Nothing Special   »   [go: up one dir, main page]
Next Article in Journal
Advances in E-Health and Mobile Health Monitoring
Previous Article in Journal
0.5 V, nW-Range Universal Filter Based on Multiple-Input Transconductor for Biosignals Processing
You seem to have javascript disabled. Please note that many of the page functionalities won't work as expected without javascript enabled.
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Sensors
Volume 22
Issue 22
10.3390/s22228620
sensors-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Verifiable, Secure Mobile Agent Migration in Healthcare Systems Using a Polynomial-Based Threshold Secret Sharing Scheme with a Blowfish Algorithm

by
Pradeep Kumar
1,2,
Kakoli Banerjee
1,
Niraj Singhal
3,
Ajay Kumar
1,
Sita Rani
4,
Raman Kumar
5,* and
Cioca Adriana Lavinia
6
1
Department of Computer Science and Engineering, JSS Academy of Technical Education, Noida 201301, Uttar Pradesh, India
2
Institute of Engineering & Technology, Shobhit University, Meerut 250110, Uttar Pradesh, India
3
Department of Computer Science and Engineering, Chotu Ram Engineering College, Meerut 250001, Uttar Pradesh, India
4
Department of Computer Science and Engineering, Guru Nanak Dev Engineering College, Ludhiana 141006, Punjab, India
5
Department of Mechanical and Production Engineering, Guru Nanak Dev Engineering College, Ludhiana 141006, Punjab, India
6
CMI Cioca Adriana Lavinia, 22 Dorobantilor Street, 550231 Sibiu, Romania
*
Author to whom correspondence should be addressed.
Sensors 2022, 22(22), 8620; https://doi.org/10.3390/s22228620
Submission received: 21 September 2022 / Revised: 30 October 2022 / Accepted: 4 November 2022 / Published: 8 November 2022
(This article belongs to the Section Biomedical Sensors)
Browse Figures
Figure 1
<p>(<b>a</b>) Client–Server paradigm, (<b>b</b>) Mobile agent paradigm.</p> "> Figure 1 Cont.
<p>(<b>a</b>) Client–Server paradigm, (<b>b</b>) Mobile agent paradigm.</p> "> Figure 2
<p>Conventional and new threats in MAS [<a href="#B7-sensors-22-08620" class="html-bibr">7</a>].</p> "> Figure 3
<p>Advantages of mobile agents over conventional methods of protection.</p> "> Figure 4
<p>Main security threats to mobile agent technology.</p> "> Figure 5
<p>Mobile agent life-cycle [<a href="#B11-sensors-22-08620" class="html-bibr">11</a>].</p> "> Figure 6
<p>Applications of mobile agents in the healthcare domain.</p> "> Figure 7
<p>Application of a mobile agent in a road accident.</p> "> Figure 8
<p>Application of a mobile agent in an emergency.</p> "> Figure 9
<p>Security parameter.</p> "> Figure 10
<p>Blowfish encryption.</p> "> Figure 11
<p>Function description.</p> "> Figure 12
<p>Secure agent migration framework in the healthcare system.</p> "> Figure 13
<p>Secret sharing scheme.</p> "> Figure 14
<p>Comparison of average key generation and regeneration times.</p> "> Figure 15
<p>Comparison of best-case key generation and regeneration times.</p> "> Figure 16
<p>Execution times for the AES, DES, and blowfish algorithms.</p> ">
Review Reports Versions Notes

Abstract

:
A mobile agent is a software application that moves naturally among hosts in a uniform and non-uniform environment; it starts with one host and then moves onto the next in order to divide data between clients. The mobile paradigm is utilized in a wide assortment of medical care applications such as the medical information of a patient, the recovery of clinical information, the incorporation of information pertaining to their wellbeing, dynamic help, telemedicine, obtaining clinical data, patient administration, and so on. The accompanying security issues have grown in tandem with the complexity and improvements in mobile agent technologies. As mobile agents work in an insecure environment, their security is a top priority when communicating and exchanging data and information. Data integrity, data confidentiality and authentication, on-repudiation, denial of service, and access control, are all key security concerns with mobile agent migration. This paper proposes a Verifiable, Secure Mobile Agent Migration model, based on two polynomials (t, n), and an edge secret imparting plan with Blowfish encryption, to enable secure information transmission in clinical medical care.

1. Introduction

Mobile agents [1] are innovations that originated in two distinct disciplines. The first discipline concerns artificial intelligence, and the idea that an intelligent agent is created [2]. The second discipline concerns distributive computing, wherein a mobile agent is created via code mobility. A legitimate definition for mobile agents, regarding the two referenced disciplines, is that they are smart programming substances that can pause and resume their tasks automatically, on various platforms, in order to complete assigned tasks [3]. A relocating mobile agent undertakes a process that is independent; it can navigate its way through, and adapt to, a heterogeneous environment, moving from platform to platform, and interfacing with different mobile agents. Mobile agents automatically [4] decide where and when to migrate, and they may execute their task at anytime, or they may suspend the execution of that task altogether, move to another host, and proceed with executing the task on that host instead. Characteristics of mobile agents are:
  • Mobility: Mobile agents can freeze an operation on one platform and continue with the operation on another (i.e., inside a different region. This is often referred to as agent migration) [5].
  • Individualism: Each mobile agent is guided by a program that is especially written to achieve at least one goal. The operations of mobile agents are entirely governed by this code, with no direct intervention from other groups.
  • Reactivity: Mobile agents respond to environmental changes in order to accomplish their objectives.
  • Proactivity: Mobile agents change their current circumstances and they take a few attempts to accomplish their objectives.
  • Sociability refers to a mobile agent’s ability to interact with other mobile agents. This is important because some agents are only made aware of their present situation via communication with other agents.
The client–server paradigm and mobile agent paradigm are shown in Figure 1. Table 1 represents the difference between remote procedure calls and mobile agent technology.
Mobile agents roam around freely in a malicious environment; therefore, the chances of an attack on a mobile agent are high. Figure 2 shows the different types of conventional and new threat in mobile agent systems.
There are various advantages to the mobile agent paradigm shown in Figure 3. These include the fact that it is autonomous and self-driven, easily maintainable, fault-tolerant, parallel processing, dynamically adopted, it has a fever load on the network, there is less network delay, and it has a reduced compilation time.

1.1. Protection of Mobile Agents

A prime concern is the security of mobile agents [8]. The manner in which mobile agents work is shown in Figure 4. The security of mobile agents can be threatened via different dangerous assaults. Several types of attacks, including denial of service (DOS), masquerading, specialist and host cracking, renunciation, eavesdropping, information and data manipulation, and so on, are possible due to the mobile agents’ dynamic behavior.
Mobile agent technology suffers from security threats [9], which are divided into four main categories:
  • Assault from agents on platforms;
  • Agent-to-Agent Assaults;
  • Assault from platforms on agents;
  • Additional Assault to Agent Platform.
The challenges when implementing mobile agents include security risks [10], protection of hosts from malevolent specialists, protection of agents from noxious hosts, efficiency, flexibility, mobility, and standardization.

1.2. Mobile Agent Life-Cycle

The life-cycle of [7] the mobile agents (displayed in Figure 5) guarantees that they can adjust the climate (i.e., either at home or in an unfamiliar climate). They can switch between one hub and another, and they can hone in on their last result.
  • Creation: A new mobile agent is made, and the conditions of the mobile agent are initiated.
  • Cloning: A specialist copy is made, and the present status of the first is duplicated in order to create cloning agents.
  • Dispatch: A mobile agent moves to another host.
  • Deactivation: The state of a mobile agent is saved in the repositories when it is in standby mode.
  • Activation: The state of a deactivated mobile agent is restored from the repositories and applied to the lifetime mobile agent.
  • Retraction: A mobile agent can converse with another agent and the stage.
  • Disposal: The life-cycle of a mobile agent ends.
  • Communication: Interactions between mobile agents and platforms.

2. Utilization of Mobile Agents in the Medical Care Domain

Mobile agents are used in a variety of medical-related activities [12], such as obtaining clinical information on executives, clinical data recovery, integrating information pertaining to a patient’s wellbeing, obtaining general clinical information, and so on. The use of mobile agents in the medical care sector ensures medical data integration [13] by combining information from different medical data sources, as shown in Figure 6.
  • Health Data Management: Acquiring, analyzing, and protecting medical information [14].
  • Information Retrieval: Retrieving medical information from heterogeneous databases.
  • Decision-Making Support: Assisting healthcare workers with procedures, including treatments and diagnostics.
  • Telemedicine: Systems focused on remotely monitoring the situation with patients, thus allowing for a wide range of assessments.
  • Securing Medical Information: Approaches to working, bearing in mind the wellbeing and security of patient information.
Figure 7 and Figure 8 represent the real-time application of mobile agents in healthcare.

Requirement of Security

Security is a pressing issue for mobile agents [15] as they migrate from user to user. Security parameters are shown in Figure 9.
  • Confidentiality: Security of information and data (state + data + code) [8] among platforms and agents.
  • Data integrity: Data and information [16] should not be interfered with by a third party.
  • Availability: Data and information requested by the platform or agents should be easily accessible.

3. Related Work

Liu et al. [10] proposed a model based on the fusion of a virtual integrated clinical database system with the mobile agent paradigm. Mobile agents help send information between different medical clinics, and the proposed model was utilized to incorporate information from different clinical data frameworks. This model was seen as having exceptionally favourable uses for the following reasons: patient information was regularly, and immediately, obtained by the medical clinics, saving a great deal of time [4]; needless patient trials did not occur in some clinics, which saved time for crises; and it guaranteed secure and productive information sharing.
The framework was executed as follows:
  • A patient arrived at the hospital, and the medical faculty requested the patient’s vital clinical records via a VI (Visualized Interface).
  • A MAS (Mobile Agent Scheduler) [17] dispatched portable specialists to outside organizations and emergency clinics, in order to solicit and assemble data. When the portable specialist arrived at the outside organization, it finished the check assessment initiated by the MAS of the outside establishment, accumulated data from the outside foundation’s CIS (Clinical-information Index Storage), and it continued its journey to the organization.
  • After visiting all of the required institutions, the mobile agents returned to the organization at which they were assigned. The list items were saved in the CIS and displayed via the VI, which allowed the specialists to make better decisions.
Burstein et al. [18] presented a design that consolidated the mobile agents’ ideas, and considered how they could dynamically help in the medical care crisis space. This paper explicitly demonstrates how to utilize mobile agents in order to help disorganized administrations. First, a crisis circumstance is considered, wherein a moderately aged man experiences cardiovascular failure. The onlookers promptly call for an emergency vehicle, noting the area and nature of the problem, any recognizable identification on the patient, and so forth. When on route to the site of the incident, paramedics dispatch pair of mobile agents. First, the mobile agents travel to the medical clinics close to the site of the incident in order to understand whether accessible specialists, attendants, beds, or offices will be required. The second mobile agent recovers the patient’s clinical history, as well as the attributes of the chosen emergency clinic. This ensures that when the paramedics arrive at the crisis site, their onboard terminal in the rescue vehicle now mirrors the nearby clinics’ terminals, which are ordered from the most to least helpful, in accordance with the situation.
Additionally, the paper noted how subtle clinical information pertaining to the patient, and subtle information concerning the local environment, are accessible. When heading to the chosen emergency clinic, a message is conveyed to the related emergency clinic specialist. When the rescue vehicle arrives at the medical clinic, this data lets the trauma center and health worker know how to plan for the appearance of a patient. This paper concludes by arguing that mobile agents are helpful in situations in which the accuracy of information is critical for a successful decision.
Orgun [19] focuses on a scenario wherein patients change medical clinics and have numerous episodes in different medical services offices, thus prompting patient-related data to be divided into different frameworks. The authors suggested an electronic medical agent model that uses various participating versatile specialists in order to effectively access, translate, learn, and take advantage of the data that is available on different wellbeing frameworks. This multi-agent framework, with a metaphysical component that is dependent on HL7, works with the accumulation of patient data across an entire medical service association. The electronic medical mgent model comprises different agents from different servers, including a merchant agent and a cosmology server. A server for agents provides an interface for the information. Applications are set up on the electronic medical agent model network, and they are composed of the aforementioned information in various configurations, with various field names, and the data is able to be compared with that of a similar patient. An agent merchant monitors every one of the agents in the framework at a random time, in addition to the library of the numerous partaking applications and datasets in the medical services association.
Chaouch et al. [20] analyzed mobile agent-based structures DiabMAS (Diabetes Multi-Agent System) for the remote clinical assessment of diabetic patients. The argument for deploying mobile agents is to reduce traffic by assigning agents to locations where activities can be completed and message transmissions are closed, thus reducing network stress. Here, the key idea is to screen and assure patients, thus diminishing costs with regard to the advancement of patient diseases, and furthermore, creating a movement that provides a moderate degree of satisfaction.
Hsu [21] focused on telemedicine, and they alluded to an application that couples the innovation of PC technology and correspondence with clinical advantages. It will be available in different forms: tele-education, tele-conference, tele-medical procedures, and tele-observing. Here, the principal impetus behind this project is to design a protected specialist that can implement telemedicine-based pair-to-pair organizing. The design of a pair-to-pair network based on the JXTA convention utilizes two models of telemedicine administration: unsurprising and erratic administrations. When a mobile agent holding patient data begins its journey by starting on one spot, before moving onto the next through the web, it tends to be assaulted by malevolent agents; therefore, the design utilizes a two-layer security component in order to answer agent-based telemedicine administrations for mobile agents. Security necessities require the design to be: non-renounceable, private, dependable, and consistent.
Pouyan [22] describes a three-layer agent-based paradigm for e-health care that consists of collecting, evaluating, controlling, and eventually conducting patient-related services via the internet in real-time. Patients, healthcare clinics, and the central hospital comprise the three tiers. Physicians, nurses, trainers, and representatives can be from any sector to form a dynamic virtual team. All of these actors are mobile agents. A specific agent that represents a patient’s description, circumstances, and health, assigns the patient to a specific member of healthcare staff. Some medication data is entered into a database in accordance with the to the responsibilities allocated to each member of healthcare staff. The diagnostics group sends the request to the central institution in order to obtain data from the data system.
Benachenhou [23] examined the utilization of mobile specialist innovations in terms of their ability to correspond between various distant areas. This is a particularly pertinent consideration for when a crisis happens, particularly in mass setback occurrences when a large number of casualties need clinical consideration. This paper examines the utilization of mobile agents for the quicker and exact recovery of information, when legitimate medical care hardware or the examination of clinical data is beyond the realm of possibility. The author gives a description of a crisis wherein a group of individuals is affected by eye contamination. The paper showed that scanning for, and enquiring into, expert care for every single case set aside time.
Indeed, the paper showed that if we assume every one of the specialists reaches out to experts by sending them the medical profiles of every single patient, tumult and blockage will unquestionably ensue, thus ensuring that not even one of them will receive help; however, if we assume that the experts contact every single patient, the correspondence traffic will be decreased, though, it will still take a great deal of time. The paper indicated that affected individuals will visit nearby medical service communities. Nearby clinical official investigations will receive data from patients that will be stored in the neighborhood framework. A unique clinical office will dispatch a specialist, or several specialists, to all servers in order to observe the aftereffects of essential tests on affected eyes. These officials will receive answers to their information requests.
Biswas [24] considered straight (t, n) secret sharing plans, and they noticed some of its benefits. The proposed (t, n) edge plot depended on Shamir’s SS scheme. The paper gives an itemized security investigation of every one of the three periods of the SS scheme, including the specific offer being made, secret key reproduction, and mystery key approval. In any case, two, rather than one, irregular polynomial plans for producing two offers for each member are utilized. In this plan, one polynomial is utilized to divide confidentiality between t or more members, and the other is utilized to approve the mystery key and to discover cheating, assuming that it happens. The plan does not utilize any stolen work that has been discovered; in any case, the coefficients of the two polynomials are connected, and thus, the offers made by them are connected. The plan utilizes two arbitrary polynomials, with one normal coefficient between them. For offers made as a result of cheating, both the polynomials are altered, and thus, (t-1) effective cheating methods carried out by deceptive members can be rendered unimportant. Hence, this plan is useful as it does not involve other conditions to discover cheating, and it includes additional calculations to check such conditions.
Ahmed El-Yahyaoui [25] introduced an encryption plot, wherein the clamor is steady and does not rely upon the homomorphic assessment of ciphertexts. The homomorphy of our plan is derived from basic lattice tasks (expansion and increase). In a cloud environment, the operating period of our cryptography aims for enhancement action, and it logs a request for a few milliseconds. The author proposed a novel homomorphic cryptography scheme that is indisputable. It consists of a symmetric, commotion-free, probabilistic encryption with a non-commutative ring quaternionic cipher text space. The proposed encryption has a viable application in terms of its ability to offer sound calculations, in an environment of scrambled information, during distributed computation; this can be applied to the protection of a large amount of information. It is an efficient and practical scheme, the safety of which hinges on resolving an over-characterized set of quadratic multidimensional polynomial requirements in a non-commutative ring. The two key aspects of our strategy are homomorphy and confidence. The proposed approach allows a remote, unreliable, networked computing system to conduct sophisticated computations over scrambled data while allowing the customer to verify the accuracy of their rethought actions throughout the decryption process.
Alexeis Garcia-Perez [26] notes the fact that as countries transition into a post-industrial world, where understanding the economy is characterized by radical innovations in the information technology area, the digital transformation of the health industry is crucial. In order to sustain sectoral growth and to fortify against its fragility by deploying the newest technologies, their use in the health and care ecosystem must be managed properly in terms of cyberresilience.
Patel [27] explored the principle objective of dissecting the presentation of these calculations using documents that had either a little or a large amount of information. The runtime and amount of storage used by these computations during the operation are factors to consider. The experimental results and graphic research show which computation is the most suitable for small and large datasets. Scientific outcomes portray the more reasonable calculation for time and memory imperative frameworks. Velibor Božić [28] underlines the difficulty of managing health risks. IT, usernames, and passwords are insufficient to describe manager risk assessment competencies. The incorporation of risk mitigation into medicine must be planned as a program with a multimodal team as the sector is significantly larger and more complicated.
Kakoli Banerjee [29] reported the goal of resolving issues within DNA. Sequence compression issues, a novel compression algorithm, was suggested in their work, and a different concept was put forth. This concept relates to subbands and specialized framework similarities. The findings of the mathematical calculations show that intra-chromosome matching produces a greater number of inter-chronological matches. In the present study, only singularly exact similarities are taken into account. For improved compression, this process can be extended to difficult matches. This approach can be used to condense DNA layouts effectively, and it can also be used to determine how close two different chromosomes of a comparable genome are to one another.
These papers proposed a framework for the security of patient data and water information at a time of commutation using mobile agents. These are the new approach for the security of patient credentials and WQI, and it takes less time, bandwidth, and has a low latency compared with existing approaches. The proposed approach utilizes two polynomial-based secret sharing schemes with a blowfish algorithm.

4. Problem Statement

As traditional communication slows down when there is more congestion on the network, mobile agents play a vital role in quickly assessing a patient’s condition during a mass loss incident. Mobile agents manage to retrieve diagnostic data from a few heterogeneous sources of information and the data is presented to the customer upon request. Mobile agents also assist medical professionals when making decisions during treatment. Above all, the aim when developing mobile agents is to automate tasks with minimal human interference. As a smaller number of human assets is required, it is possible to use human assets for other clinical purposes. In clinical regions, the security of prosperity data is a crucial matter that is customarily taken care of in neighbourhood storage facilities.
When studying the literature available for mobile agents in medical care, we saw that mobile agents are broadly utilized in the recovery, transportation, and execution of clinical information. Clinical information [30] is profoundly confidential. Consequently, securing migrating agents is a crucial issue. The mobile agent needs to be navigated away from certain dangers, such as the divulgence of data, forswearing of administration, and defilement of data, and different types of protection need to be utilized in order to obtain a mobile agent. The conventional direction with regard to security continues, and the focal point remains to be the implementation of assurance systems inside the portable specialist. In any case, accentuation involves gradually pushing toward creating strategies that move toward agent security, which is a considerably more troublesome issue. The security of medical data, as well as the security of mobile agents, is a prime concern [31].

5. Proposed Solution

Preliminaries—The prerequisites of the developed framework are discussed in Section 5.1 and Section 5.2. The secret sharing scheme [32] and blowfish symmetric encryption [33] are the main components of the prerequisite of the proposed model.

5.1. Secret Sharing Scheme

The SS scheme is dependent on Shamir’s SS scheme; however, instead of one, two random polynomials, similar to the scheme in Liu et al. for generating two shares per participant, are used. The scheme does not use any cheating detection function [5]; however, the coefficients of the two polynomials are correlated so that the generated shares are related.
Details of the scheme:
The proposed (t, n) threshold SS scheme comprises three phases: share generation, secret key reconstruction, and secret key validation/cheating detection [34]. They are described below.
Share generation phase: In the secret share generation phase threshold scheme (t, n), a trusted dealer considers a random polynomial degree (t-1), as follows:
f x = a 0 + a 1 x 1   + a 2 x 2   + a t 1 x t 1  
where a 0 , a 1 , ……, a t 1 ≠ 0 € Zq for a large prime q.
The secret S € Zq is obtained from f x by replacing (x) with 0 (i.e., s = f 0 = a 0 :). Another polynomial f x of degree t 1 , called the supporting polynomial, is also selected by the dealer, as follows:
g x = b + a 1       x 1   + b 2       x 2   + b t 1       x t 1  
where b 0 , b 0 , ……, b t 1 ≠ 0 € Zq
such that the coefficients of polynomial f x and g x for 0 i t 1 , are random and arbitrary except for a single value of I, for which ai = bi; however, the value of i and the coefficient ai (and bi) are kept secret. In fact, these two polynomials are related implicitly, and in such a way that they can validate each other (i.e., if one polynomial is changed, the other is affected and vice versa).
The dealer generates n pairs of shares k , f k , g k   f o r   k = 1   t o   n using two polynomial equations, f x and g x , respectively, and the dealer secretly distributes them to n participants. Upon secretly pooling their shares, the secrets can be reconstructed by any t share or more, as described below.
Secret key reconstruction phase: After secretly exchanging and receiving shares, any t of n shareholders can redesign the polynomial equation f(x) using the interpolation [35] formula, as follows:
f x = i = 1   t o   t f i j = 1 t o   t   j i x j i j
Similarly, the polynomial g(x) is also reconstructed. Now, the secret s = f 0 = a 0 is taken as valid and correct if the following phase is satisfied.
Secret key validation/cheating detection phase: For 0 i t 1 , the coefficients of f x and g x must satisfy a i b i except for a single value of I, for which a i = b i , and where f x and g x are non-constructed polynomials.

5.2. Blowfish Encryption

The workings of the blowfish and DES-based encryption, based on the Feistel structure are as follows. Blowfish is a block cipher symmetric key cryptography encryption and decryption mechanism proposed by Bruce Schneier to replace the DES encryption and decryption approach. The manner in which the Feistel structure works is efficient and secure. It is one of the first secure cryptographic algorithms and is free to use.
  • Size of each block: In a blowfish symmetric algorithm, 64-bits of block size are used.
  • Size of Symmetric key: The blowfish cipher used variable key length sizes, from 32 to 448 bits.
  • Subkey: In a blowfish cipher eighteen subkey numbers were used for internal operations.
  • Number of rounds used in the blowfish cipher: In the blowfish cipher, 16 rounds were used.
  • Substitution boxes: There were four substitution boxes used in the blowfish cipher.
The complete encryption procedure of the blowfish algorithm is summarized as follows: the block diagram of the blowfish encryption algorithm is shown in Figure 10, and the block diagram showing blowfish decryption is shown in Figure 11.
Step 1: Creation of subkeys in the blowfish algorithm:
  • In the blowfish algorithm for encryption and decryption operations, 18 subkeys are needed {P[0], P[1], P[2]...P[17]}, and the same subkeys are used in encryption and decryption.
  • Eighteen subkeys are stored in eighteen P arrays, and each array consists of 32 bits.
  • P[0] = “456f7d98”, P[1] = “55a788e4”………………. P[17] = “3434eb6d”
  • The relationship between each subkey and input key has been changed, as follows:
    P[0] = Perform the XOR operation between P[0] and the first 32-bits of the applied input key.
    P[1] = Perform the XOR operation between P[1] and the second 32-bits of the applied input key.
    P[i] = Perform the XOR operation between P[i] and the (i + 1)th 32-bits of the applied input key.
(Rotate the key to the first 32 bits, based on its size.)
Perform the XOR operation between P[17] and the 18th 32-bits of the applied input key.
(Rotate the key to the first 32 bits, based on its size.)
P-arrays that result in 18 subkeys are used in the encryption procedure.
Step 2: Setting-up Substitution Boxes:
In the blowfish encryption and decryption process, substitution boxes (S-boxes) play a very important role. Every S-box has 256 entries, starting from S[i][0] to S[i][255], and each has an entry size of 32 bits.
Step 3: Encryption:
  • From i = 1 to 16:
    • Li = Li XOR Ri;
    • Ri = F(Li) XOR Ri;
    • Swap Li, Ri.
  • Undo the previous exchange.
  • R = Perform XOR between R and P17.
    • L = Perform XOR between L and P18.
  • To get 64-bit cypher text, combine L and R.

5.3. Proposed Framework

The framework concerning secure medical information transmission in healthcare is shown in Figure 12. The framework based on secure key generation using two polynomials, blowfish encryption, and a decryption algorithm works in two phases: the first phase pertains to secure key generation, and the second concerns encryption and decryption using the blowfish algorithm. In the second phase, all patient documents and reports are encrypted using the key generated in the first phase, in order to encrypt and decrypt with the blowfish algorithm. The same key is used to decrypt reports and information concerning a patient. A major advantage of the proposed approach is its ability to work well during times of emergency. Every hospital securely shares the information of patients with other hospitals; therefore, the doctor can start treatment without delay and save the patients’ lives.

5.3.1. Threshold Secret Sharing Scheme Using Pair of a Polynomial Equations

  • Our SS scheme follows Shamir’s [31] scheme, in that the generation of participants’ shares, where an irregular polynomial f x of degree t 1 , is used with coefficients from Zq. In addition, another polynomial g x is taken as a supporting polynomial of f x , such that all the coefficients are random, except for one coefficient that matches with a coefficient of f x . As a result, the shares of x are associated with the shares of g x and vice versa.
  • The shares are also independent because a common coefficient does not provide any dependency between f x and g x . Moreover, most t 1 dishonest participants with 2 t 1   shares cannot derive f x and g x (and thus cannot get all shares) as two polynomials contain 2 t 1   unknowns.
  • If none of the shares are modified, any subgroup of ‘t’ participants can generate the correct polynomials for f x and g x , as shown in Figure 13. Due to two random polynomials and a common coefficient between them, the probability of successful share modification is 1 t q 2 .

5.3.2. Blowfish Encryption

The process begins with the generation of subkeys. A P-array is used to store these 18 subkeys, with each array element being a 32-bit item. Next, substitution boxes (S-boxes) [36] are required in both the encryption and decryption processes, with each S-box containing 256 entries S[i][0]...S[i][255], and each item being 32 bits. Then, the last step involves encryption, in which the following steps are carried out:
  • From i = 1 to 16:
    • Li = Li xor Ri;
    • Ri = F(Li) xor Ri;
    • Swap Li, Ri.
  • Undo last swap.
  • R = R xor P17.
    • L = L xor P18.
  • Concatenate L and R to obtain a 64-bit cipher text.

6. Implementation and Result

The security of mobile agents in the healthcare field is provided by combining two polynomial-based secret key schemes and a blowfish symmetric encryption algorithm. The proposed scheme was implemented using python programming, and it was compared with the secret sharing with CRT [37] and EULER [38] algorithms that use the same parameter. After analysis, it was observed that the turnaround time for secret generation and regeneration is much less than the CRT and EULER secret sharing schemes. Table 2 shows the hardware and software requirements for implementing the proposed framework. The average case analysis, regarding the turnaround times for the key generation and regeneration of the CRT, EULER, and two polynomial-based secret sharing schemes [39,40], is shown in Table 3. The results of Table 3 are presented in a graph in Figure 12. It was observed from Figure 14, that the total turnaround time for the two polynomial-based scheme, with regard to secret key generation is optimal compared with other mechanisms.
The best-case analysis of the turnaround times for key generation and regeneration with regard to the CRT, EULER, and two polynomial-based secret sharing schemes is shown in Table 4. The results of Table 4 are presented in the form of a graph in Figure 15. It was observed from Figure 15 that the total turnaround time for the two polynomial-based scheme, with regard to secret key generation, is optimal, as compared with other mechanisms.
The encryption and decryption times of any algorithm depend on the size of an input file. Table 5 shows the encryption and decryption times of different file sizes, which range from 100 to 1000 kb, and the time observed is noted in msec for the three algorithms: AES, DES, and the blowfish algorithm. The results shown in Figure 16 show that the blowfish algorithm is optimal compared with AES and DES; therefore, our proposed model for the encryption and decryption of patient reports and identity utilizes a blowfish symmetric encryption algorithm.

7. Conclusions

The security of patient personal information and information regarding disease is the main issue discussed in this paper. A mobile agent is used to migrate information from one healthcare center to another. The proposed model, based on the mobile agent, is utilized from a security-based perspective. Another issue facing mobile agent security is resolved by using the proposed model, which is based on two polynomial authentication systems. Here, the authors used the blowfish algorithm to encode a patient’s information. Blowfish is a symmetric cryptography algorithm, and the encryption and decryption of documents requires a secret key that is generated and authenticated by using two polynomial-based mechanisms. The reason behind using the blowfish algorithm is that it is optimal compared with DES and AES encryption and decryption algorithms. After analyzing the proposed model with other symmetric key cryptosystems, key generation, and the recreation of a key, was observed as being far better than the CRT and Euler approach. In future designs, the optimal secret key may be created and recreated, and a secret key based on threshold value can be developed, which may give better results than the proposed model.

Author Contributions

Conceptualization, P.K., K.B., N.S., S.R. and C.A.L.; methodology, P.K., K.B., A.K., R.K., S.R. and C.A.L.; software, N.S.,K.B., A.K., R.K. and S.R.; validation, P.K., K.B.,A.K., R.K., S.R. and C.A.L.; formal analysis, P.K., K.B., S.R. and R.K.; investigation, A.K., K.B, R.K., S.R. and C.A.L.; resources, P.K., K.B., N.S., A.K., R.K. and S.R.; data curation, P.K., K.B., A.K., R.K., S.R. and C.A.L.; writing—original draft preparation, P.K., K.B., N.S. and A.K.; writing—review and editing, R.K., S.R. and C.A.L.; visualization, R.K., S.R. and C.A.L.; supervision, R.K., S.R. and C.A.L.; project administration, P.K., K.B., N.S. and A.K.; funding acquisition, C.A.L. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

Not applicable.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Tardo, J.; Valente, L. Mobile agent security and Telescript. In COMPCON’96. Technologies for the Information Superhighway Digest of Papers; IEEE: Piscataway, NJ, USA, 2002; pp. 58–63. [Google Scholar] [CrossRef]
  2. Narad, M.S.K. Group Authentication Using Back-propagation Neural Network. Int. J. Adv. Res. Comput. Commun. Eng. 2017, 6, 272–278. [Google Scholar] [CrossRef]
  3. Yao, M. A Security Architecture for Protecting Dynamic Components of Mobile Agents. Doctoral Dissertation, Queensland University of Technology, Brisbane City, QLD, Australia, 2004. [Google Scholar]
  4. Chen, T.-L.; Chung, Y.-F.; Lin, F.Y.S. Deployment of Secure Mobile Agents for Medical Information Systems. J. Med. Syst. 2011, 36, 2493–2503. [Google Scholar] [CrossRef] [PubMed]
  5. Esparza, O.; Soriano, M.; Muñoz, J.L.; Forné, J. A protocol for detecting malicious hosts based on limiting the execution time of mobile agents. In Proceedings of the Eighth IEEE Symposium on Computers and Communications. ISCC 2003, Kemer-Antalya Turkey, 3 July 2003. [Google Scholar] [CrossRef]
  6. Wagner, A. Mobile agent: Based module distribution in heterogeneous networks. In Proceedings of the CF ’04: Proceedings of the 1st Conference on Computing frontiers, New York, NY, USA, 14–16 April 2004. [Google Scholar] [CrossRef]
  7. Cavalcante, R.C.; Bittencourt, I.I.; da Silva, A.P.; Silva, M.; Costa, E.; Santos, R. A survey of security in multi-agent systems. Expert Syst. Appl. 2012, 39, 4835–4846. [Google Scholar] [CrossRef]
  8. Al-Jaljouli, R.; Abawajy, J.H. Secure Mobile Agent-based E-Negotiation for On-Line Trading. In Proceedings of the 2007 IEEE International Symposium on Signal Processing and Information Technology, Giza, Egypt, 15–18 December 2007; pp. 610–615. [Google Scholar] [CrossRef] [Green Version]
  9. Jansen, W. Countermeasures for mobile agent security. Comput. Commun. 2000, 23, 1667–1676. [Google Scholar] [CrossRef]
  10. Bagga, P.; Hans, R. Applications of Mobile Agents in Healthcare Domain: A Literature Survey. Int. J. Grid Distrib. Comput. 2015, 8, 55–72. [Google Scholar] [CrossRef]
  11. Kumar, P.; Singhal, N.; Singh, S. Anonymous Scheme for Secure Mobile Agent Migration Using Mignotte’s Sequence and Back Propagation Artificial Neural Networks. Int. J. Comput. Inf. Syst. Ind. Manag. Appl. 2021, 13, 192–199. [Google Scholar]
  12. Santos-Pereira, C.; Augusto, A.B.; Cruz-Correia, R.; Correia, M.E. A secure RBAC mobile agent access control model for healthcare institutions. In Proceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems, Porto, Portugal, 20–22 June 2013; pp. 349–354. [Google Scholar] [CrossRef]
  13. Vieira-Marques, P.M.; Robles, S.; Cucurull, J.; Cruz-Correia, R.J.; Navarro, G.; Marti, R.; Navarro-Arribas, G. Secure Integration of Distributed Medical Data Using Mobile Agents. IEEE Intell. Syst. 2006, 21, 47–54. [Google Scholar] [CrossRef]
  14. Fortino, G.; Trunfio, P. Internet of Things Based on Smart Objects; Springer: Berlin/Heidelberg, Germany, 2014. [Google Scholar] [CrossRef]
  15. Kumar, P.; Vatsa, A.K. Novel Security Architecture and Mechanism for Identity based Information Retrieval System in MANET. Int. J. Mob. Adhoc Netw. 2011, 1, 397–404. [Google Scholar]
  16. van der Haak, M.; Wolff, A.; Brandner, R.; Drings, P.; Wannenmacher, M.; Wetter, T. Data security and protection in cross-institutional electronic patient records. Int. J. Med. Inform. 2003, 70, 117–130. [Google Scholar] [CrossRef]
  17. Fong, C.-H.; Parr, G.; Morrow, P. Security Schemes for a Mobile Agent Based Network and System Management Framework. J. Netw. Syst. Manag. 2010, 19, 230–256. [Google Scholar] [CrossRef]
  18. Burstein, F.; Zaslavsky, A.; Arora, N. Context-aware mobile agents for decision-making support in healthcare emergency applications. In International Workshop on Context Modeling and Decision Support: 05/07/2005-05/07/2005; CEUR Workshop Proceedings: Vienna, Austria, 2005; Volume 144. [Google Scholar]
  19. Orgun, B.; Vu, J. HL7 ontology and mobile agents for interoperability in heterogeneous medical information systems. Comput. Biol. Med. 2006, 36, 817–836. [Google Scholar] [CrossRef] [PubMed]
  20. Chaouch, Z.; Tamali, M. A Mobile Agent-Based Technique for Medical Monitoring (Supports of Patients with Diabetes). Int. J. Comput. Model. Algorithms Med. 2014, 4, 17–32. [Google Scholar] [CrossRef] [Green Version]
  21. Hsu, W.-S.; Pan, J.-I. Secure Mobile Agent for Telemedicine Based on P2P Networks. J. Med. Syst. 2013, 37, 9947. [Google Scholar] [CrossRef] [PubMed] [Green Version]
  22. Pouyan, A.A.; Ekrami, S.; Taban, M. A Distributed E-health Model Using Mobile Agents. In Proceedings of the Seventh International Conference on Autonomic and Autonomous Systems, Venice/Mestre, Italy, 22–27 May 2011; pp. 7–12. Available online: http://www.thinkmind.org/index.php?view=article&articleid=icas_2011_1_20_20065 (accessed on 15 August 2021).
  23. Benachenhou, L.; Pierre, S. Protection of a mobile agent with a reference clone. Comput. Commun. 2006, 29, 268–278. [Google Scholar] [CrossRef]
  24. Biswas, A.K.; Dasgupta, M. Two polynomials based (t, n) threshold secret sharing scheme with cheating detection. Cryptologia 2020, 44, 357–370. [Google Scholar] [CrossRef]
  25. El-Yahyaoui, A.; EL Kettani, M.D.E.-C. A Verifiable Fully Homomorphic Encryption Scheme for Cloud Computing Security. Technologies 2019, 7, 21. [Google Scholar] [CrossRef]
  26. Garcia-Perez, A.; Cegarra-Navarro, J.G.; Sallos, M.P.; Martinez-Caro, E.; Chinnaswamy, A. Resilience in healthcare systems: Cyber security and digital transformation. Technovation 2022. [Google Scholar] [CrossRef]
  27. Patel, K. Performance analysis of AES, DES and Blowfish cryptographic algorithms on small and large data files. Int. J. Inf. Technol. 2019, 11, 813–819. [Google Scholar] [CrossRef]
  28. Demster, B. Managing Information and Security in Healthcare; Bloomsbury Publishing: London, UK, 2013. [Google Scholar]
  29. Banerjee, K.; Bali, V. Design and Development of Bioinformatics Feature Based DNA Sequence Data Compression Algorithm. EAI Endorsed Trans. Pervasive Health Technol. 2019, 5, e5. [Google Scholar] [CrossRef] [Green Version]
  30. Su, C.-J.; Chu, T.-W. A Mobile Multi-Agent Information System for Ubiquitous Fetal Monitoring. Int. J. Environ. Res. Public Health 2014, 11, 600–625. [Google Scholar] [CrossRef]
  31. Idrissi, H.; Souidi, E.M.; Revel, A. Security of Mobile Agent Platforms Using Access Control and Cryptography. In Agent and Multi-Agent Systems: Technologies and Applications; Springer: Berlin/Heidelberg, Germany, 2015; pp. 27–39. [Google Scholar] [CrossRef]
  32. Harn, L.; Xia, Z.; Hsu, C.; Liu, Y. Secret sharing with secure secret reconstruction. Inf. Sci. 2020, 519, 1–8. [Google Scholar] [CrossRef]
  33. Parmar, K.; Jinwala, D.C. Symmetric-Key Based Homomorphic Primitives for End-to-End Secure Data Aggregation in Wireless Sensor Networks. J. Inf. Secur. 2015, 6, 38–50. [Google Scholar] [CrossRef] [Green Version]
  34. Meng, K.; Miao, F.; Huang, W.; Xiong, Y. Tightly coupled multi-group threshold secret sharing based on Chinese Remainder Theorem. Discret. Appl. Math. 2019, 268, 152–163. [Google Scholar] [CrossRef]
  35. Hsiao, T.-C.; Wu, Z.-Y.; Chen, T.-L.; Chung, Y.-F.; Chen, T.-S. A hierarchical access control scheme based on Lagrange interpolation for mobile agents. Int. J. Distrib. Sens. Netw. 2018, 14, 1550147718790892. [Google Scholar] [CrossRef] [Green Version]
  36. Shepherd, S.J. The Tiny Encryption Algorithm. Cryptologia 2007, 31, 233–245. [Google Scholar] [CrossRef]
  37. Endurthi, A.; Chanu, O.B.; Tentu, A.N.; Venkaiah, V.C. Reusable Multi-Stage Multi-Secret Sharing Schemes Based on CRT. J. Commun. Softw. Syst. 2015, 11, 15–24. [Google Scholar] [CrossRef]
  38. Chen, H.; Chang, C.-C. A Novel (t,n) Secret Sharing Scheme Based upon Euler’s Theorem. Secur. Commun. Netw. 2019, 2019, 2387358. [Google Scholar] [CrossRef] [Green Version]
  39. Liu, Y.; Yang, C.; Wang, Y.; Zhu, L.; Ji, W. Cheating identifiable secret sharing scheme using symmetric bivariate polynomial. Inf. Sci. 2018, 453, 21–29. [Google Scholar] [CrossRef]
  40. Sidhu, A.; Singh, S.; Kumar, R.; Pimenov, D.; Giasin, K. Prioritizing Energy-Intensive Machining Operations and Gauging the Influence of Electric Parameters: An Industrial Case Study. Energies 2021, 14, 4761. [Google Scholar] [CrossRef]
Sensors 22 08620 g001a 550Sensors 22 08620 g001b 550
Figure 1. (a) Client–Server paradigm, (b) Mobile agent paradigm.
Figure 1. (a) Client–Server paradigm, (b) Mobile agent paradigm.
Sensors 22 08620 g001aSensors 22 08620 g001b
Sensors 22 08620 g002 550
Figure 2. Conventional and new threats in MAS [7].
Figure 2. Conventional and new threats in MAS [7].
Sensors 22 08620 g002
Sensors 22 08620 g003 550
Figure 3. Advantages of mobile agents over conventional methods of protection.
Figure 3. Advantages of mobile agents over conventional methods of protection.
Sensors 22 08620 g003
Sensors 22 08620 g004 550
Figure 4. Main security threats to mobile agent technology.
Figure 4. Main security threats to mobile agent technology.
Sensors 22 08620 g004
Sensors 22 08620 g005 550
Figure 5. Mobile agent life-cycle [11].
Figure 5. Mobile agent life-cycle [11].
Sensors 22 08620 g005
Sensors 22 08620 g006 550
Figure 6. Applications of mobile agents in the healthcare domain.
Figure 6. Applications of mobile agents in the healthcare domain.
Sensors 22 08620 g006
Sensors 22 08620 g007 550
Figure 7. Application of a mobile agent in a road accident.
Figure 7. Application of a mobile agent in a road accident.
Sensors 22 08620 g007
Sensors 22 08620 g008 550
Figure 8. Application of a mobile agent in an emergency.
Figure 8. Application of a mobile agent in an emergency.
Sensors 22 08620 g008
Sensors 22 08620 g009 550
Figure 9. Security parameter.
Figure 9. Security parameter.
Sensors 22 08620 g009
Sensors 22 08620 g010 550
Figure 10. Blowfish encryption.
Figure 10. Blowfish encryption.
Sensors 22 08620 g010
Sensors 22 08620 g011 550
Figure 11. Function description.
Figure 11. Function description.
Sensors 22 08620 g011
Sensors 22 08620 g012 550
Figure 12. Secure agent migration framework in the healthcare system.
Figure 12. Secure agent migration framework in the healthcare system.
Sensors 22 08620 g012
Sensors 22 08620 g013 550
Figure 13. Secret sharing scheme.
Figure 13. Secret sharing scheme.
Sensors 22 08620 g013
Sensors 22 08620 g014 550
Figure 14. Comparison of average key generation and regeneration times.
Figure 14. Comparison of average key generation and regeneration times.
Sensors 22 08620 g014
Sensors 22 08620 g015 550
Figure 15. Comparison of best-case key generation and regeneration times.
Figure 15. Comparison of best-case key generation and regeneration times.
Sensors 22 08620 g015
Sensors 22 08620 g016 550
Figure 16. Execution times for the AES, DES, and blowfish algorithms.
Figure 16. Execution times for the AES, DES, and blowfish algorithms.
Sensors 22 08620 g016
Table
Table 1. The differences between the conventional method RPC [6] and mobile agent technology [1].
Table 1. The differences between the conventional method RPC [6] and mobile agent technology [1].
Remote Procedure Call (RPC)Mobile Agent Technology
Data transmission consumes greater channel capacity.Rather than transmitting information, a process moves from one host to another, thus using less channel capacity.
The network load is high because many requests and replies are sent between the client and server.The network load decreases because the main customer collaborator is a mobile agent, which moves to the server and in order to make neighbourhood associations.
They are not autonomous and self-driven.They are autonomous and self-driven.
The user transmits the request to the computer as boundaries for a strategy. The strategy will be carried out over the server, with the results being returned to the user.Mobile agents move from one host to the next and they work naturally.
Table
Table 2. Requirements for computer configuration and software.
Table 2. Requirements for computer configuration and software.
NameDetail
ProcessorPentium IV
RAM256 MB and above
Hard Disk40 MB
NetworkWAN
SoftwarePython
Table
Table 3. Average case turnaround time for key generation and regeneration.
Table 3. Average case turnaround time for key generation and regeneration.
No. of Mobile Agent
51015202530
CRT0.004330.006050.006770.008820.009050.00964
EULER0.003620.005150.006480.008820.008980.00943
Polynomial0.004840.004970.004940.005770.005470.00597
Table
Table 4. Best case turnaround time for key generation and regeneration.
Table 4. Best case turnaround time for key generation and regeneration.
No. of Mobile Agent
51015202530
CRT0.00330.00420.00420.00680.00610.0074
EULER0.0030.00370.00350.00530.00530.0061
Polynomial0.00420.00440.00450.0050.00520.0052
Table
Table 5. Total time taken for encryption and decryption using the AES, DES, and blowfish algorithms.
Table 5. Total time taken for encryption and decryption using the AES, DES, and blowfish algorithms.
File Size100 MB200 MB300 MB400 MB500 MB600 MB700 MB800 MB900 MB1000 MB
AES191192.4198.4196.4198195.6202.6202.8201.6206.8
DES176.8177182184.2185.4186188.8189.2187.4189
Blowfish182.6183.6183.8183.8184.8184.6185.8185.2188.4189
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Kumar, P.; Banerjee, K.; Singhal, N.; Kumar, A.; Rani, S.; Kumar, R.; Lavinia, C.A. Verifiable, Secure Mobile Agent Migration in Healthcare Systems Using a Polynomial-Based Threshold Secret Sharing Scheme with a Blowfish Algorithm. Sensors 2022, 22, 8620. https://doi.org/10.3390/s22228620

AMA Style

Kumar P, Banerjee K, Singhal N, Kumar A, Rani S, Kumar R, Lavinia CA. Verifiable, Secure Mobile Agent Migration in Healthcare Systems Using a Polynomial-Based Threshold Secret Sharing Scheme with a Blowfish Algorithm. Sensors. 2022; 22(22):8620. https://doi.org/10.3390/s22228620

Chicago/Turabian Style

Kumar, Pradeep, Kakoli Banerjee, Niraj Singhal, Ajay Kumar, Sita Rani, Raman Kumar, and Cioca Adriana Lavinia. 2022. "Verifiable, Secure Mobile Agent Migration in Healthcare Systems Using a Polynomial-Based Threshold Secret Sharing Scheme with a Blowfish Algorithm" Sensors 22, no. 22: 8620. https://doi.org/10.3390/s22228620

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop