A Proxy-Authorized Public Auditing Scheme For Cyber-Medical Systems Using AI-IoT

IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO.
8, AUGUST 2022 5371
A Proxy-Authorized Public Auditing Scheme for

Cyber-Medical Systems Using AI-IoT
Fadi Al-Turjman and B D Deebak
Abstract—Artificial intelligence based Internet of Things AI-IoT significantly improves the growth rate of the industrial
enables autonomous communication among social net- sector by 20% [2] to accelerate the key performance indicators
works and IoT to leverage the promising solution in the
of Industry 4.0 such as effectiveness, allocation, and utilization
modern paradigms. It can provide an interactive plat-
form across the globe to enrich the quality of network- efficiency [3]. It can reconstruct the manufacturing components
ing services to the end users. Of late, the expansion as AI objects to interconnect the applications of human-centric
of information-centric networking has brought an incredi- AI.
ble technique, known as public auditing scheme, for IoT- In the past six decades, the Internet has tremendously grown
enabled sensor technologies. It uses a cloud-based med-
for the development of several innovative technologies. In spe-
ical cyber-physical system (M-CPS) to rely on cloud com-
puting that ensures fast computing and reliable data stor- cific, it is nowadays collaborating with physical world objects
age. Since the medical file is so vital to involve precise to expand its evolution beyond human-centered communication.
diagnoses, data integrity and verification have lately be- As a result, a new paradigm known as IoT is proven to be a
come the data auditing tool. To exploit proxy authorizer tool for social business opportunities. It integrates the concepts
and trusted auditor, an identity-based proxy authorized out-
of social networking to provide socialization among real-time
sourcing with public auditing (ID-PAOPA) is proposed. It
uses proxy authorization and verification to upload medical objects. It is widely recognized as AI-IoT that allows users to
data over cloud-based M-CPS. To substantiate the finding, enforce security laws to protect their privacy. In addition, it
this article provides security proof based on the EC-DLP implements a smart technique to provide autonomous interaction
assumption. Finally, the performance analysis proves that that relies on the social relations of the users. It has a major task
the proposed ID-PAOPA achieves less computation and au-
to construct a reliable network object to infer the strength of the
diting timing to fulfill the objectives of cloud-based M-CPS.
social interconnection that harnesses the advantages of network
Index Terms—Artificial intelligence (AI), auditing, compu- structure. They are as follows.
tation, cyber-physical systems (CPSs), Internet of Things 1) Similar to a human-centric network, the AI-IoT gives a
(IoT), trusted auditor.
structure to the IoT that offers an efficient discovery of
real-time objects, scalability, and navigation.
I. INTRODUCTION 2) It ensures a trusted connection to leverage the service
interaction and information exchange among the available
NDUSTRY 4.0 has adopted various innovative technolo-
I gies, such as real-time data processing, cloud computing,
Industrial Internet of Things (IoT), digitization, and enterprise
smart objects.
3) It uses dedicated network analysis to examine the nature
of network structures such as patterns and correlation.
resource planning, for the evolution of advanced collaborative
4) It relies on trusted parties to colocate similar objects that
approaches [1]. A new paradigm of IoT emerges artificial intelli-
may be useful to predict future interaction.
gence (AI) to realize the digitization of all things, which observe
Of late, cyber-physical systems (CPS) have been emerging to
the environmental data to perform self-driven analysis. The
the next computing phase that is equipped to enrich the security
collaborative AI-enabled IoT operates numerous technologies
and safety of healthcare systems. However, the usage of e-health
and applications to offer a high-level quality of services, such
records and biomedical and public health data has been raised
as reliability, scalability, and availability. Most of the adoptive
based upon transparency than availability and traceability. In
the healthcare system, an intelligent-embedded medical device
Manuscript received March 6, 2021; revised August 20, 2021 and is appeared as a special type of medical CPS (M-CPS) to connect
September 23, 2021; accepted October 31, 2021. Date of publication the massive amount of healthcare data, i.e., from various types
November 11, 2021; date of current version May 6, 2022. Paper no.
TII-21-1092. (Corresponding author: B D Deebak.) of medical sensors [4]. Since medical data cannot be practical
Fadi Al-Turjman is with the Artificial Intelligence Engineering Deptart- for a transient decision, patient monitoring and data analysis
ment, Research Center for AI and IoT, Near East University, Mersin 10, may cause more interference for M-CPS. However, M-CPS
Turkey (e-mail: fadi.alturjman@neu.edu.tr).
B D Deebak is with the School of Computer Science and Engi- represents the datasets, such as blood pressure, temperature,
neering, Vellore Institute of Technology, Vellore 632014, India (e-mail: heart rate, electrocardiogram, and X-ray, to perform an intensive
deebak.bd@vit.ac.in). examination and decision-making process. Generally, patients
Color versions of one or more figures in this article are available at
https://doi.org/10.1109/TII.2021.3126316. and medical doctors outsource the medical data over the cloud
Digital Object Identifier 10.1109/TII.2021.3126316 server that enables the storage device to share the data remotely.
1551-3203 © 2021 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See https://www.ieee.org/publications/rights/index.html for more information.
Authorized licensed use limited to: KCG College of Technology - CHENNAI. Downloaded on July 31,2023 at 06:21:03 UTC from IEEE Xplore. Restrictions apply.
5372 IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO. 8, AUGUST 2022
TABLE I
ABBREVIATION USED
one hand, the integral system may not control delegable out-
Fig. 1. Medical cyber-physical system (M-CPS).
sourcing to verify whether the proxy has its own trustworthiness
to fulfill the patients’ requirements to gain data access. On
Using the Internet, various medical sensors substantially ac- the other hand, the data owner may no longer have physical
quire the physical nature of cloud-based M-CPS to observe the control over the outsourcing of medical data. As an instance,
medical data remotely. Moreover, cloud-based M-CPS has many to achieve a better reputation, the cloud server may conceal
desirable features that can easily be prone to several critical the occurrence of data corruption. Also, it may even delete the
issues in medical outsourcing [5]. In practice, this system is old and inactive files to maximize the storage efficiency of the
lacking the outsource controller to validate whether the medical system [12].
authority is honest or not to process the data uploading. Along- To address data sharing and outsourcing issues, this article
side the common drawbacks of CPS are timing and concurrency presents an identity-based secure authentication with proxy
control. In other words, cloud-based data storage provides basic authorized outsourcing. Specifically, this novel algorithm is
medical diagnoses to highlight the integrity of clinical data; designed to meet the lightweight computing requirement, i.e.,
however, slight modification may lead to severe medical threats for M-CPS. Therefore, a proper mobile setting and data in-
such as death. Therefore, users including patients and doctors tegrity should be handled cautiously. Of late, Zhang et al. [13]
should authorize a medical authority to process and upload the provided a cloud storage service to ensure the functionality of
medical data to cloud-data storage, i.e., M-CPS [6]. However, proxy service. However, it consumes more computation costs
in the M-CPS, the machine-to-machine (M2M) communication for cloud-based M-CPS. To address issues such as medical data
can be responsible to collect and transmit the data as shown in sharing, outsourcing, and integrity, identity-based proxy autho-
Fig. 1. rized outsourcing with public auditing (ID-PAOPA) is proposed.
In this concern, Chen et al. [7] proposed an identity-based In particular, the auditing scheme integrates a novel algorithm
authentication without key management, in which they only to meet the lightweight computation process, i.e., in M-CPS.
store partial secrets instead of full secrets that could prevent Table I shows the important abbreviation used in this article.
the compromised M2M communication from threatening the
entire system. Importantly, a public cloud-data storage system
dynamically shares the data streaming using the IoT that widely A. Major Contributions
enhances the feature of data verifiability. Huang et al. [8] devised The major contributions are as follows.
a secure cross-cloud data collaboration framework with identity- 1) To minimize the computation overhead, the proposed
based cryptography and proxy re-encryption mechanisms to ID-PAOPA enables the medical patients to authorize the
provide flexible and conditional data re-encryption amongst the medical expert.
ciphertexts encrypted in identity-based encryption. Wang et al. 2) To realize the significance, an integrity check is initi-
[9] provided a proxy re-encryption functionality for cloud-data ated periodically [7]. Importantly, it does not retrieve the
storage services. Unfortunately, this storage feature consumes whole medical data to examine the integrity of the expert.
more computation cost, and thus cannot be applied in the use of 3) To compress the medical data into a minimum block,
M-CPS. a homomorphic–based message authentication code
Xu et al. [10] designed a proxy-based public auditing scheme is constructed that dramatically reduces the compu-
to examine the key issues such as the availability and integrity of tation cost to generate the homomorphic authentica-
medical data. This scheme uses an intelligent electronic device tors in the linear form using an elliptic-curve digital
to explore protective functions, such as control, monitoring, signature [14].
and communication. It can disintegrate object limitation, space, 4) To guarantee data confidentiality, a lightweight symmet-
and time to discover the best practices of user experience. The ric encryption algorithm is used that suits a medical sensor
M-CPS integrates intelligent device and network architecture device to equip with M-CPS [10].
to support distributed computing, ubiquitous service, and in- 5) To provide storage correctness, proxy authorized, and
teractive communication in medical applications [11]. On the privacy-preserved, an ID-based system [18] is designed
AL-TURJMAN AND DEEBAK: PROXY-AUTHORIZED PUBLIC AUDITING SCHEME FOR CYBER-MEDICAL SYSTEMS USING AI-IoT 5373
that avoids complex certificate management to deploy in Lately, Chen et al. [15] devised a multiproxy signature is based
information-centric environments. on bilinear pairings, in which the original signer can authorize
The rest of this article is organized as follows. Section II dis- a proxy group as their proxy agent. Later on, all signers in
cusses the related works. Section III shows a systematic frame- the proxy group can generate the signatures on behalf of the
work for cloud-based M-CPS. Section IV presents the execution original one. Furthermore, they assured that their mechanism
phase of the proposed ID-PAOPA. Section V demonstrates the can avoid complex certificate management processes and keep
proof of correctness. Section VI proves the security features up identity-based systems. However, most CPSs [16] face the
such as unforgeability and privacy preservation of proposed problem of estimation of remote physical access and processes.
ID-PAOPA. Section VII discusses the performance analysis Shen et al. [17] designed identity-based auditing with a feature
of the public auditing in terms of the time and computation of information hiding to share sensitive data over cloud storage.
overhead. Finally, Section VIII concludes this article. This scheme utilizes the manager of the organization to trans-
form a signature into a valid one after the sensitive data being
hidden apropos of the organization. As a result, the manager
may gain the legal rights to modify or forge the new data as he
II. RELATED WORK may compute the equivalent signature to interpolate malicious
The emerging computing paradigms include wireless commu- behavior [18]. Yu et al. [19] presented identity-based remote
nication, cloud, and mobile computing to enable the technology data integrity with privacy preserving to prevent malicious be-
of mobile cloud computing (MCC). It can offer certain key haviors. To secure transmissions of the multiple states of remote
properties such as device computation and storage capabilities and dynamics processes, Vinuesa et al. [20] proposed a novel
to the developers and service providers to build a complex Markov decision process (MDP) utilizing a deep Q-Network. In
application system, which utilizes a cloud network to meet the this study, the sensor applies a transmission schedule to process
standard requirements of sensitive applications systems such as the information to the central gateway over a wireless network.
security and privacy. However, MCC cannot be applicable for the Unfortunately, the existing mechanisms [19], [20] cannot guar-
widespread distribution of networking services as it incurs high antee data integrity to prevent unauthorized access on the cloud
latency to establish a reliable connection between the centralized server.
clouds and the distributed users. As to capitalize the functionality Humayed et al. [21] studied different security aspects of CPS
of baseband signaling, cloud radio access networks (C-RAN) are that provide several security challenges for industrial control
preferred. It has distributed remote radio heads and centralized systems including potential vulnerabilities and attacks. Ashibani
baseband units for the support of large-scale signaling, joint and Mahmoud [22] reviewed different layer architecture of CPS
beamforming, and allocation of network resources. The C-RAN to discuss the security challenges. Lee et al. [23] devised a cyber-
can improve spectral and energy efficiency not only to reduce the security testbed to consider the new security technologies as a
consumption of energy but also to increase hardware utilization. part of IoT security challenges in the industrial infrastructure. To
This technology can even be centralized to achieve massive ensure efficient medical treatment, the patient should consult a
information exchange between the remote radio heads and the delegate as a trusted proxy. They would process the medical data
baseband units. storing in cloud-based M-CPS to do further analysis. Although
The emerging technologies significantly improve the con- the patient has enough features to provide precise analysis, there
nectivity of IoT devices that remotely access the cloud server are still verging serious security issues in the outsourcing of med-
to process service requests. IoT offers smart intelligence to ical data [24]. Zhang et al. [25] constructed public auditing using
control real-time objects that address several challenges such the obfuscation technique. He et al. [26] presented certificateless
as trust, scalability, service reliability, and resource discovery. auditing scheme to address the issue of data integrity in the
As a result, the AI-IoT has been originated for the fulfilment medical information system. Zhang et al. [27] proposed cloud
of network socialization that meets the standard constraints storage auditing to achieve data sharing dynamically. Zhang et
such as theoretical concepts, architecture, and characteristics. al. [28] improved a public verifiable to outsource the massive
It may provide a better subjective model to evaluate the network amount of IoT data. Zhong et al. [29] designed an outsourcing
trustworthiness that employs the privacy protection technique attribute-based encryption to reduce the computing cost of IoT
to enhance the security features. There exist several auditing devices. However, the existing mechanisms [28], [29] cannot
protocols that rely on certificate-based systems that work well for achieve the key constraints, such as signature warrant and proxy
PKI, which carries an additional cost of certificate management. authorization, not only to perform lightweight operations but
Resultantly, these types of schemes cannot support cloud- also to maintain the data load at an acceptable range between
based M-CPS as the TPA needs to accomplish the auditing the data owner and data user [30]. Table II summarizes the key
utilizing bilinear-pairing schemes. In 2017, Shabisha et al. [14] issues of public auditing schemes.
devised a systematic solution to store the data in the cloud
environments utilizing a pairing less proxy re-encryption mech- III. PRELIMINARIES
anism. But this mechanism is not implemented in real-time
This section introduces a systematic framework for M-CPS
applications. However, massive medical records can be stored
that uses ID-PAOPA to promise data integrity. It has five entities
in cloud-assisted data stores, where the integrity of the data is
namely medical cloud server, private key generator, data owner,
highly essential.
TABLE II
KEY ISSUES OF PUBLIC AUDITING SCHEMES
Proxy Authorizer: It may gain the authorized access to pro-

cess and upload the medical data in cloud-based M-CPS that
maintains better authorization and data management. Upon ver-
ification, the proxy authorizer deletes the accessed data from the
local storage.
Trusted Auditor: It can validate the integrity of medical data
stored in cloud server upon the request of the data owner.
A. System Components
The important definitions of the proposed ID-PAOPA are as
follows.
Setup: As an input, a parameter 1k may use an algorithm
of probabilistic polynomial time (PPT) to generate the secret
values. Accordingly, it sends the public parameters and secret
key parameters as an output.
Extract: Considering the input parameters, such as master
secret keys {Pubk , s}, i.e., public parameters, entity identity
Fig. 2. Systematic framework of ID-PAOPA. ID , and public key generator PKG , are correspondingly chosen
to determine the private key Pvtid .
Proxy Key-Gen: Data owner IDDO is capable to generate the
signature warrant sw that designates the signature as a delegate
proxy authorizer, and trusted auditor, as shown in Fig. 2. The to the proxy PID . Finally, PID generates the signed private-key
medical sensors collect the valuable assets of the intelligent Spk based on sw .
devices that unprecedently increase the storage of voluminous Data-Outsource: Considering a medical file MF with an
data to perform data analytics. It may apply AI techniques index tag IT , public parameters, signed private-key Spk , and
to examine the sensitive information of patients such as chest symmetric-key τ , PID generates the output parameters, such
X-ray, medical images, and physical notes. The generated data as signature set κ and encrypted medical file MF . Finally,
explores numerous social platforms to translate the valuable PID uploads the system parameters {MF , κ, IT }, and signature
information, patient condition, and experts opinion to mitigate warrant sw to cloud M-CPS.
any emergency outbreaks. Therefore, collaborative technologies Proof-Gen: Considering {MF , κ, IT } as an input to chal-
discover an ambient intelligence to maintain the information lenge the message from a trusted auditor, the cloud-server returns
exchange in M-CPS. It can make s smart decision to improve the the auditing information as proof to the auditor.
quality of experience and data processing [21]. The key entities Proof-Verifier: At first, a trusted auditor validates the autho-
are as follows: rization access that considers the challenge message to audit the
Medical Cloud Server: It provides medical storage service and information to return the response as true. Otherwise, it returns
a strong computation process to manage the service providers. the message as false.
Private Key Generator: It generates a public–private key pair
between the data owner and proxy authorizer to offer a reliable
connection and key distribution. B. Hardness Problem: EC-DLP
Data Owner: It usually sends a massive amount of medical The proposed ID-PAOPA is constructed using an elliptic-
data to store and collect in cloud-based M-CPS that may later curve discrete logarithm problem (EC-DLP). It can be defined
outsource by the proxy authorizer. as follows.
Definition 1 (EC-DLP): It has two prime integers, i.e., p and TABLE III
IMPORTANT NOTATIONS USED IN THE PROPOSED ID-PAOPA
q, to define the elliptic-curve Zp where G is an additive cyclic
group with the random generator p and the prime order q. For
any P , Q ∈ G is to find an integer a ∈ Zp in the polynomial
time, i.e., Q = a.P .
C. Security Model
The formal security model can be defined to audit the data
integrity over an interactive mechanism, i.e., between the adver-
sary ADv and the challenge CHR . The execution steps are as
follows.
Setup: While executing this algorithm, CHR may collect the
system parameters Param , and master-key mk to return Param to
ADv including secret key sk .
Queries: ADv initiates the query requests to CHR . They are
as follows.
1) Extract Queries: Upon the execution of private key ex-
traction, i.e., at URi , CHR calls the Extract algorithm to
obtain the private key, i.e., ski of the URi . Finally, it may
return the extraction results to ADv .
2) Sign Queries: Upon the query execution of signature, i.e.,
data block dij , CHR may call the signature algorithm
to generate a valid signature. Finally, it may return the
corresponding data block to ADv .
CHR may initiate the challenge response to ADv to execute
a valid authentication proof.
Forgery: After the successful query execution, ADv forges
the audit-proof P ∗ according to the challenge request CR . Step 3. The initial system has a possible set of PKG : SKPKG →
We claim that ADv may win the game upon the successful Zqm and pseudorandom functions PRF : SKPRF × LF →
verification, i.e., VP = Param , CR , P ∗ = 1. Otherwise, ADv Zqm where SKPKG and SKPRF define the set of secret keys,
loses the game to perform any proof verification. Table III shows i.e., PKG and PRF , respectively, and LF is the set of the
the important notation used in the proposed ID-PAOPA. file location of each data block in F . Then, the system
randomly chooses {skPKG , skPRF } where skPKG ∈ SKPRF ,
IV. PROPOSED ID-PAOPA and skPRF ∈ SKPRF . Moreover, the system randomly selects
symmetric encryption SE with symmetric key τ . Eventually,
The proposed scheme involves six communication phases to
the system parameters {skPKG , skPRF , τ }are secretly shared
ensure data integrity and confidentiality. The initial preprocess-
by the real-time entities namely data owner, proxy authorizer,
ing involves the medical file F = {f1 , f2 , . . . , fn } that divides
and trusted auditor.
the medical file into n data block. Each data block is further
Step 4. Finally, the system publishes the parameters Param =
dissevered into m data elements, i.e., Zq . Therefore, the medical
{p, q, Pubk , PKG , H1 , H2 , H3 } and holds the master key mk
file fi can be expressed as fi = {fi,1 , fi,2 , . . . , fi,m } ∈ Zqm to
in secret.
differentiate the storage file in cloud M-CPS. It has an initial
system to set a unique tag IT for each medical file. They
are as follows: setup, extract, proxy key-gen, data-outsource, B. Phase 2: Extract
proof-gen, and proof-verifier. The execution procedures are as This phase includes PKG to generate the identity of a private
follows: key PKIDi , i.e., for user Ui . The execution steps are as follows.
A. Phase 1: Setup Step 1. Providing the user identity UIDi , Ui collects Param and
A PPT algorithm consists of three execution steps. mk .
Step 2. PKG randomly chooses rIDi ∈ Zq to compute RIDi =
Step 1. Choose a random integer mk ∈ Zq as a master key to rIDi .P and SKIDi = rIDi + mk .H1 (UIDi ) as the secret
compute Pubk = mk .PKG as a system public key. key of the user.
Step 2. Choose three hash functions: Step 3. PKG transmits the tuple {RIDi , SKIDi } to the user over
a secure channel.
H1 : {01}∗ → Zq ,
Step 4. Ui computes SKIDi .P = H1 (UIDi ).Pubk + RIDi to
H2 : {01}∗ × {01}∗ × {01}∗ × G → Zq ,H3 : {01}∗ × generate a legal identity SKIDi . Otherwise, PKG reinitiates a
{01}∗ × {01}∗ × {01}∗ × G → Zq . private key for Ui .
C. Phase 3: Proxy Key-Gen E. Phase 5: Proof-Gen

Data owner U DO and proxy authorizer U PA generate a T A creates a challenge request and M CS generates the
signed private key S pk to execute the following steps. response proof for the medical data block. The execution steps
are as follows.
Step 1. Considering the owner identity IDO of UDO and proxy
identity IDP of UP , the system Param and the warrant author- Step 1. T A randomly chooses ϕ = {l1 , l2 , . . . . . . , lθ } from
ity aw describe the relevant information rights between UDO the given set {1, 2, . . . . . . , n} to assign the challenge series
and UP . of data block.
Step 2. UDO randomly chooses a random integer r ∈ Zq to Step 2. T A chooses ∂i ∈ Z ∗q for each i ∈ ϕ.
compute X = r.P that generates the signature warrant Step 3. TA sends the challenges requests CHR = (i, ∂i )i∈ϕ to
sw = r + H2 (IDO , IDP , aw , X).skIDO . MCS .
Step 3. UDO authorizes the system information Step 4. Upon receiving the request CH R ,θ MCS com-
{sw , X, aw , RIDO } and sends them to IDO . putes ρ = {ρ1 , ρ2 , . . . . . . , ρm }, Q = i=l δi εi .Qi , and
i=lθ i=lθ i=l1
Step 4. UP computes the hashing values H1 (IDO ) and ζ = i=l1 δi .ζi where ρj = i=l1 δi .fi,j ∀ j =
H2 (IDO , IDP , aw , X) to verify whether the equation sw .P = 1, 2, . . . . . . , m.
(H2 (IDO , IDP , aw , X).(H1 (IDO ). Pubk + RIDO ) + X) Step 5. MCS collects Proof = {ρ, Q, ζ, IT } and
holds or not. If it holds, then UPA accepts the proxy {sw , X, aw , RIDO } and sends them to TA .
authorization to UDO . Otherwise, UPA denies the
authorization process. F. Phase 6: Proof-Verifier
Step 5. UPA randomly chooses y ∈ Zq to com-
pute Y = y.P . Also, it generates skPSK = TA executes the following steps to verify the data integrity.
H3 (IDO , IDP , aw , sw , Y ).skIDP + y as the proxy signed
Step 1. Upon receiving the system parameters Proof =
private key.
{ρ, Q, ζ, IT } and {sw , X, aw , RIDO }, TA computes sw .P =
(H2 (IDO , IDP , aw , X).(H1 (IDO ). Pubk + RIDO ) + X) to
D. Phase 4: Data-Outsource validate whether it holds or not. Otherwise, TA aborts the pro-
This phase includes the proxy authorizer UPA to generate the cess. If the expression holds, then TA executes the following
file information F that outsources the parameters to MCS . steps.
Step 1.1. TA generates α = {α1 , α2 , . . . . . . , αm } and β =
Step 1. Considering a medical file F , n data blocks may be {β1 , β2 , . . . . . . , βn }.
separated, which has F = {f1 , f2 , . . . , fn } ∈ Zqm×n , and Step 1.2. TA generates Q = {Mi , Ni } , where Mi = fK 1 (i),
fi = {fi,1 , fi,2 , . . . , fi,m } ∈ Zqm and Ni = fK 2 (i).
Step 2. Generates a random integer γ = (γ1 , γ2 , . . . , γm ) using Step TA
2. computes Z = Z1 − Z
2 + Z3 where
PKG (skPKG ) ∈ Zqm and random vector α = Z1 = j=m j=1 ρ .α
j j ∈ Z q , Z2 = i=lθ
i=l1
j=m
j=1 Ni .
i=lθ
(α1 , α2 , . . . , αn ) using PRF (skPRF , IT i) where IT αj .Hτ (j, IT i) ∈ Zq and Z3 = i=l1 Ni .βi . αj ∈ Zq .
is the tag index of the medical file. Step 3. TA computes the hashing value κ1 = H1 (IDP , RP )
Step 3. U PA computes the message authentication code σi = and κ2 = H3 (IDO , IDP , aw , sw , Y ).
βi + m i = 1 γi .fi,j for every medical file fi where i = Step 4. TA computes ζ.P = K + Z(κ2 (RP + κ1 .Pubk ) + Y )
1, 2, . . . , n. to examine whether it holds or not. If the equation holds, then
Step 4. UPA randomly generates ri ∈ Zq to calculate TA emits 1. Otherwise, TA emits 0. Fig. 3 shows a process
Qi = ri .P = (μi , ωi ), εi = ωi mod q, and ζi = transmission of the proposed ID-PAOPA.
(εi .ri + σi .skPRO ) mod q, where i = 1, 2, . . . . . . , n.
Step 5. UPA executes the signature output δi = (Qi , εi , ζi ) for V. PROPOSED ID-PAOPA: AN EVALUATION
each medical data block that sets K = {δi }1≤i≤n .
Step 6. UPA periodically decrypts the file F using A. Proof of Correctness
the hashing algorithm H with the key τ and the Theorem1: The proof of correctness has an expression for

encrypted file F = {f1 , f2 , . . . . . . , fn } ∈ Zqm×n , where
the verification, which may be expanded as follows:
fi = fi,1 + Hτ (1, IT i), . . . .. . , fi,j + Hτ (j, IT i),
i=l
θ
. . . . . . , fi,m + Hτ (m, IT i) .
ζ.P = δi .ζi .P
Step 7. UPA collects and uploads the system parameters
i=l1
{F , K, IT } and {aw , sw , X, RIDO } to MCS . Later, it deletes
the parameters from the local storage device. i=l
θ
Step 8. UPA verifies the validity of a = δi . ((εi .ri + σi .skPRO ) ) .P
signature warrant sw using sw .P = i=l1
(H2 (IDO , IDP , aw , X).(H1 (IDO ). Pubk + RIDO ) + X) . i=l
θ i
=lθ
If it holds, then UPA accepts the medical file F . Otherwise, = δi . ((εi .ri )) .P + δi . ((σi .skPRO ) ) .P
it rejects the process of a signature warrant. i=l1 i =l1
Fig. 3. Process transmission of the proposed ID-PAOP.
i=l i i m

θ =lθ =lθ
= δi .εi .ri .P + δi .σi .skPRO .P − δi .γi .Hτ (j, IT i) .skPRO .P
i=l1 i =l1 i =l1 i=1
i=l i i
i =l
θ =lθ =lθ θ
= δi .εi .ri .P + δi .σi .skPRO .P = Q+ δi .βi + ρj .γi
i=l1 i =l1 i =l1 i =l1
i=l i
m
i m

θ =lθ =lθ
= δi .εi .Qi + δi . βi + γi .fi,j .skPRO .P − δi .γi .Hτ (j, IT i) .skPRO .P
i=l1 i =l1 i=1 i =l1 i=1

i
=lθ m
= Q + (Z1 − Z2 + Z3 ) .H3 (IDO , IDP , aw , sw , Y ) . (skIDP
= Q+ δi . βi + γi .fi,j .skPRO .P
i =l1 i=1
+y) .P
i =l i m
= Q + (Z1 − Z2 + Z3 ) .H3 (IDO , IDP , aw , sw , Y ) .
θ =lθ
= Q+ δi .βi + δi .γi .fi,j .skPRO .P ((H1 (UIDPA ) .Pubk + RIDPA ) + y) .P
i =l1 i =l1 i=1
i =l = Q + Z.H3 (RIDPA + H1 (UIDPA )) + Y.
θ
= Q+ δi .βi
Hence, the equation ζ.P = Q +
i =l1
Z.H3 (RIDPA + H1 (UIDPA )) + Y holds to satisfy the auditing
i
=lθ m
features.
+ δi .γi . fi,j − Hτ (j, IT i) .skPRO .P Theorem2: The proposed ID-PAOPA may be correct if and
i =l1 i=1 only if the following expressions are found to be valid.
i
i =l m They are as follows:
=lθ θ
= Q+ δi .βi + δi .γi .fi,j
i =l1 i =l1 i=1 SKIDi .P = H1 (UIDi ) .Pubk + RIDi (1)
sw .P = (H2 (IDO , IDP , aw , X) Moreover, there may be a number λ ∈ Zq∗ such that Q = λ.P
to hold the following equation:
. (H1 (IDO ) . Pubk + RIDO ) + X) . (2)
Δ.sw .P = = Δκ3 .λ.Q. (8)
The correction of (1) is as follows:
SKIDi .P = H1 (UIDi ) .Pubk + RIDi From (8), λ = Δ.sw /Δκ3 may be computed to solve the
EC-DLP problem on G, which is contradicted to the hardness
= rIDi .P + s.H1 (UIDi , RIDi ) .P assumption of EC-DLP.
= RIDi + H1 (UIDi , RIDi ) .Pubk . Theorem 4: Assume that ADv wishes to win Game1 and
Game2 in the security proof with a probability , i.e., nonnegli-
Subsequently, the correction of (2) can be described as gible. Thus, a simulation SM is constructed to solve the problem
follows: of nonnegligible .
sw = (r + H2 (IDO , IDP , aw , X) .skIDO ) .P Game1 : Suppose ADv may wish to tamper with the medical
file to outsource the data-block into MCS , then it may further
= r.P + (H2 (IDO , IDP , aw , X)) . (rIDO lead ADv to forge the audit proof P, i.e., to verify the integrity
+s.H1 (UIDO , RIDO )) P of data.
CR attempts to receive CHAL = {θ, Key } from TA . As-
= X + (H2 (IDO , IDP , aw , X)) . (H1 (UIDO , RIDO ) .Pubk sume that ADv may wish to forge P ∗ = (ρ∗ , K, ζ) ,
+RIDO ) . where ρ∗ = ρ, ρ∗ = {ρ∗1 , ρ∗2 , ρ∗3 , . . . . . . , ρ∗m ,} , and ρ∗j =
i=lθ
∗
i=l1 γi .fi,j , ∀ j = 1, 2, 3, . . . . . . , m. Assume that there

VI. SECURITY PROOF ∗
may be a data block likely to replace by ADv such that fi,j =

∗
This section has two security proofs to verify the security fi,j . Then, there may be a case like Δfi,j = fi,j − fi,j =
feature such as unforgeability and privacy preservation in terms 0 and Δ ρj = ρ∗j − ρj =, where j = 1, 2, 3, . . . . . . , m.
of proxy authorization, and data auditing. Moreover, the infor- Hence, the audit proof P ∗ = {ρ∗ , K, ζ} may compute the
mal analysis is shown to prove the security efficiencies of the following equation to hold the audit process:
proposed ID-PAOPA in terms of identity privacy preservation,
ζ.P = K + (Z1∗ − Z2 + Z3 ) (κ2 (RP + κ1 .Pubk ) + Y )
batch auditing, public verifiability, and corrective storage.
(9)
where Z1∗ = m j=1 γj .ρ∗j ∈ Zq . The following equation may
A. Formal Security Proof
express as
Theorem3: The proposed ID-PAOPA scheme fulfills the ⎛
m
unforgeability feature of proxy authorization if the hardness
ζ.P = K + ⎝ γj .ρ∗j
problem of EC-DLP is preferred.
Proof: Assume that ADv forges the information of proxy au- j =1
∗ ∗ ∗
thorizer {sw , X , aw , RIDO } and sends the parameters to UPA , −Z2 + Z3 ) (κ2 (RP + κ1 .Pubk ) + Y ) . (10)
where sw = s∗w and aw = a∗w . Suppose Δ. sw = sw − s∗w =
0, then the forged information s∗w may equalize with the follow- Since MCS may generate a valid audit proof P = (ρ, K, ζ) to
ing equation to hold the audit process: challenge CHAL = {θ, Key } that satisfies ζ.P = K +
Z(κ2 (RP + κ1 .Pubk ) + Y ) to express the following equation:
sw .P = (κ∗3 (H1 (IDO ) . Pubk + RIDO ) + X) (3) ⎛
m
where κ∗3 = H2 (IDO , IDP , a∗w , X).
ζ.P = K + ⎝ γi .ρ∗j
Since (IDO , IDP , aw , X) is preferable information for proxy
j =1
authorization, i.e., from UDO , it has a chance to validate the
following equation to hold the constraint −Z2 + Z3 ) (κ2 (RP + κ1 .Pubk ) + Y ) (11)
s∗w .P = (κ3 (H1 (IDO ) . Pubk + RIDO ) + X) . (4)
m
where Z1 = γi .ρj ∈ Zq .
Deducting (4) and (2), (5) may be obtained as follows: j=1
(sw − s∗w ) .P = (κ3 − κ∗3 ) (H1 (IDO ) . Pubk + RIDO ) + X. ⎛

m

(5) ζ.P = K + ⎝ γj .ρj
Suppose Δ κ3 = (κ3 − κ∗3 ) = 0, it may obtain that j =1
Δsw .P = Δκ3 . (H1 (IDO ) . Pubk + RIDO ) . (6) −Z2 + Z3 ) (κ2 (RP + κ1 .P ubk ) + Y ) (12)
Since G is an additive cyclic group with prime order q and
Deducting (12) and (11), the following equation may be
key generator P , Q = (κ1 Pubk + RIDO ) is actually become
obtained:
an element in G. Hence, it can be concluded in the following
m

equation to hold the audit process that
γj . ρj − ρ∗j κ2 (RP + κ1 .Pubk ) + Y = 0. (13)
Δ.sw .P = = Δκ3 .Q. (7) j =1
It is now set w = (κ2 (RP + κ1 .Pubk ) + Y ) to obtain the From (23), l = Δζ/Δk may be computed to solve the EC-
following equation: DLP problem on G, which has a contradictory assumption with
m EC-DLP.

Δγi .ρj .w = 0. (14) Theorem 5: Assume that the proposed ID-PAOPA wishes
i=1 to achieve the property of privacy preservation that holds the
hardness assumption of EC-DLP.
Since G is an additive cyclic group with prime order q and Proof: Assume that ADv tries to capture the valid
key generator P for any parameters X, Y ∈ G, d = Zq∗ actually information, i.e., {sw , X, aw , RIDO } from UDO , then
exist as an element in G such that X = d.Y . Given X, Y ∈ {s∗w , X ∗ , a∗w , RIDO } may return the forged warrant to UP A ,
G, every {γj .w} may generate γj .w = (μj .X + ωj .Y ), i.e., where sw = s∗w and aw = a∗w . However, we may forge the
μj , ωj ∈ Zq∗ to obtain the following equation: signed information Δ sw = (sw − s∗w ) to pass the proxy
Δγi .ρj .w = Δμj .ρj .X + Δωj .ρj .Y. (15) authorization.
From (15), the following equation may be derived: s∗w .P = H2∗ (H1 . Pubk + RIDO ) + X, H1 = (H1 (IDO )) ,
m
m
m
and H2∗ = H2 (IDO , IDP , a∗w , X) .
Δγj .ρj .w = Δμj .ρj .X + Δωj .ρj .Y. (16) (24)
j =1 j =1 j =1
(IDO , IDP , aw , X) uses a valid warrant to satisfy the follow-
From (14) and (16), the following equation can be derived: ing equation:
m
m

Δμj .ρj .X + Δωj .ρj .Y = 0. (17) sw .P = H2 (H1 . Pubk + RIDO ) + X, H1 = (H1 (IDO )) ,
j =1 j =1 and H2 = H2 (IDO , IDP , a∗w , X) .
Moreover, it can further be obtained as (25)
⎛ ⎞
m m
According to (25), the following equation may be obtained:
X = −⎝ Δωj .ρj / Δμj .ρj ⎠ .Y. (18)
(sw − s∗w ) .P = (H2 − H2∗ ) . (H1 . Pubk + RIDO ) (26)
j =1 j =1
Δsw .P = ΔH2 (H1 . Pubk + RIDO ) (27)
Thus, ADv may solve the difficulty of EC-DLP, which has a
contradictory issue of EC-DLP hardness. where ΔH2 = (H2 − H2∗ ) = 0. Since G is an additive cyclic
Game2 : Assume that ADv tries to change or replace the group with prime order q, key generator P , Pubk = s.P and
aggregate signature {K, ζ} to forge the audit proof to authorize RIDO = rIDO .P are actually preferred as an element in G =
the data integrity. {P } to set Z = H1 . Pubk + RIDO ∈ G. Hence, the hardness
CR attempts to receive CHAL = {θ, Key } from TA that of EC-DLP assumption between P and Z may be solved as
may successfully forge the audit proof P ∗ = (ρ, K∗ , ζ ∗ ) where z = Δsw /ΔH2 such that Z = z.P .
(K∗ , ζ ∗ ) = (K, ζ). There is a parameter, i.e., K∗ = K, that forges Hence, the proposed ID-PAOPA may guarantee that no out-
the audit proof P ∗ = (ρ, K∗ , ζ ∗ ) to hold the following equation: sider can generate a legal signature warrant or can impersonate
as a legal owner to verify the medical file over cloud M-CPS.
ζ ∗ .P = K∗ + Z (κ2 (RP + κ1 .Pubk ) + Y ) . (19)
Since MCS generates a valid proof for CHAL = B. Informal Security Analysis
{θ, Key }, i.e., from TA , the following equation may obtain to The major security goals are as follows.
hold 1) Identity Privacy Preservation: In the proposed ID-
ζ.P = K + Z (κ2 (RP + κ1 .Pubk ) + Y ) . (20) PAOPA, TA generates α = {α1 , α2 , . . . . . . , αm } and β =
{β1 , β2 , . . . . . . , βn } to compute a set of the valid sig-
Deducting (20) and (19), the following equation may be nature warrant, which uses κ1 = H1 (IDP , RP ) and κ2 =
obtained: H3 (IDO , IDP , aw , sw , Y ) to preserve the patient identities
UIDi . However, the generated signatures cannot be utilized
(ζ ∗ − ζ) .P = (K∗ − K) . (21)
to gain access to the medical file fi expressed as fi =
It is now set Δζ = (ζ ∗ − ζ) to obtain the following equation: {fi,1 , fi,2 , . . . , fi,m } ∈ Zqm , which has a unique tag IT to
differentiate the storage file in cloud M-CPS. Moreover, the
Δζ.P = (K∗ − K) . (22) external entities such as trusted auditors and cloud-server cannot
Since G is an additive cyclic group with prime order q and key obtain a valid signature of UDO to generate the file information
generator P , Δζ.P = (K∗ − K) ∈ G actually exists without F that may eventually outsource the confidential parameters
generality loss. Hence, Δkl.P = (K∗ − K) is set to obtain the to MCS . As a result, the integrity of IT can be maintained
following equation: between UDO and UPA to generate a signed private-key Spk .
Hence the proposed ID-PAOPA claims the property of privacy
Δζ.P = Δkl.P. (23) preservation.
TABLE IV TABLE V
IMPORTANT NOTATIONS OF PROPOSED ID-PAOPA COMPUTATION COSTS OF PROXY AUTHORIZATION AND SIGNATORY
WARRANT
2) Batch Auditing: The proposed ID-PAOPA has a possibility

of data-block dij , which uses CHR to invoke the signature in place of data-owner. Importantly, the proxy IDP validates
algorithm to generate a valid signature. After a successful veri- the signature sw over aw to generate a signed private key Spk .
fication, the owner identity IDO of UDO and proxy identity IDP Finally, using Spk , IDP may generate a set of signatures for the
of UP uses the system Param to describe the relevant information primary medical file provided by the data owner. However, the
of warrant authority aw . As a result, the proposed ID-PAOPA existing mechanisms [18], [24] directly use Spk to produce a
can ensure the batch auditing of multiple data-block dij . set of signatures agreements leading to misapply the attack, i.e.,
3) Public Verifiability: The proposed ID-PAOPA re-
delegation.
ceives the system parameters Proof = {ρ, Q, ζ, IT } and Table VI summarizes the comparison of audit timing in terms
{sw , X, aw , RIDO } to test the integrity of data between of proxy verification, integrity verification, and audit timing.
UDO and UPA through TA without any additional computation From Table VI, it is noted that the proposed ID-PAOPA con-
complexity. Thus, the proposed ID-PAOPA achieves a property sumer has a very less timing cost than other protocols [18], [24].
of public verifiability. In specific, while increasing the medical data block to 600, the
4) Corrective Storage: The proposed ID-PAOPA includes
audit timing of Wang et al. [18] is 20 times and Wang et al. [24]
the proxy authorizer UPA computes the message authentication are 17 times faster than the proposed ID-PAOPA. It is evident that
code σi = βi + m i = 1 γi .fi,j for every medical file fi . Since it may grow more according to the number of available medical
MCS generates the response proof for the medical data-block, the data blocks. However, the proposed ID-PAOPA may balance the
storage of data file cannot be forged easily to satisfy the property overload as it is based on elliptic-curve cryptography.
of nonforgeability. As a result, the proposed ID-PAOPA achieves
a property of non-forgeability.
B. Analysis II: Simulation Analysis
VII. PERFORMANCE COMPARISON This section demonstrates the examination results of the
proposed ID-PAOPA and other existing schemes [18], [24]. In
This section includes the existing auditing schemes to com-
the analysis, the quality metrics such as lightweight, privacy
pare the auditing time and computation overhead. Table IV de-
protection, and batch auditing are chosen to analyze the system
notes the important notation used. To examine the computation
performance. A dedicated Linux platform is preferred to con-
cost, a Linux server equipping with IntelCoreTM i5-10300H at
struct a network. It has a clock speed of 4.5 GHz to examine
the clock speed of 4.5 GHz and 8 GBRAM was chosen. The
the transmission speed including uploading and downloading
proposed and existing algorithms use the library, i.e., Version
at the rate of ∼ 1.2Mb/s. To examine the system factors, pro-
5.6.1 to implement the codes using C language.
cedural programming known as C language is utilized. It uses
the MIRACL library, free pairing-based cryptography, and GNU
A. Analysis I: Computation Cost and Audit Timing multiple precision arithmetic GMP library to analyze the quality
The elliptic curve uses Miyaji, Nakabayashi, and Takano metrics. In order to find the average value, the proposed ID-
that have base field and embedded degree, i.e., 159 b and PAOPA and other existing schemes [18], [24] run ∼ 100times.
6, respectively. The security level is set to test the challenge Most of the existing schemes have some resource-constrained
message, i.e., 80 b such that |δi | = 80 b and |p| = 160 b. The features such as limited energy, computation capability, power
experiment results are examined to test 30 trials on average. storage, and restricted storage to mitigate the workloads of the
Table IV summarizes the computation costs of proxy autho- computing devices.
rization and signatory warrant. From Table V, it is observed As a result, the proposed ID-PAOPA utilizes lightweight
that the proposed ID-PAOPA consumes less computation cost of operations to reduce the device workloads which allow the
proxy authorization in comparison with other existing protocols trusted parties to generate the meta dataset for the authenticated
[18], [24]. Moreover, the proposed ID-PAOPA uses a signature users. Since it has powerful computation capability, it can easily
warrant of proxy authorization to validate whether the proxy process the data files such as blind and block to mitigate the
processes the medical data to outsource it to cloud M-CPS, i.e., computation complexity of the user devices. Moreover, it has
TABLE VI
COMPARISON OF AUDIT TIMING IN TERMS OF PROXY VERIFICATION, INTEGRITY VERIFICATION, AND AUDIT TIMING
Fig. 5. Timing cost of storage phase sec.

Fig. 4. Timing cost of device’s workload sec.
a cloud auditing scheme to examine the cost of execution time.

Fig. 4 shows the timing cost of device workload sec. It is shown
that the proposed ID-PAOPA has less timing cost than the other
existing schemes [18], [24].
It is worthy to note that the timing cost is more signifi-
cant when the data blocks increase in count. In the proposed
ID-PAOPA, the entities such as trusted auditors and medical
cloud-server have a powerful computation capability to reduce
the device workload. Hence, it does not incur any excessive
computation in the process of a cloud storage system referring
to the computation and communication cost of the computing
devices. Since the proposed ID-PAOPA is based on pairing-free,
Fig. 6. Timing cost of auditing phase sec.
it can easily reduce the computing resource of mobile devices.
It uses public auditing to generate a meta dataset of the au-
thenticated devices. Unfortunately, the existing schemes [18],
[24] apply a large amount of bilinear pairing to incur more time mechanism to protect the data privacy of the computing devices
consumption. The examination result reveals that the proposed as shown in Fig. 5.
ID-PAOPA saves the timing cost than the other existing protocols The third quality metric is batch auditing which can concur-
to meet the standard constraints of smart application systems. rently process the multiple auditing tasks of the trusted auditors.
The second quality metric is privacy-protection which uses It can analyze the batch auditing to verify the process of different
real-time entities such as trusted auditors and medical cloud- computing tasks. Moreover, it can greatly save the consump-
server to examine the privacy information of the devices. The tion time of auditing tasks to improve system efficiency. The
cloud storage adopts proxy outsourcing to hide the data blocks comparison of timing cost presents the efficiency rate of batch
which can even protect the data transmission between trusted auditing over the number of audit tasks. As shown in Fig. 6, the
auditors and medical cloud-server. In order to protect the pri- proposed ID-PAOPA achieves a better efficiency rate than the
vacy information, a hypothetical strategy such as proxy key-gen other existing mechanisms [18], [24]. The examination includes
is applied. The examination result reveals that the proposed 500 auditing tasks to analyze the system responses, which
ID-PAOPA has less computation complexity than the existing verify the quantities of pairing operations.
VIII. CONCLUSION [16] J. Wurm et al., “Introduction to cyber-physical system security: A cross-
layer perspective,” IEEE Trans. Multi-Scale Comput. Syst., vol. 3, no. 3,
In this article, a practical ID-PAOPA was proposed for cloud- pp. 215–227, Jul.–Sep. 2017.
based M-CPS. It used a technique of lightweight identity-based [17] W. Shen, J. Qin, J. Yu, R. Hao, and J. Hu, “Enabling identity-based integrity
auditing and data sharing with sensitive information hiding for secure cloud
system to prevent the occurrence of certificate management. storage,” IEEE Trans. Inf. Forensics Secur., vol. 14, no. 2, pp. 331–346,
Specifically, it used a signature warrant of proxy authorization Feb. 2019.
to validate whether the proxy processed the medical data to out- [18] Y. Wang, Q. Wu, B. Qin, W. Shi, R. H. Deng, and J. Hu, “Identity-based
data outsourcing with comprehensive auditing in clouds,” IEEE Trans. Inf.
source it to cloud M-CPS, i.e., in place of data owner. Moreover, Forensics Secur., vol. 12, no. 4, pp. 940–952, Apr. 2017.
a trusted auditor was employed to perform integrity verification [19] Y. Yu et al., “Identity-based remote data integrity checking with perfect
of the data owner not including the entire medical file. The data privacy preserving for cloud storage,” IEEE Trans. Inf. Forensics
Secur., vol. 12, no. 4, pp. 767–778, Apr. 2017.
proposed ID-PAOPA uses EC-DLP to demonstrate that it can [20] R. Vinuesa et al., “The role of artificial intelligence in achieving the
guarantee security properties such as unforgeability and privacy sustainable development goals,” Nature Commun., vol. 11, no. 1, pp. 1–10,
preservation. Finally, the performance analysis shows that the 2020.
[21] A. Humayed, J. Lin , F. Li, and B. Luo, “Cyber-physical systems security—
proposed ID-PAOPA consumes less computation and timing A survey,” IEEE Internet Things J., vol. 4, no. 6, pp. 1802–1831, Dec. 2017.
costs than other existing schemes to comply with cloud-based [22] Y. Ashibani and Q. H. Mahmoud, “Cyber physical systems security:
M-CPS. In the future, superior functionalities, such as proxy re- Analysis, challenges and solutions,” Comput. Secur., vol. 68, pp. 81–97,
2017.
encryption and hierarchical access control, will be incorporated [23] S. Lee, S. Lee, H. Yoo, S. Kwon, and T. Shon, “Design and implementation
to fulfill the comprehensive requirements of M-CPS. of cybersecurity testbed for industrial IoT systems,” J. Supercomput.,
vol. 74, no. 9, pp. 4506–4520, 2018.
[24] H. Wang, D. He, and S. Tang, “Identity-based proxy-oriented data upload-
REFERENCES ing and remote data integrity checking in public cloud,” IEEE Trans. Inf.
Forensics Secur., vol. 11 no. 6, pp. 1165–1176, Jun. 2016.
[1] P. K. R. Maddikunta et al., “Industry 5.0: A survey on enabling technolo-
[25] Y. Zhang, C. Xu, X. Liang, H. Li, Y. Mu, and X. Zhang, “Efficient
gies and potential applications,” J. Ind. Inf. Integr., 2021, Art. no. 100257,
public verification of data integrity for cloud storage systems from in-
doi: 10.1016/j.jii.2021.100257.
distinguishability obfuscation,” IEEE Trans. Inf. Forensics Secur., vol. 12,
[2] R. Vinuesa et al., “The role of artificial intelligence in achieving the
no. 3, pp. 676–688, Mar. 2017.
sustainable development goals,” Nature Commun., vol. 11, no. 1, pp. 1–10,
[26] D. He, S. Zeadally, and L. Wu, “Certificateless public auditing scheme for
2020.
cloud-assisted wireless body area networks,” IEEE Syst. J., vol. 12, no. 1,
[3] S. Š. Žižek, Z. Nedelko, M. Mulej, and Ž. V. Čič, “Key performance
pp. 64–73, Mar. 2015.
indicators and industry 4.0 – A socially responsible perspective,” Naše
[27] X. Zhang, C. Xu, Y. Zhang, and C. Jin, “Efficient integrity verification
Gospodarstvo/Our Economy, vol. 66, no. 3, pp. 22–35, 2020.
scheme for medical data records in cloud-assisted wireless medical sensor
[4] D. B. Deebak and F. Al-Turjman, “Lightweight privacy-aware secure
networks,” Wireless Pers. Commun., vol. 96, no. 2, pp. 1819–1833, 2017.
authentication scheme for cyber-physical systems in the edge intelligence
[28] J. Zhang, B. Wang, D. He, and X. A. Wang, “Improved secure fuzzy
era,” in Concurrency Comput., Pract. Experience, 2021, Art. no. e6510,
auditing protocol for cloud data storage,” Soft Comput., vol. 23, no. 10,
doi: 10.1002/cpe.6510.
pp. 3411–3422, 2019.
[5] B. D. Deebak, F. Al-Turjman, M. Aloqaily, and O. Alfandi, “An authentic-
[29] H. Zhong, Y. Zhou, Q. Zhang, Y. Xu, and J. Cui, “An efficient
based privacy preservation protocol for smart e-healthcare systems in IoT,”
and outsourcing-supported attribute-based access control scheme for
IEEE Access, vol. 7, pp. 135632–135649, 2019.
edge-enabled smart healthcare,” Future Gener. Comput. Syst., vol. 115,
[6] N. Dey, A. S. Ashour, F. Shi, S. J. Fong, and J. M. R. Tavares, “Medical
pp. 486–496, 2021.
cyber-physical systems: A survey,” J. Med. Syst., vol. 42, no. 4, pp. 1–13,
[30] S. F. Aghili, H. Mala, M. Shojafar, and P. Peris-Lopez, “LACO:
2018.
Lightweight three-factor authentication, access control and ownership
[7] S. Chen, M. Ma, and Z. Luo, “An authentication scheme with identity-
transfer scheme for e-health systems in IoT,” Future Gener. Comput. Syst.,
based cryptography for M2M security in cyber-physical systems,” Secur.
vol. 96, pp. 410–424, 2019.
Commun. Netw., vol. 9, no. 10, pp. 1146–1157, 2016.
[8] Q. Huang, Y. He, W. Yue, and Y. Yang, “Adaptive secure cross-
cloud data collaboration with identity-based cryptography and condi-
tional proxy re-encryption,” Secur. Commun. Netw., vol. 2018, 2018,
Art. no. 8932325. Fadi Al-Turjman received the Ph.D. degree
[9] C. Wang, S. S. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-preserving in computer science from Queen’s University,
public auditing for secure cloud storage,” IEEE Trans. Comput., vol. 62, Kingston, ON, Canada, in 2011.
no. 2, pp. 362–375, Feb. 2013. He is currently a Professor with Near East
[10] Z. Xu, D. He, H. Wang, P. Vijayakumar, and K. K. R. Choo, “A novel proxy- University, Nicosia, Turkey. He is a leading au-
oriented public auditing scheme for cloud-based medical cyber physical thority in the areas of smart/cognitive, wireless,
systems,” J. Inf. Secur. Appl., vol. 51, 2020, Art. no. 102453. and mobile networks’ architectures, protocols,
[11] Y. Zhang, C. Xu, H. Li, K. Yang, J. Zhou, and X. Lin, “HealthDep: deployments, and performance evaluation. His
An efficient and secure deduplication scheme for cloud-assisted eHealth publication history spans more than 400 publi-
systems,” IEEE Trans. Ind. Informat., vol. 14, no. 9, pp. 4101–4112, cations in journals, conferences, patents, books,
Sep. 2018. and book chapters.
[12] Z. Xu, L. Wu, M. K. Khan, K.-K. R. Choo, and D. He, “A secure and
efficient public auditing scheme using rsa algorithm for cloud storage,” J.
Supercomput., vol. 73, no. 12, pp. 5285–309, 2017. B D Deebak received the Ph.D. degree in com-
[13] X. Zhang, J. Zhao, C. Xu, H. Wang, and Y. Zhang, “DOPIV: Post- puter science from SASTRA Deemed Univer-
quantum secure Identity-based data outsourcing with public integrity sity, Thanjavur, India, in 2016.
verification in cloud storage,” IEEE Trans. Serv. Comput., to be published, He is currently an Associate Professor with
doi: 10.1109/TSC.2019.2942297. the Department of Computational Intelligence,
[14] P. Shabisha, A. Braeken, A. Touhafi, and K. Steenhaut, “Elliptic curve School of Computer Science and Engineering,
Qu-VanStone based signcryption schemes with proxy re-encryption for Vellore Institute of Technology, Vellore, India. He
secure cloud data storage,” in Proc. Int. Conf. Cloud Comput. Technol. is an Active Member in professional societies
Appl., 2017, pp. 1–18. like IE (I), CSI, and ISTE. His research interests
[15] Q. Chen, Z. Huang, Y. Ding, Y. Zhou, and H. Huang, “A new provably include multimedia networks, network security,
secure identity-based multi-proxy signature scheme,” in Proc. Int. Symp. Internet of Things, and machine learning.
Cybersp. Saf. Secur., 2019, pp. 230–242.

A Proxy-Authorized Public Auditing Scheme For Cyber-Medical Systems Using AI-IoT

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

A Proxy-Authorized Public Auditing Scheme For Cyber-Medical Systems Using AI-IoT

Uploaded by

Copyright:

Available Formats

IEEE TRANSACTIONS ON INDUSTRIAL INFORMATICS, VOL. 18, NO.

8, AUGUST 2022 5371