In this paper, a session resumption-based end-to-end security scheme for healthcare Internet of things (IoT) is pro-posed. The proposed scheme is realized by employing certificate-based DTLS handshake between end-users and smart gatewaysas well as utilizing DTLS session resumption technique. Smartgateways enable the sensors to no longer need to authenticateand authorize remote end-users by handing over the necessarysecurity context. Session resumption technique enables end-usersand medical sensors to directly communicate without the needfor establishing the communication from the initial handshake. Session resumption technique has an abbreviated form of DTLShandshake and neither requires certificate-related nor public-keyfuntionalities. This alleviates some burden of medical sensors tono longer need to perform expensive operations. The energy-performance evaluations of the proposed scheme are evaluatedby developing a remote patient monitoring prototype based onhealthcare IoT. The energy-performance evaluation results showthat our scheme is about 97% and 10% faster than certificate-based and symmetric key-based DTLS, respectively. Also, thecertificate-based DTLS consumes about 2.2X more RAM and2.9X more ROM resources required by our scheme. While, ourscheme and symmetric key-based DTLS have almost similarRAM and ROM requirements. The security analysis reveals thatthe proposed scheme fulfills the requirements of end-to-end security and provides higher security level than related approachesfound in the literature. Thus, the presented scheme is a well-suited solution to provide end-to-end security for healthcare IoT.
展开▼