Secure Multi-access in Fog-based IoMT leveraging Hybrid ZKPs and ABE

Secure Multi-access in Fog-based IoMT leveraging Hybrid ZKPs and ABE | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Secure Multi-access in Fog-based IoMT leveraging Hybrid ZKPs and ABE Do Tran Quang, Khanh Doan Minh, Kiet Nguyen Ngoc, Quan Nguyen Minh, and 1 more This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-6908035/v1 This work is licensed under a CC BY 4.0 License Status: Under Revision Version 1 posted 9 You are reading this latest preprint version Abstract The development of technology allows health monitoring devices to integrate multiple sensors, collect various measurement signals, and increase wireless communication time to data analysis centers. Additionally, the digitization of medical records in healthcare facilities, including patient records and personal health profiles, has transitioned to digital records stored in large data centers. However, ensuring security for data sharing between layers of healthcare data management is crucial to maintain data confidentiality, integrity, and availability. In this study, we address the primary challenges in data sharing within the network connecting smart medical devices and healthcare applications, commonly referred to as the Internet of Medical Things (IoMT). The IoMT network is layered, ranging from the physical layer of data-collecting devices to storage, through the fog layer, and the storage layer on cloud servers. In the proposed work, we evaluated and analyzed authentication risks and security attacks between IoMT layers. Subsequently, we proposed secure authentication solutions utilizing Attribute-Based Encryption (ABE) and zero-knowledge proof (ZKP). ABE ensures data protection and access control; therefore, we explored advanced ABE methods, such as Ciphertext-Policy ABE (CP-ABE), to construct access policies and effectively synchronize secret session keys. Moreover, to enhance privacy and security, we have integrated non-interactive zero-knowledge proof (NIZKP) techniques, which offer anonymous authentication and secret data verification without disclosing identities. NIZKP facilitates distributed authentication, reducing reliance on trusted third parties and broadening the scope of application in authenticating distributed systems. Experimental evaluations confirm that integrating ABE with NIZK proofs creates an efficient protocol for authentication and session key exchange in the communication and data-sharing layers of the IoMT network. The results demonstrate that the proposed scheme performs favorably in terms of computational cost and communication efficiency. Moreover, the security evaluation indicates that the system effectively mitigates distributed denial-of-service (DDoS) attacks and maintains resilience against both external and internal collusion security threats. Full Text Additional Declarations No competing interests reported. Cite Share Download PDF Status: Under Revision Version 1 posted Editorial decision: Revision requested 05 Sep, 2025 Reviews received at journal 04 Sep, 2025 Reviews received at journal 24 Aug, 2025 Reviewers agreed at journal 19 Jul, 2025 Reviewers agreed at journal 10 Jul, 2025 Reviewers invited by journal 10 Jul, 2025 Editor assigned by journal 02 Jul, 2025 Submission checks completed at journal 24 Jun, 2025 First submitted to journal 16 Jun, 2025 You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-6908035","acceptedTermsAndConditions":true,"allowDirectSubmit":false,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":475607910,"identity":"58236683-8114-4e2b-9a08-ce4c3f2672d9","order_by":0,"name":"Do Tran Quang","email":"","orcid":"","institution":"Hanoi University of Science and Technology","correspondingAuthor":false,"prefix":"","firstName":"Do","middleName":"Tran","lastName":"Quang","suffix":""},{"id":475607911,"identity":"f04f01ce-f94b-4eb4-87b6-548297face0d","order_by":1,"name":"Khanh Doan Minh","email":"","orcid":"","institution":"Hanoi University of Science and Technology","correspondingAuthor":false,"prefix":"","firstName":"Khanh","middleName":"Doan","lastName":"Minh","suffix":""},{"id":475607912,"identity":"5135fda3-8cb1-4c90-97ac-75382e4c84de","order_by":2,"name":"Kiet Nguyen Ngoc","email":"","orcid":"","institution":"Hanoi University of Science and Technology","correspondingAuthor":false,"prefix":"","firstName":"Kiet","middleName":"Nguyen","lastName":"Ngoc","suffix":""},{"id":475607913,"identity":"ba46885a-09c5-4d87-88d7-d79867a30aa6","order_by":3,"name":"Quan Nguyen Minh","email":"","orcid":"","institution":"Hanoi University of Science and Technology","correspondingAuthor":false,"prefix":"","firstName":"Quan","middleName":"Nguyen","lastName":"Minh","suffix":""},{"id":475607914,"identity":"d0b6c2fd-2f6e-495f-82da-d04bd9c94159","order_by":4,"name":"Hue Ta Thi Kim","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA/0lEQVRIiWNgGAWjYBACAyidwMbD2MDwsQHCkyCo5QCDAVgL40ygFh6itYCUMvMSo8VcIvkA84eaP3l8PIdbN9vuOGxvz8B88DYPw+E8XFosZ6QlMBw4ZlDMxtvYdjv3zOHEHga2ZGuglmKcDruRY8BwgM0gsY2fEail7XACDwOPmTQPQ1piA04t+R8YDvyDarFsO2zPw8D/jYCWHAaGg21ALSCHMbYdZuxh4GEDarHBreXMM4MDZ/uME9t4Drbd7G1LT+w5zGZsOccAj5bjyQ8fVHyTS5zfk/7sxs82a3v29uaHN95USODUAgIHULnMYKPwqB8Fo2AUjIJRQBAAACVYWDZvhNqtAAAAAElFTkSuQmCC","orcid":"","institution":"Hanoi University of Science and Technology","correspondingAuthor":true,"prefix":"","firstName":"Hue","middleName":"Ta Thi","lastName":"Kim","suffix":""}],"badges":[],"createdAt":"2025-06-16 18:38:16","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-6908035/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-6908035/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":85815415,"identity":"bfe43e66-83cc-473d-87cc-eabbaae4bd56","added_by":"auto","created_at":"2025-07-02 05:11:30","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":22252092,"visible":true,"origin":"","legend":"","description":"","filename":"FogbasedSpringer2.pdf","url":"https://assets-eu.researchsquare.com/files/rs-6908035/v1_covered_aaece5b9-975e-40d5-b1a6-04f9c363f5bb.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"Secure Multi-access in Fog-based IoMT leveraging Hybrid ZKPs and ABE","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":true,"hideJournal":false,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"international-journal-of-information-security","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"ijis","sideBox":"Learn more about [International Journal of Information Security](http://link.springer.com/journal/10207)","snPcode":"10207","submissionUrl":"https://submission.nature.com/new-submission/10207/3","title":"International Journal of Information Security","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"em","reportingPortfolio":"Springer Hybrid","inReviewEnabled":true,"inReviewRevisionsEnabled":false},"keywords":"","lastPublishedDoi":"10.21203/rs.3.rs-6908035/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-6908035/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"The development of technology allows health monitoring devices to integrate multiple sensors, collect various measurement signals, and increase wireless communication time to data analysis centers. Additionally, the digitization of medical records in healthcare facilities, including patient records and personal health profiles, has transitioned to digital records stored in large data centers. However, ensuring security for data sharing between layers of healthcare data management is crucial to maintain data confidentiality, integrity, and availability. In this study, we address the primary challenges in data sharing within the network connecting smart medical devices and healthcare applications, commonly referred to as the Internet of Medical Things (IoMT). The IoMT network is layered, ranging from the physical layer of data-collecting devices to storage, through the fog layer, and the storage layer on cloud servers. In the proposed work, we evaluated and analyzed authentication risks and security attacks between IoMT layers. Subsequently, we proposed secure authentication solutions utilizing Attribute-Based Encryption (ABE) and zero-knowledge proof (ZKP). ABE ensures data protection and access control; therefore, we explored advanced ABE methods, such as Ciphertext-Policy ABE (CP-ABE), to construct access policies and effectively synchronize secret session keys. Moreover, to enhance privacy and security, we have integrated non-interactive zero-knowledge proof (NIZKP) techniques, which offer anonymous authentication and secret data verification without disclosing identities. NIZKP facilitates distributed authentication, reducing reliance on trusted third parties and broadening the scope of application in authenticating distributed systems. Experimental evaluations confirm that integrating ABE with NIZK proofs creates an efficient protocol for authentication and session key exchange in the communication and data-sharing layers of the IoMT network. The results demonstrate that the proposed scheme performs favorably in terms of computational cost and communication efficiency. Moreover, the security evaluation indicates that the system effectively mitigates distributed denial-of-service (DDoS) attacks and maintains resilience against both external and internal collusion security threats.","manuscriptTitle":"Secure Multi-access in Fog-based IoMT leveraging Hybrid ZKPs and ABE","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2025-07-02 05:01:57","doi":"10.21203/rs.3.rs-6908035/v1","editorialEvents":[{"type":"communityComments","content":0},{"type":"decision","content":"Revision requested","date":"2025-09-06T03:32:00+00:00","index":"","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-09-04T06:12:36+00:00","index":"hide","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2025-08-24T15:10:34+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"240604638369708097103048765358265328646","date":"2025-07-19T10:39:31+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"265226786516630552934055627949220859131","date":"2025-07-10T13:40:22+00:00","index":"hide","fulltext":""},{"type":"reviewersInvited","content":"","date":"2025-07-10T08:13:27+00:00","index":"","fulltext":""},{"type":"editorAssigned","content":"","date":"2025-07-03T03:43:02+00:00","index":"","fulltext":""},{"type":"checksComplete","content":"","date":"2025-06-24T08:06:27+00:00","index":"","fulltext":""},{"type":"submitted","content":"International Journal of Information Security","date":"2025-06-16T18:28:29+00:00","index":"","fulltext":""}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"international-journal-of-information-security","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"ijis","sideBox":"Learn more about [International Journal of Information Security](http://link.springer.com/journal/10207)","snPcode":"10207","submissionUrl":"https://submission.nature.com/new-submission/10207/3","title":"International Journal of Information Security","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"em","reportingPortfolio":"Springer Hybrid","inReviewEnabled":true,"inReviewRevisionsEnabled":false}}],"origin":"","ownerIdentity":"0532593a-f27a-463b-b5b7-2b7fe61d6268","owner":[],"postedDate":"July 2nd, 2025","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"in-revision","subjectAreas":[],"tags":[],"updatedAt":"2025-09-06T03:38:17+00:00","versionOfRecord":[],"versionCreatedAt":"2025-07-02 05:01:57","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-6908035","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-6908035","identity":"rs-6908035","version":["v1"]},"buildId":"8U1c8b4HqxoKbykW_rLl7","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}