Professional Documents
Culture Documents
A Proxy-Authorized Public Auditing Scheme For Cyber-Medical Systems Using AI-IoT
A Proxy-Authorized Public Auditing Scheme For Cyber-Medical Systems Using AI-IoT
Abstract—Artificial intelligence based Internet of Things AI-IoT significantly improves the growth rate of the industrial
enables autonomous communication among social net- sector by 20% [2] to accelerate the key performance indicators
works and IoT to leverage the promising solution in the
of Industry 4.0 such as effectiveness, allocation, and utilization
modern paradigms. It can provide an interactive plat-
form across the globe to enrich the quality of network- efficiency [3]. It can reconstruct the manufacturing components
ing services to the end users. Of late, the expansion as AI objects to interconnect the applications of human-centric
of information-centric networking has brought an incredi- AI.
ble technique, known as public auditing scheme, for IoT- In the past six decades, the Internet has tremendously grown
enabled sensor technologies. It uses a cloud-based med-
for the development of several innovative technologies. In spe-
ical cyber-physical system (M-CPS) to rely on cloud com-
puting that ensures fast computing and reliable data stor- cific, it is nowadays collaborating with physical world objects
age. Since the medical file is so vital to involve precise to expand its evolution beyond human-centered communication.
diagnoses, data integrity and verification have lately be- As a result, a new paradigm known as IoT is proven to be a
come the data auditing tool. To exploit proxy authorizer tool for social business opportunities. It integrates the concepts
and trusted auditor, an identity-based proxy authorized out-
of social networking to provide socialization among real-time
sourcing with public auditing (ID-PAOPA) is proposed. It
uses proxy authorization and verification to upload medical objects. It is widely recognized as AI-IoT that allows users to
data over cloud-based M-CPS. To substantiate the finding, enforce security laws to protect their privacy. In addition, it
this article provides security proof based on the EC-DLP implements a smart technique to provide autonomous interaction
assumption. Finally, the performance analysis proves that that relies on the social relations of the users. It has a major task
the proposed ID-PAOPA achieves less computation and au-
to construct a reliable network object to infer the strength of the
diting timing to fulfill the objectives of cloud-based M-CPS.
social interconnection that harnesses the advantages of network
Index Terms—Artificial intelligence (AI), auditing, compu- structure. They are as follows.
tation, cyber-physical systems (CPSs), Internet of Things 1) Similar to a human-centric network, the AI-IoT gives a
(IoT), trusted auditor.
structure to the IoT that offers an efficient discovery of
real-time objects, scalability, and navigation.
I. INTRODUCTION 2) It ensures a trusted connection to leverage the service
interaction and information exchange among the available
NDUSTRY 4.0 has adopted various innovative technolo-
I gies, such as real-time data processing, cloud computing,
Industrial Internet of Things (IoT), digitization, and enterprise
smart objects.
3) It uses dedicated network analysis to examine the nature
of network structures such as patterns and correlation.
resource planning, for the evolution of advanced collaborative
4) It relies on trusted parties to colocate similar objects that
approaches [1]. A new paradigm of IoT emerges artificial intelli-
may be useful to predict future interaction.
gence (AI) to realize the digitization of all things, which observe
Of late, cyber-physical systems (CPS) have been emerging to
the environmental data to perform self-driven analysis. The
the next computing phase that is equipped to enrich the security
collaborative AI-enabled IoT operates numerous technologies
and safety of healthcare systems. However, the usage of e-health
and applications to offer a high-level quality of services, such
records and biomedical and public health data has been raised
as reliability, scalability, and availability. Most of the adoptive
based upon transparency than availability and traceability. In
the healthcare system, an intelligent-embedded medical device
Manuscript received March 6, 2021; revised August 20, 2021 and is appeared as a special type of medical CPS (M-CPS) to connect
September 23, 2021; accepted October 31, 2021. Date of publication the massive amount of healthcare data, i.e., from various types
November 11, 2021; date of current version May 6, 2022. Paper no.
TII-21-1092. (Corresponding author: B D Deebak.) of medical sensors [4]. Since medical data cannot be practical
Fadi Al-Turjman is with the Artificial Intelligence Engineering Deptart- for a transient decision, patient monitoring and data analysis
ment, Research Center for AI and IoT, Near East University, Mersin 10, may cause more interference for M-CPS. However, M-CPS
Turkey (e-mail: fadi.alturjman@neu.edu.tr).
B D Deebak is with the School of Computer Science and Engi- represents the datasets, such as blood pressure, temperature,
neering, Vellore Institute of Technology, Vellore 632014, India (e-mail: heart rate, electrocardiogram, and X-ray, to perform an intensive
deebak.bd@vit.ac.in). examination and decision-making process. Generally, patients
Color versions of one or more figures in this article are available at
https://doi.org/10.1109/TII.2021.3126316. and medical doctors outsource the medical data over the cloud
Digital Object Identifier 10.1109/TII.2021.3126316 server that enables the storage device to share the data remotely.
1551-3203 © 2021 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See https://www.ieee.org/publications/rights/index.html for more information.
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5372 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
TABLE I
ABBREVIATION USED
one hand, the integral system may not control delegable out-
Fig. 1. Medical cyber-physical system (M-CPS).
sourcing to verify whether the proxy has its own trustworthiness
to fulfill the patients’ requirements to gain data access. On
Using the Internet, various medical sensors substantially ac- the other hand, the data owner may no longer have physical
quire the physical nature of cloud-based M-CPS to observe the control over the outsourcing of medical data. As an instance,
medical data remotely. Moreover, cloud-based M-CPS has many to achieve a better reputation, the cloud server may conceal
desirable features that can easily be prone to several critical the occurrence of data corruption. Also, it may even delete the
issues in medical outsourcing [5]. In practice, this system is old and inactive files to maximize the storage efficiency of the
lacking the outsource controller to validate whether the medical system [12].
authority is honest or not to process the data uploading. Along- To address data sharing and outsourcing issues, this article
side the common drawbacks of CPS are timing and concurrency presents an identity-based secure authentication with proxy
control. In other words, cloud-based data storage provides basic authorized outsourcing. Specifically, this novel algorithm is
medical diagnoses to highlight the integrity of clinical data; designed to meet the lightweight computing requirement, i.e.,
however, slight modification may lead to severe medical threats for M-CPS. Therefore, a proper mobile setting and data in-
such as death. Therefore, users including patients and doctors tegrity should be handled cautiously. Of late, Zhang et al. [13]
should authorize a medical authority to process and upload the provided a cloud storage service to ensure the functionality of
medical data to cloud-data storage, i.e., M-CPS [6]. However, proxy service. However, it consumes more computation costs
in the M-CPS, the machine-to-machine (M2M) communication for cloud-based M-CPS. To address issues such as medical data
can be responsible to collect and transmit the data as shown in sharing, outsourcing, and integrity, identity-based proxy autho-
Fig. 1. rized outsourcing with public auditing (ID-PAOPA) is proposed.
In this concern, Chen et al. [7] proposed an identity-based In particular, the auditing scheme integrates a novel algorithm
authentication without key management, in which they only to meet the lightweight computation process, i.e., in M-CPS.
store partial secrets instead of full secrets that could prevent Table I shows the important abbreviation used in this article.
the compromised M2M communication from threatening the
entire system. Importantly, a public cloud-data storage system
dynamically shares the data streaming using the IoT that widely A. Major Contributions
enhances the feature of data verifiability. Huang et al. [8] devised The major contributions are as follows.
a secure cross-cloud data collaboration framework with identity- 1) To minimize the computation overhead, the proposed
based cryptography and proxy re-encryption mechanisms to ID-PAOPA enables the medical patients to authorize the
provide flexible and conditional data re-encryption amongst the medical expert.
ciphertexts encrypted in identity-based encryption. Wang et al. 2) To realize the significance, an integrity check is initi-
[9] provided a proxy re-encryption functionality for cloud-data ated periodically [7]. Importantly, it does not retrieve the
storage services. Unfortunately, this storage feature consumes whole medical data to examine the integrity of the expert.
more computation cost, and thus cannot be applied in the use of 3) To compress the medical data into a minimum block,
M-CPS. a homomorphic–based message authentication code
Xu et al. [10] designed a proxy-based public auditing scheme is constructed that dramatically reduces the compu-
to examine the key issues such as the availability and integrity of tation cost to generate the homomorphic authentica-
medical data. This scheme uses an intelligent electronic device tors in the linear form using an elliptic-curve digital
to explore protective functions, such as control, monitoring, signature [14].
and communication. It can disintegrate object limitation, space, 4) To guarantee data confidentiality, a lightweight symmet-
and time to discover the best practices of user experience. The ric encryption algorithm is used that suits a medical sensor
M-CPS integrates intelligent device and network architecture device to equip with M-CPS [10].
to support distributed computing, ubiquitous service, and in- 5) To provide storage correctness, proxy authorized, and
teractive communication in medical applications [11]. On the privacy-preserved, an ID-based system [18] is designed
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
AL-TURJMAN AND DEEBAK: PROXY-AUTHORIZED PUBLIC AUDITING SCHEME FOR CYBER-MEDICAL SYSTEMS USING AI-IoT 5373
that avoids complex certificate management to deploy in Lately, Chen et al. [15] devised a multiproxy signature is based
information-centric environments. on bilinear pairings, in which the original signer can authorize
The rest of this article is organized as follows. Section II dis- a proxy group as their proxy agent. Later on, all signers in
cusses the related works. Section III shows a systematic frame- the proxy group can generate the signatures on behalf of the
work for cloud-based M-CPS. Section IV presents the execution original one. Furthermore, they assured that their mechanism
phase of the proposed ID-PAOPA. Section V demonstrates the can avoid complex certificate management processes and keep
proof of correctness. Section VI proves the security features up identity-based systems. However, most CPSs [16] face the
such as unforgeability and privacy preservation of proposed problem of estimation of remote physical access and processes.
ID-PAOPA. Section VII discusses the performance analysis Shen et al. [17] designed identity-based auditing with a feature
of the public auditing in terms of the time and computation of information hiding to share sensitive data over cloud storage.
overhead. Finally, Section VIII concludes this article. This scheme utilizes the manager of the organization to trans-
form a signature into a valid one after the sensitive data being
hidden apropos of the organization. As a result, the manager
may gain the legal rights to modify or forge the new data as he
II. RELATED WORK may compute the equivalent signature to interpolate malicious
The emerging computing paradigms include wireless commu- behavior [18]. Yu et al. [19] presented identity-based remote
nication, cloud, and mobile computing to enable the technology data integrity with privacy preserving to prevent malicious be-
of mobile cloud computing (MCC). It can offer certain key haviors. To secure transmissions of the multiple states of remote
properties such as device computation and storage capabilities and dynamics processes, Vinuesa et al. [20] proposed a novel
to the developers and service providers to build a complex Markov decision process (MDP) utilizing a deep Q-Network. In
application system, which utilizes a cloud network to meet the this study, the sensor applies a transmission schedule to process
standard requirements of sensitive applications systems such as the information to the central gateway over a wireless network.
security and privacy. However, MCC cannot be applicable for the Unfortunately, the existing mechanisms [19], [20] cannot guar-
widespread distribution of networking services as it incurs high antee data integrity to prevent unauthorized access on the cloud
latency to establish a reliable connection between the centralized server.
clouds and the distributed users. As to capitalize the functionality Humayed et al. [21] studied different security aspects of CPS
of baseband signaling, cloud radio access networks (C-RAN) are that provide several security challenges for industrial control
preferred. It has distributed remote radio heads and centralized systems including potential vulnerabilities and attacks. Ashibani
baseband units for the support of large-scale signaling, joint and Mahmoud [22] reviewed different layer architecture of CPS
beamforming, and allocation of network resources. The C-RAN to discuss the security challenges. Lee et al. [23] devised a cyber-
can improve spectral and energy efficiency not only to reduce the security testbed to consider the new security technologies as a
consumption of energy but also to increase hardware utilization. part of IoT security challenges in the industrial infrastructure. To
This technology can even be centralized to achieve massive ensure efficient medical treatment, the patient should consult a
information exchange between the remote radio heads and the delegate as a trusted proxy. They would process the medical data
baseband units. storing in cloud-based M-CPS to do further analysis. Although
The emerging technologies significantly improve the con- the patient has enough features to provide precise analysis, there
nectivity of IoT devices that remotely access the cloud server are still verging serious security issues in the outsourcing of med-
to process service requests. IoT offers smart intelligence to ical data [24]. Zhang et al. [25] constructed public auditing using
control real-time objects that address several challenges such the obfuscation technique. He et al. [26] presented certificateless
as trust, scalability, service reliability, and resource discovery. auditing scheme to address the issue of data integrity in the
As a result, the AI-IoT has been originated for the fulfilment medical information system. Zhang et al. [27] proposed cloud
of network socialization that meets the standard constraints storage auditing to achieve data sharing dynamically. Zhang et
such as theoretical concepts, architecture, and characteristics. al. [28] improved a public verifiable to outsource the massive
It may provide a better subjective model to evaluate the network amount of IoT data. Zhong et al. [29] designed an outsourcing
trustworthiness that employs the privacy protection technique attribute-based encryption to reduce the computing cost of IoT
to enhance the security features. There exist several auditing devices. However, the existing mechanisms [28], [29] cannot
protocols that rely on certificate-based systems that work well for achieve the key constraints, such as signature warrant and proxy
PKI, which carries an additional cost of certificate management. authorization, not only to perform lightweight operations but
Resultantly, these types of schemes cannot support cloud- also to maintain the data load at an acceptable range between
based M-CPS as the TPA needs to accomplish the auditing the data owner and data user [30]. Table II summarizes the key
utilizing bilinear-pairing schemes. In 2017, Shabisha et al. [14] issues of public auditing schemes.
devised a systematic solution to store the data in the cloud
environments utilizing a pairing less proxy re-encryption mech- III. PRELIMINARIES
anism. But this mechanism is not implemented in real-time
This section introduces a systematic framework for M-CPS
applications. However, massive medical records can be stored
that uses ID-PAOPA to promise data integrity. It has five entities
in cloud-assisted data stores, where the integrity of the data is
namely medical cloud server, private key generator, data owner,
highly essential.
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5374 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
TABLE II
KEY ISSUES OF PUBLIC AUDITING SCHEMES
A. System Components
The important definitions of the proposed ID-PAOPA are as
follows.
Setup: As an input, a parameter 1k may use an algorithm
of probabilistic polynomial time (PPT) to generate the secret
values. Accordingly, it sends the public parameters and secret
key parameters as an output.
Extract: Considering the input parameters, such as master
secret keys {Pubk , s}, i.e., public parameters, entity identity
Fig. 2. Systematic framework of ID-PAOPA. ID , and public key generator PKG , are correspondingly chosen
to determine the private key Pvtid .
Proxy Key-Gen: Data owner IDDO is capable to generate the
signature warrant sw that designates the signature as a delegate
proxy authorizer, and trusted auditor, as shown in Fig. 2. The to the proxy PID . Finally, PID generates the signed private-key
medical sensors collect the valuable assets of the intelligent Spk based on sw .
devices that unprecedently increase the storage of voluminous Data-Outsource: Considering a medical file MF with an
data to perform data analytics. It may apply AI techniques index tag IT , public parameters, signed private-key Spk , and
to examine the sensitive information of patients such as chest symmetric-key τ , PID generates the output parameters, such
X-ray, medical images, and physical notes. The generated data as signature set κ and encrypted medical file MF . Finally,
explores numerous social platforms to translate the valuable PID uploads the system parameters {MF , κ, IT }, and signature
information, patient condition, and experts opinion to mitigate warrant sw to cloud M-CPS.
any emergency outbreaks. Therefore, collaborative technologies Proof-Gen: Considering {MF , κ, IT } as an input to chal-
discover an ambient intelligence to maintain the information lenge the message from a trusted auditor, the cloud-server returns
exchange in M-CPS. It can make s smart decision to improve the the auditing information as proof to the auditor.
quality of experience and data processing [21]. The key entities Proof-Verifier: At first, a trusted auditor validates the autho-
are as follows: rization access that considers the challenge message to audit the
Medical Cloud Server: It provides medical storage service and information to return the response as true. Otherwise, it returns
a strong computation process to manage the service providers. the message as false.
Private Key Generator: It generates a public–private key pair
between the data owner and proxy authorizer to offer a reliable
connection and key distribution. B. Hardness Problem: EC-DLP
Data Owner: It usually sends a massive amount of medical The proposed ID-PAOPA is constructed using an elliptic-
data to store and collect in cloud-based M-CPS that may later curve discrete logarithm problem (EC-DLP). It can be defined
outsource by the proxy authorizer. as follows.
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
AL-TURJMAN AND DEEBAK: PROXY-AUTHORIZED PUBLIC AUDITING SCHEME FOR CYBER-MEDICAL SYSTEMS USING AI-IoT 5375
Definition 1 (EC-DLP): It has two prime integers, i.e., p and TABLE III
IMPORTANT NOTATIONS USED IN THE PROPOSED ID-PAOPA
q, to define the elliptic-curve Zp where G is an additive cyclic
group with the random generator p and the prime order q. For
any P , Q ∈ G is to find an integer a ∈ Zp in the polynomial
time, i.e., Q = a.P .
C. Security Model
The formal security model can be defined to audit the data
integrity over an interactive mechanism, i.e., between the adver-
sary ADv and the challenge CHR . The execution steps are as
follows.
Setup: While executing this algorithm, CHR may collect the
system parameters Param , and master-key mk to return Param to
ADv including secret key sk .
Queries: ADv initiates the query requests to CHR . They are
as follows.
1) Extract Queries: Upon the execution of private key ex-
traction, i.e., at URi , CHR calls the Extract algorithm to
obtain the private key, i.e., ski of the URi . Finally, it may
return the extraction results to ADv .
2) Sign Queries: Upon the query execution of signature, i.e.,
data block dij , CHR may call the signature algorithm
to generate a valid signature. Finally, it may return the
corresponding data block to ADv .
CHR may initiate the challenge response to ADv to execute
a valid authentication proof.
Forgery: After the successful query execution, ADv forges
the audit-proof P ∗ according to the challenge request CR . Step 3. The initial system has a possible set of PKG : SKPKG →
We claim that ADv may win the game upon the successful Zqm and pseudorandom functions PRF : SKPRF × LF →
verification, i.e., VP = Param , CR , P ∗ = 1. Otherwise, ADv Zqm where SKPKG and SKPRF define the set of secret keys,
loses the game to perform any proof verification. Table III shows i.e., PKG and PRF , respectively, and LF is the set of the
the important notation used in the proposed ID-PAOPA. file location of each data block in F . Then, the system
randomly chooses {skPKG , skPRF } where skPKG ∈ SKPRF ,
IV. PROPOSED ID-PAOPA and skPRF ∈ SKPRF . Moreover, the system randomly selects
symmetric encryption SE with symmetric key τ . Eventually,
The proposed scheme involves six communication phases to
the system parameters {skPKG , skPRF , τ }are secretly shared
ensure data integrity and confidentiality. The initial preprocess-
by the real-time entities namely data owner, proxy authorizer,
ing involves the medical file F = {f1 , f2 , . . . , fn } that divides
and trusted auditor.
the medical file into n data block. Each data block is further
Step 4. Finally, the system publishes the parameters Param =
dissevered into m data elements, i.e., Zq . Therefore, the medical
{p, q, Pubk , PKG , H1 , H2 , H3 } and holds the master key mk
file fi can be expressed as fi = {fi,1 , fi,2 , . . . , fi,m } ∈ Zqm to
in secret.
differentiate the storage file in cloud M-CPS. It has an initial
system to set a unique tag IT for each medical file. They
are as follows: setup, extract, proxy key-gen, data-outsource, B. Phase 2: Extract
proof-gen, and proof-verifier. The execution procedures are as This phase includes PKG to generate the identity of a private
follows: key PKIDi , i.e., for user Ui . The execution steps are as follows.
A. Phase 1: Setup Step 1. Providing the user identity UIDi , Ui collects Param and
A PPT algorithm consists of three execution steps. mk .
Step 2. PKG randomly chooses rIDi ∈ Zq to compute RIDi =
Step 1. Choose a random integer mk ∈ Zq as a master key to rIDi .P and SKIDi = rIDi + mk .H1 (UIDi ) as the secret
compute Pubk = mk .PKG as a system public key. key of the user.
Step 2. Choose three hash functions: Step 3. PKG transmits the tuple {RIDi , SKIDi } to the user over
a secure channel.
H1 : {01}∗ → Zq ,
Step 4. Ui computes SKIDi .P = H1 (UIDi ).Pubk + RIDi to
H2 : {01}∗ × {01}∗ × {01}∗ × G → Zq ,H3 : {01}∗ × generate a legal identity SKIDi . Otherwise, PKG reinitiates a
{01}∗ × {01}∗ × {01}∗ × G → Zq . private key for Ui .
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5376 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
AL-TURJMAN AND DEEBAK: PROXY-AUTHORIZED PUBLIC AUDITING SCHEME FOR CYBER-MEDICAL SYSTEMS USING AI-IoT 5377
i=l i i m
θ =lθ =lθ
= δi .εi .ri .P + δi .σi .skPRO .P − δi .γi .Hτ (j, IT i) .skPRO .P
i=l1 i =l1 i =l1 i=1
i=l i i
i =l
θ =lθ =lθ θ
= δi .εi .ri .P + δi .σi .skPRO .P = Q+ δi .βi + ρj .γi
i=l1 i =l1 i =l1 i =l1
i=l i
m
i m
θ =lθ =lθ
= δi .εi .Qi + δi . βi + γi .fi,j .skPRO .P − δi .γi .Hτ (j, IT i) .skPRO .P
i=l1 i =l1 i=1 i =l1 i=1
i
=lθ m
= Q + (Z1 − Z2 + Z3 ) .H3 (IDO , IDP , aw , sw , Y ) . (skIDP
= Q+ δi . βi + γi .fi,j .skPRO .P
i =l1 i=1
+y) .P
i =l i m
= Q + (Z1 − Z2 + Z3 ) .H3 (IDO , IDP , aw , sw , Y ) .
θ =lθ
= Q+ δi .βi + δi .γi .fi,j .skPRO .P ((H1 (UIDPA ) .Pubk + RIDPA ) + y) .P
i =l1 i =l1 i=1
i =l = Q + Z.H3 (RIDPA + H1 (UIDPA )) + Y.
θ
= Q+ δi .βi
Hence, the equation ζ.P = Q +
i =l1
Z.H3 (RIDPA + H1 (UIDPA )) + Y holds to satisfy the auditing
i
=lθ m
features.
+ δi .γi . fi,j − Hτ (j, IT i) .skPRO .P Theorem2: The proposed ID-PAOPA may be correct if and
i =l1 i=1 only if the following expressions are found to be valid.
i
i =l m They are as follows:
=lθ θ
= Q+ δi .βi + δi .γi .fi,j
i =l1 i =l1 i=1 SKIDi .P = H1 (UIDi ) .Pubk + RIDi (1)
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5378 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
sw .P = (H2 (IDO , IDP , aw , X) Moreover, there may be a number λ ∈ Zq∗ such that Q = λ.P
to hold the following equation:
. (H1 (IDO ) . Pubk + RIDO ) + X) . (2)
Δ.sw .P = = Δκ3 .λ.Q. (8)
The correction of (1) is as follows:
SKIDi .P = H1 (UIDi ) .Pubk + RIDi From (8), λ = Δ.sw /Δκ3 may be computed to solve the
EC-DLP problem on G, which is contradicted to the hardness
= rIDi .P + s.H1 (UIDi , RIDi ) .P assumption of EC-DLP.
= RIDi + H1 (UIDi , RIDi ) .Pubk . Theorem 4: Assume that ADv wishes to win Game1 and
Game2 in the security proof with a probability , i.e., nonnegli-
Subsequently, the correction of (2) can be described as gible. Thus, a simulation SM is constructed to solve the problem
follows: of nonnegligible .
sw = (r + H2 (IDO , IDP , aw , X) .skIDO ) .P Game1 : Suppose ADv may wish to tamper with the medical
file to outsource the data-block into MCS , then it may further
= r.P + (H2 (IDO , IDP , aw , X)) . (rIDO lead ADv to forge the audit proof P, i.e., to verify the integrity
+s.H1 (UIDO , RIDO )) P of data.
CR attempts to receive CHAL = {θ, Key } from TA . As-
= X + (H2 (IDO , IDP , aw , X)) . (H1 (UIDO , RIDO ) .Pubk sume that ADv may wish to forge P ∗ = (ρ∗ , K, ζ) ,
+RIDO ) . where ρ∗ = ρ, ρ∗ = {ρ∗1 , ρ∗2 , ρ∗3 , . . . . . . , ρ∗m ,} , and ρ∗j =
i=lθ
∗
i=l1 γi .fi,j , ∀ j = 1, 2, 3, . . . . . . , m. Assume that there
VI. SECURITY PROOF ∗
may be a data block likely to replace by ADv such that fi,j =
∗
This section has two security proofs to verify the security fi,j . Then, there may be a case like Δfi,j = fi,j − fi,j =
feature such as unforgeability and privacy preservation in terms 0 and Δ ρj = ρ∗j − ρj =, where j = 1, 2, 3, . . . . . . , m.
of proxy authorization, and data auditing. Moreover, the infor- Hence, the audit proof P ∗ = {ρ∗ , K, ζ} may compute the
mal analysis is shown to prove the security efficiencies of the following equation to hold the audit process:
proposed ID-PAOPA in terms of identity privacy preservation,
ζ.P = K + (Z1∗ − Z2 + Z3 ) (κ2 (RP + κ1 .Pubk ) + Y )
batch auditing, public verifiability, and corrective storage.
(9)
where Z1∗ = m j=1 γj .ρ∗j ∈ Zq . The following equation may
A. Formal Security Proof
express as
Theorem3: The proposed ID-PAOPA scheme fulfills the ⎛
m
unforgeability feature of proxy authorization if the hardness
ζ.P = K + ⎝ γj .ρ∗j
problem of EC-DLP is preferred.
Proof: Assume that ADv forges the information of proxy au- j =1
∗ ∗ ∗
thorizer {sw , X , aw , RIDO } and sends the parameters to UPA , −Z2 + Z3 ) (κ2 (RP + κ1 .Pubk ) + Y ) . (10)
where sw = s∗w and aw = a∗w . Suppose Δ. sw = sw − s∗w =
0, then the forged information s∗w may equalize with the follow- Since MCS may generate a valid audit proof P = (ρ, K, ζ) to
ing equation to hold the audit process: challenge CHAL = {θ, Key } that satisfies ζ.P = K +
Z(κ2 (RP + κ1 .Pubk ) + Y ) to express the following equation:
sw .P = (κ∗3 (H1 (IDO ) . Pubk + RIDO ) + X) (3) ⎛
m
where κ∗3 = H2 (IDO , IDP , a∗w , X).
ζ.P = K + ⎝ γi .ρ∗j
Since (IDO , IDP , aw , X) is preferable information for proxy
j =1
authorization, i.e., from UDO , it has a chance to validate the
following equation to hold the constraint −Z2 + Z3 ) (κ2 (RP + κ1 .Pubk ) + Y ) (11)
s∗w .P = (κ3 (H1 (IDO ) . Pubk + RIDO ) + X) . (4)
m
where Z1 = γi .ρj ∈ Zq .
Deducting (4) and (2), (5) may be obtained as follows: j=1
Δsw .P = Δκ3 . (H1 (IDO ) . Pubk + RIDO ) . (6) −Z2 + Z3 ) (κ2 (RP + κ1 .P ubk ) + Y ) (12)
Since G is an additive cyclic group with prime order q and
Deducting (12) and (11), the following equation may be
key generator P , Q = (κ1 Pubk + RIDO ) is actually become
obtained:
an element in G. Hence, it can be concluded in the following
m
equation to hold the audit process that
γj . ρj − ρ∗j κ2 (RP + κ1 .Pubk ) + Y = 0. (13)
Δ.sw .P = = Δκ3 .Q. (7) j =1
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
AL-TURJMAN AND DEEBAK: PROXY-AUTHORIZED PUBLIC AUDITING SCHEME FOR CYBER-MEDICAL SYSTEMS USING AI-IoT 5379
It is now set w = (κ2 (RP + κ1 .Pubk ) + Y ) to obtain the From (23), l = Δζ/Δk may be computed to solve the EC-
following equation: DLP problem on G, which has a contradictory assumption with
m EC-DLP.
Δγi .ρj .w = 0. (14) Theorem 5: Assume that the proposed ID-PAOPA wishes
i=1 to achieve the property of privacy preservation that holds the
hardness assumption of EC-DLP.
Since G is an additive cyclic group with prime order q and Proof: Assume that ADv tries to capture the valid
key generator P for any parameters X, Y ∈ G, d = Zq∗ actually information, i.e., {sw , X, aw , RIDO } from UDO , then
exist as an element in G such that X = d.Y . Given X, Y ∈ {s∗w , X ∗ , a∗w , RIDO } may return the forged warrant to UP A ,
G, every {γj .w} may generate γj .w = (μj .X + ωj .Y ), i.e., where sw = s∗w and aw = a∗w . However, we may forge the
μj , ωj ∈ Zq∗ to obtain the following equation: signed information Δ sw = (sw − s∗w ) to pass the proxy
Δγi .ρj .w = Δμj .ρj .X + Δωj .ρj .Y. (15) authorization.
From (15), the following equation may be derived: s∗w .P = H2∗ (H1 . Pubk + RIDO ) + X, H1 = (H1 (IDO )) ,
m
m
m
and H2∗ = H2 (IDO , IDP , a∗w , X) .
Δγj .ρj .w = Δμj .ρj .X + Δωj .ρj .Y. (16) (24)
j =1 j =1 j =1
(IDO , IDP , aw , X) uses a valid warrant to satisfy the follow-
From (14) and (16), the following equation can be derived: ing equation:
m
m
Δμj .ρj .X + Δωj .ρj .Y = 0. (17) sw .P = H2 (H1 . Pubk + RIDO ) + X, H1 = (H1 (IDO )) ,
j =1 j =1 and H2 = H2 (IDO , IDP , a∗w , X) .
Moreover, it can further be obtained as (25)
⎛ ⎞
m m
According to (25), the following equation may be obtained:
X = −⎝ Δωj .ρj / Δμj .ρj ⎠ .Y. (18)
(sw − s∗w ) .P = (H2 − H2∗ ) . (H1 . Pubk + RIDO ) (26)
j =1 j =1
Δsw .P = ΔH2 (H1 . Pubk + RIDO ) (27)
Thus, ADv may solve the difficulty of EC-DLP, which has a
contradictory issue of EC-DLP hardness. where ΔH2 = (H2 − H2∗ ) = 0. Since G is an additive cyclic
Game2 : Assume that ADv tries to change or replace the group with prime order q, key generator P , Pubk = s.P and
aggregate signature {K, ζ} to forge the audit proof to authorize RIDO = rIDO .P are actually preferred as an element in G =
the data integrity. {P } to set Z = H1 . Pubk + RIDO ∈ G. Hence, the hardness
CR attempts to receive CHAL = {θ, Key } from TA that of EC-DLP assumption between P and Z may be solved as
may successfully forge the audit proof P ∗ = (ρ, K∗ , ζ ∗ ) where z = Δsw /ΔH2 such that Z = z.P .
(K∗ , ζ ∗ ) = (K, ζ). There is a parameter, i.e., K∗ = K, that forges Hence, the proposed ID-PAOPA may guarantee that no out-
the audit proof P ∗ = (ρ, K∗ , ζ ∗ ) to hold the following equation: sider can generate a legal signature warrant or can impersonate
as a legal owner to verify the medical file over cloud M-CPS.
ζ ∗ .P = K∗ + Z (κ2 (RP + κ1 .Pubk ) + Y ) . (19)
Since MCS generates a valid proof for CHAL = B. Informal Security Analysis
{θ, Key }, i.e., from TA , the following equation may obtain to The major security goals are as follows.
hold 1) Identity Privacy Preservation: In the proposed ID-
ζ.P = K + Z (κ2 (RP + κ1 .Pubk ) + Y ) . (20) PAOPA, TA generates α = {α1 , α2 , . . . . . . , αm } and β =
{β1 , β2 , . . . . . . , βn } to compute a set of the valid sig-
Deducting (20) and (19), the following equation may be nature warrant, which uses κ1 = H1 (IDP , RP ) and κ2 =
obtained: H3 (IDO , IDP , aw , sw , Y ) to preserve the patient identities
UIDi . However, the generated signatures cannot be utilized
(ζ ∗ − ζ) .P = (K∗ − K) . (21)
to gain access to the medical file fi expressed as fi =
It is now set Δζ = (ζ ∗ − ζ) to obtain the following equation: {fi,1 , fi,2 , . . . , fi,m } ∈ Zqm , which has a unique tag IT to
differentiate the storage file in cloud M-CPS. Moreover, the
Δζ.P = (K∗ − K) . (22) external entities such as trusted auditors and cloud-server cannot
Since G is an additive cyclic group with prime order q and key obtain a valid signature of UDO to generate the file information
generator P , Δζ.P = (K∗ − K) ∈ G actually exists without F that may eventually outsource the confidential parameters
generality loss. Hence, Δkl.P = (K∗ − K) is set to obtain the to MCS . As a result, the integrity of IT can be maintained
following equation: between UDO and UPA to generate a signed private-key Spk .
Hence the proposed ID-PAOPA claims the property of privacy
Δζ.P = Δkl.P. (23) preservation.
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5380 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
TABLE IV TABLE V
IMPORTANT NOTATIONS OF PROPOSED ID-PAOPA COMPUTATION COSTS OF PROXY AUTHORIZATION AND SIGNATORY
WARRANT
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
AL-TURJMAN AND DEEBAK: PROXY-AUTHORIZED PUBLIC AUDITING SCHEME FOR CYBER-MEDICAL SYSTEMS USING AI-IoT 5381
TABLE VI
COMPARISON OF AUDIT TIMING IN TERMS OF PROXY VERIFICATION, INTEGRITY VERIFICATION, AND AUDIT TIMING
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5382 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
VIII. CONCLUSION [16] J. Wurm et al., “Introduction to cyber-physical system security: A cross-
layer perspective,” IEEE Trans. Multi-Scale Comput. Syst., vol. 3, no. 3,
In this article, a practical ID-PAOPA was proposed for cloud- pp. 215–227, Jul.–Sep. 2017.
based M-CPS. It used a technique of lightweight identity-based [17] W. Shen, J. Qin, J. Yu, R. Hao, and J. Hu, “Enabling identity-based integrity
auditing and data sharing with sensitive information hiding for secure cloud
system to prevent the occurrence of certificate management. storage,” IEEE Trans. Inf. Forensics Secur., vol. 14, no. 2, pp. 331–346,
Specifically, it used a signature warrant of proxy authorization Feb. 2019.
to validate whether the proxy processed the medical data to out- [18] Y. Wang, Q. Wu, B. Qin, W. Shi, R. H. Deng, and J. Hu, “Identity-based
data outsourcing with comprehensive auditing in clouds,” IEEE Trans. Inf.
source it to cloud M-CPS, i.e., in place of data owner. Moreover, Forensics Secur., vol. 12, no. 4, pp. 940–952, Apr. 2017.
a trusted auditor was employed to perform integrity verification [19] Y. Yu et al., “Identity-based remote data integrity checking with perfect
of the data owner not including the entire medical file. The data privacy preserving for cloud storage,” IEEE Trans. Inf. Forensics
Secur., vol. 12, no. 4, pp. 767–778, Apr. 2017.
proposed ID-PAOPA uses EC-DLP to demonstrate that it can [20] R. Vinuesa et al., “The role of artificial intelligence in achieving the
guarantee security properties such as unforgeability and privacy sustainable development goals,” Nature Commun., vol. 11, no. 1, pp. 1–10,
preservation. Finally, the performance analysis shows that the 2020.
[21] A. Humayed, J. Lin , F. Li, and B. Luo, “Cyber-physical systems security—
proposed ID-PAOPA consumes less computation and timing A survey,” IEEE Internet Things J., vol. 4, no. 6, pp. 1802–1831, Dec. 2017.
costs than other existing schemes to comply with cloud-based [22] Y. Ashibani and Q. H. Mahmoud, “Cyber physical systems security:
M-CPS. In the future, superior functionalities, such as proxy re- Analysis, challenges and solutions,” Comput. Secur., vol. 68, pp. 81–97,
2017.
encryption and hierarchical access control, will be incorporated [23] S. Lee, S. Lee, H. Yoo, S. Kwon, and T. Shon, “Design and implementation
to fulfill the comprehensive requirements of M-CPS. of cybersecurity testbed for industrial IoT systems,” J. Supercomput.,
vol. 74, no. 9, pp. 4506–4520, 2018.
[24] H. Wang, D. He, and S. Tang, “Identity-based proxy-oriented data upload-
REFERENCES ing and remote data integrity checking in public cloud,” IEEE Trans. Inf.
Forensics Secur., vol. 11 no. 6, pp. 1165–1176, Jun. 2016.
[1] P. K. R. Maddikunta et al., “Industry 5.0: A survey on enabling technolo-
[25] Y. Zhang, C. Xu, X. Liang, H. Li, Y. Mu, and X. Zhang, “Efficient
gies and potential applications,” J. Ind. Inf. Integr., 2021, Art. no. 100257,
public verification of data integrity for cloud storage systems from in-
doi: 10.1016/j.jii.2021.100257.
distinguishability obfuscation,” IEEE Trans. Inf. Forensics Secur., vol. 12,
[2] R. Vinuesa et al., “The role of artificial intelligence in achieving the
no. 3, pp. 676–688, Mar. 2017.
sustainable development goals,” Nature Commun., vol. 11, no. 1, pp. 1–10,
[26] D. He, S. Zeadally, and L. Wu, “Certificateless public auditing scheme for
2020.
cloud-assisted wireless body area networks,” IEEE Syst. J., vol. 12, no. 1,
[3] S. Š. Žižek, Z. Nedelko, M. Mulej, and Ž. V. Čič, “Key performance
pp. 64–73, Mar. 2015.
indicators and industry 4.0 – A socially responsible perspective,” Naše
[27] X. Zhang, C. Xu, Y. Zhang, and C. Jin, “Efficient integrity verification
Gospodarstvo/Our Economy, vol. 66, no. 3, pp. 22–35, 2020.
scheme for medical data records in cloud-assisted wireless medical sensor
[4] D. B. Deebak and F. Al-Turjman, “Lightweight privacy-aware secure
networks,” Wireless Pers. Commun., vol. 96, no. 2, pp. 1819–1833, 2017.
authentication scheme for cyber-physical systems in the edge intelligence
[28] J. Zhang, B. Wang, D. He, and X. A. Wang, “Improved secure fuzzy
era,” in Concurrency Comput., Pract. Experience, 2021, Art. no. e6510,
auditing protocol for cloud data storage,” Soft Comput., vol. 23, no. 10,
doi: 10.1002/cpe.6510.
pp. 3411–3422, 2019.
[5] B. D. Deebak, F. Al-Turjman, M. Aloqaily, and O. Alfandi, “An authentic-
[29] H. Zhong, Y. Zhou, Q. Zhang, Y. Xu, and J. Cui, “An efficient
based privacy preservation protocol for smart e-healthcare systems in IoT,”
and outsourcing-supported attribute-based access control scheme for
IEEE Access, vol. 7, pp. 135632–135649, 2019.
edge-enabled smart healthcare,” Future Gener. Comput. Syst., vol. 115,
[6] N. Dey, A. S. Ashour, F. Shi, S. J. Fong, and J. M. R. Tavares, “Medical
pp. 486–496, 2021.
cyber-physical systems: A survey,” J. Med. Syst., vol. 42, no. 4, pp. 1–13,
[30] S. F. Aghili, H. Mala, M. Shojafar, and P. Peris-Lopez, “LACO:
2018.
Lightweight three-factor authentication, access control and ownership
[7] S. Chen, M. Ma, and Z. Luo, “An authentication scheme with identity-
transfer scheme for e-health systems in IoT,” Future Gener. Comput. Syst.,
based cryptography for M2M security in cyber-physical systems,” Secur.
vol. 96, pp. 410–424, 2019.
Commun. Netw., vol. 9, no. 10, pp. 1146–1157, 2016.
[8] Q. Huang, Y. He, W. Yue, and Y. Yang, “Adaptive secure cross-
cloud data collaboration with identity-based cryptography and condi-
tional proxy re-encryption,” Secur. Commun. Netw., vol. 2018, 2018,
Art. no. 8932325. Fadi Al-Turjman received the Ph.D. degree
[9] C. Wang, S. S. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving in computer science from Queen’s University,
public auditing for secure cloud storage,” IEEE Trans. Comput., vol. 62, Kingston, ON, Canada, in 2011.
no. 2, pp. 362–375, Feb. 2013. He is currently a Professor with Near East
[10] Z. Xu, D. He, H. Wang, P. Vijayakumar, and K. K. R. Choo, “A novel proxy- University, Nicosia, Turkey. He is a leading au-
oriented public auditing scheme for cloud-based medical cyber physical thority in the areas of smart/cognitive, wireless,
systems,” J. Inf. Secur. Appl., vol. 51, 2020, Art. no. 102453. and mobile networks’ architectures, protocols,
[11] Y. Zhang, C. Xu, H. Li, K. Yang, J. Zhou, and X. Lin, “HealthDep: deployments, and performance evaluation. His
An efficient and secure deduplication scheme for cloud-assisted eHealth publication history spans more than 400 publi-
systems,” IEEE Trans. Ind. Informat., vol. 14, no. 9, pp. 4101–4112, cations in journals, conferences, patents, books,
Sep. 2018. and book chapters.
[12] Z. Xu, L. Wu, M. K. Khan, K.-K. R. Choo, and D. He, “A secure and
efficient public auditing scheme using rsa algorithm for cloud storage,” J.
Supercomput., vol. 73, no. 12, pp. 5285–309, 2017. B D Deebak received the Ph.D. degree in com-
[13] X. Zhang, J. Zhao, C. Xu, H. Wang, and Y. Zhang, “DOPIV: Post- puter science from SASTRA Deemed Univer-
quantum secure Identity-based data outsourcing with public integrity sity, Thanjavur, India, in 2016.
verification in cloud storage,” IEEE Trans. Serv. Comput., to be published, He is currently an Associate Professor with
doi: 10.1109/TSC.2019.2942297. the Department of Computational Intelligence,
[14] P. Shabisha, A. Braeken, A. Touhafi, and K. Steenhaut, “Elliptic curve School of Computer Science and Engineering,
Qu-VanStone based signcryption schemes with proxy re-encryption for Vellore Institute of Technology, Vellore, India. He
secure cloud data storage,” in Proc. Int. Conf. Cloud Comput. Technol. is an Active Member in professional societies
Appl., 2017, pp. 1–18. like IE (I), CSI, and ISTE. His research interests
[15] Q. Chen, Z. Huang, Y. Ding, Y. Zhou, and H. Huang, “A new provably include multimedia networks, network security,
secure identity-based multi-proxy signature scheme,” in Proc. Int. Symp. Internet of Things, and machine learning.
Cybersp. Saf. Secur., 2019, pp. 230–242.
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.