLASMA-Privacy-Preserved Lightweight and Secure Multi-level Authentication scheme for IoMT-based smart healthcare

The Internet of Medical Things has enabled the development of smart healthcare systems, allowing users to collect, process, and transmit patient health data to cloud servers for further analysis. Internet of Things devices and cloud servers' physical distance raise network latency and jitter even with ample storage and processing capability. Additionally, this connectivity raises serious challenges about security and privacy in smart healthcare environments. In this article, we focused on addressing those security concerns in a hierarchical smart healthcare system involving devices, gateway, and medical servers. To show the security issues in the existing solution, we reviewed the Das and Namasudra authentication scheme, identifying vulnerabilities such as replay attacks, device impersonation, and denial of service attacks. This article proposes a Privacy-Preserved Lightweight and Secure Multi-level Authentication (PLASMA) scheme to mitigate these vulnerabilities. PLASMA's security and key privacy are validated through the Real-Or-Random (ROR) model and simulated using the widely accepted Scyther tool. PLASMA's performance was evaluated by comparing its computational and communication costs with related schemes, and functional analysis was demonstrated to show the security and efficiency of the scheme. The results prove that PLASMA offers a secure, scalable solution for smart healthcare systems.