AbuAlghanam Orieb, Alazzam Hadeel, Almobaideen Wesam, Saadeh Maha, Saadeh Heba
Department of Computer Science, The University of Jordan, Amman 77110, Jordan.
Department of Information Technology, Yarmouk University, Irbid 21110, Jordan.
Sensors (Basel). 2025 Apr 8;25(8):2357. doi: 10.3390/s25082357.
Ensuring secure communication for mobile patients in e-healthcare requires an efficient and robust key distribution mechanism. This study introduces a novel hierarchical key distribution architecture inspired by federated learning (FL), enabling seamless authentication for patients moving across different healthcare centers. Unlike existing approaches, the proposed system allows a central healthcare authority to share global security parameters with subordinate units, which then combine these with their own local parameters to generate and distribute symmetric keys to mobile patients. This FL-inspired method ensures that patients only need to store a single key, significantly reducing storage overhead while maintaining security. The architecture was rigorously evaluated using SPAN-AVISPA for formal security verification and BAN logic for authentication protocol analysis. Performance metrics-including storage, computation, and communication costs-were assessed, demonstrating that the system minimizes the computational load and reduces the number of exchanged messages during authentication compared to traditional methods. By leveraging FL principles, the solution enhances scalability and efficiency, particularly in dynamic healthcare environments where patients frequently switch between facilities. This work bridges a critical gap in e-healthcare security, offering a lightweight, scalable, and secure key distribution framework tailored for mobile patient authentication.
在电子医疗保健中确保移动患者的安全通信需要一种高效且强大的密钥分发机制。本研究引入了一种受联邦学习(FL)启发的新型分层密钥分发架构,可为跨不同医疗中心移动的患者实现无缝认证。与现有方法不同,所提出的系统允许中央医疗保健机构与下属单位共享全局安全参数,然后下属单位将这些参数与自身的本地参数相结合,为移动患者生成并分发对称密钥。这种受FL启发的方法确保患者只需存储单个密钥,在保持安全性的同时显著降低了存储开销。使用SPAN - AVISPA进行了严格的形式安全验证,并使用BAN逻辑进行了认证协议分析。评估了包括存储、计算和通信成本在内的性能指标,结果表明与传统方法相比,该系统在认证过程中最大限度地减少了计算负载并减少了交换消息的数量。通过利用FL原理,该解决方案提高了可扩展性和效率,特别是在患者经常在不同医疗机构之间切换的动态医疗环境中。这项工作弥合了电子医疗保健安全方面的一个关键差距,提供了一个专为移动患者认证量身定制的轻量级、可扩展且安全的密钥分发框架。