Federated Learning-Based Lightweight Two-Factor Authentication Framework with Privacy Preservation for Mobile Sink in the Social IoMT

Abstract

The social Internet of Medical Things (S-IoMT) highly demands dependable and non-invasive device identification and authentication and makes data services more prevalent in a reliable learning system. In real time, healthcare systems consistently acquire, analyze, and transform a few operational intelligence into actionable forms through digitization to capture the sensitive information of the patient. Since the S-IoMT tries to distribute health-related services using IoT devices and wireless technologies, protecting the privacy of data and security of the device is so crucial in any eHealth system. To fulfill the design objectives of eHealth, smart sensing technologies use built-in features of social networking services. Despite being more convenient in its potential use, a significant concern is a security preventing potential threats and infringement. Thus, this paper presents a lightweight two-factor authentication framework (L2FAK) with privacy-preserving functionality, which uses a mobile sink for smart eHealth. Formal and informal analyses prove that the proposed L2FAK can resist cyberattacks such as session stealing, message modification, and denial of service, guaranteeing device protection and data integrity. The learning analysis verifies the features of the physical layer using federated learning layered authentication (FLLA) to learn the data characteristics by exploring the learning framework of neural networks. In the evaluation, the core scenario is implemented on the TensorFlow Federated framework to examine FLLA and other relevant mechanisms on two correlated datasets, namely, MNIST and FashionMNIST. The analytical results show that the proposed FLLA can analyze the protection of privacy features effectively in order to guarantee an accuracy $\approx 89.83\%$ to $93.41\%$ better than other mechanisms. Lastly, a real-time testbed demonstrates the significance of the proposed L2FAK in achieving better quality metrics, such as transmission efficiency and overhead ratio than other state-of-the-art approaches.

1. Introduction

The recent advances in algorithms and hardware have led to massive computation and memory costs for the development of user authentication models using various multimodal AI. Commercial devices including infotainment systems adopt machine learning-based authentication features to unlatch the system process or to provide a few user-specific services, namely, recommendation, notification, and configuration adjustment. The features of the authentication protocol rely on a decision-making problem that uses a set of testing inputs to accept or reject based on its similarity measurement to train the user inputs [1]. The similarity measurement is often assessed using an embedded spacing to predict the testing input referring to learning models with the local computing data. The authentication models utilize a variety of computing data to learn the security characteristics of the physical layer [2]. The raw inputs and embedded spacing address the issues of privacy sensitivity to analyze the modeling characteristics of application systems and test the adversarial settings to protect data privacy over the inference-time attack [3].

Most distributed services use telecommunication technologies and IoT devices to store and analyze the physiological or behavioral characteristics of digital applications. The behavioral characteristics including irises, palm prints, and fingerprints extract the layered features of the computing devices using spatial correlation (i.e., channel impulse response and state information) to authenticate users and computing devices. The health insurance portability and accountability act (HIPAA) was developed by the United States to protect the sensitive information of the patient and provide the accessing rules to authorize system information [4]. The computing system demands service authentication and access control to authorize user credentials aligned with the records available on the server. The loss of data protection allows intruders to acquire sensitive information via unauthorized access to arise cybersecurity risks and gain access to confidential data via malicious IoT applications [5]. Moreover, inappropriate security practices cannot endorse a network policy without adequate controls to evaluate the shared security model across the physical and virtualized infrastructure.

As a result, security infrastructure integrates cloud computing, mobile communication, and artificial intelligence to create an innovative IoT application that successfully transfers different kinds of real-time data between the computing devices to operate the industrial process to a larger extent [6]. The massive amount of computing data generated by IoT devices necessitates more efficient data collection and processing to conduct proper development processes and adopt technological paradigms such as transfer learning and mobile computing to manage edge intelligence controlled by industrial applications. Industrial applications converge with edge networks to meet a basic constraint of strong computation in order to evaluate a large set of real-time data. In other words, the modeling process uses an edge cache to boost the performance of IoT-based networks which develop a trustworthy platform based on physical-layer data extracted from user behavior to design a secure authentication [7]. The context-aware authentication leverages biometric or physical-layer features to protect massive private data and leverage the use of machine learning to achieve reliable communication in a smart environment.

In the smart environment, a new computing paradigm, the so-called massive IoT, has evolved as a leveraging technology for the growth of digital transformation such as smart cities, automation, grids, and eHealth. The leveraging technologies revolutionize the significance of smart computing to offer a real-time awareness of the application systems. Connected edge devices can be tightly coupled with unconnected smart objects to offer data sharing, device coordination, and resource utilization [8]. An IoT environment consists of distributed sensors and actuators to gather environmental information via dedicated wireless channels. It may even route sensitive information via trusted gateways to improve the performance of computing resources. According to a report by International Data Corporation, the IoT is expected to connect 41 billion devices by 2025 [9]. It can generate massive amounts of sensitive data totaling approximately $79.4\mathrm{zettabytes}$ to utilize resources effectively. As a result, a two-fold development strategy is applied to achieve device integrity and security efficiency. Since each IoT device has limited computational capabilities, securing user credentials is still a challenging task in protecting transmitted data against threats such as unlawful eavesdropping, unauthorized access, and data tampering [10].

In real time, malicious attackers attempt to insert, delete, and modify the sensitive data of legitimate users. Therefore, a proper authentication technique is preferred to improve the security efficiency of IoT frameworks. Moon et al. [11] outlined the essential factors of an authentication mechanism to claim device integrity and application security. Saqib et al. [12] devised a secure mutual authentication framework to improve the security features of IoT environments. In addition, security features such as availability, integrity, and confidentiality are quietly surveilled to resist potential attacks with less computation and communication overhead. To improve system efficiencies, researchers apply artificial intelligence in developing various distributed IoT applications. Most distributed IoT applications use metaheuristic approaches to optimize resource utilization. Heuristic algorithms employ a proven genetic process to design an intelligent framework that applies cryptographic algorithms to improve searching efficiency. Most IoT devices apply cryptographic algorithms to offer seamless connectivity when accessing cloud-based computing resources and communication services [13].

The cloud-based computing services employ machine and deep learning algorithms to extract hidden patterns to maintain a large amount of IoT data in smart healthcare [14]. Healthcare can discover the hidden pattern using graph analytics to relate the connection between the data points and organize the associated rules to manage learning databases based on predictive modeling. The modeling applies the distributed learning algorithms via a centralized database to train the computing data using context-aware rules to improve the decision-making process [15]. However, the centralized database addresses various challenging issues such as increased latency, single point of failure, and security deficiencies leveraged by a dynamic environment. In this environment, the learning database is centrally located to generate the rules based on distributed learning to train the computing data stored in a diverse location. The machine and deep learning algorithms access the computing data across diverse locations to train the learning rules and increase the overall efficiency of the healthcare system using distributed ML [16]. Traditional machine and deep learning algorithms persist with the issue of device privacy. As a result, the algorithm cannot generalize the performance of modeling with a large amount of sensitive data to secure a deep-rooted infrastructure with advanced healthcare applications [17].

The performance modeling utilizes federated learning to train the sensing data located across diverse devices such as wearable health monitors, security systems, and logistic tracking [18]. The IoT device uses federated learning to compute or learn the generated source using scalable machine learning to improve prediction accuracy with guaranteed system latency. The personalized applications simplify the access control of the computing systems to protect user credentials using static authentication [19]. However, static authentication is susceptible to a key impersonation attack, which allows a computing device to impersonate as an illegal entity to authenticate the service access. Therefore, healthcare applications prefer distributed machine learning, so-called federated learning, to analyze the key features of the authentication protocol [20]. The application system is designed with the components of a digitized network such as control, communication, and sensing to manage the computing tasks with the social Internet of Medical Things (Social IoMT). The social IoMT distributes the application features of resource management to establish secure communication with medical devices.

1.1. Technological Advancements

Healthcare application uses a machine learning algorithm to offer a promising solution to relate the key features of the authentication protocol [21]. The features utilize a few significant tools of the learning algorithm to handle data extraction more reliably and train the extraction pattern to correlate the data points to perform cross-validation. The knowledge database constructs a protective mechanism to automate the pattern discovery to prepare a decision or prediction case that leverages the physical layer features to authenticate smart IoT devices. Moreover, smart IoT includes wireless channel characteristics such as channel state information and medical access control to analyze the physical layer features and adapt context-aware authentication within a network based on the dynamic features to improve system security [22]. The deployment of context-aware applications introduces the edge computing paradigm as a promising solution to meet the requirements of real-time services. The application service processes the raw data locally with data mining or aggregation to distribute the model gradients. The centralized server utilizes a gradient descent algorithm to preserve the privacy of localized data over different transmission stages to achieve the functionality of distributed encryption [23].

The utilization of distributed communication technologies offers seamless integration across 5G networks and IoT to discover business opportunities with edge computing [24]. Edge computing utilizes a core technology of IoT to manage the essential parts of interconnected networks. The integration of heterogeneous IoT inherits the properties of next-generation networks to meet the requirements of a communication environment such as low latency, massive connectivity, and high flow data rates [25]. However, the coexistence of multi-access techniques cannot protect network access as the time-based authentication increases its degree of network failures due to inadequate distributed machine learning models. Therefore, the emerging paradigms employ key technologies of current IoT systems to present an effective decentralized system using distributed machine learning. The learning system associates with an edge-enabled IoT network to optimize the training model and aggregate the unique identifier of the network using blockchain technology to ensure decentralization and immutability [26]. Moreover, the edge-based IoT converges with intelligence modeling to utilize three basic elements of blockchain technology including graph structure, tree, and chain.

Most application services such as healthcare, transportation, entertainment, etc., rely on a cloud-centric machine learning model to leverage the usage of smart sensing within the physical environment [27]. The application service initiates a few predefined actions to transform the physical properties into measurable signals through different sensing units. In particular, network intelligence and its advent technologies greatly expand a few machine perceptions such as image processing, pattern recognition, and computer vision to deal with detection, recognition, and navigation [9]. However, advanced networking and digital processing technologies demand an expansion of decentralization to support the growth of the modern Internet and to promote data localization and end-device portability. The key roles of the computing layers are as follows:

Cloud [Data] Center has a powerful solution to offer an intelligent infrastructure that handles huge amounts of computing services, namely, sharing, accessing, and processing the data via a well-protected data center.

Learning [Data] Center applies a decentralized machine model across edge computing systems or devices to formulate a suitable optimization problem that infers the shared knowledge of the computing devices.

Mobile [Data] Center has a technological infrastructure to provide comprehensive delivery of data packets with better visualization of information via a dedicated mobile application [28].

Communication modules such as network control and storage can interconnect with device paradigms to improve the quality of network performance. As a result, IoT devices can invoke a cloud computing model to handle a massive amount of data. A three-tier architecture, including mobile, learning, and cloud explores key features of decentralized ecosystems such as visualization, data analytics, and processing. Each ecosystem has its backbone network to access the core features of the end IoT device and to support the interconnection of baseband units using a cloud server. The IoT device integrates an edge computing paradigm to address key challenges, such as network latency, processing costs, and load balancing. Layered mechanisms, such as cloud-to-fog and fog-to-cloud processes, handle the requests of IoT devices to support mobility [29]. Parameters such as communication protocols, network types, and services offered are configured with a mobile sink to leverage the scope of network convergence. Devices such as wireless routers and machine-to-machine gateways can act as fog computing nodes to store and process data locally via dedicated cloudlets. The capabilities of cloud computing deploy intermediate nodes, which may allow end computing devices to offload network resources such as bandwidth usage and response time over the cloudlets.

A centralized cloud entity monitors the activities of geo-distributed fog servers, and a decentralized network platform between end computing devices and cloud data offers better content delivery and data analytics using a learning center [30], as shown in Figure 1. In addition, the learning center coexists with a suitable security framework to examine the core features of the computing systems which can be actively transmitted via a public network to achieve technical benefits such as privacy preservation and scalability [31].

1.2. Motivation

In real time, fog computing services evolve a scenario of IoT-Cloud architecture which decentralizes the significant features, such as data processing, access control, application security, and network analytics to guarantee data integrity and security [32]. The emerging computing service enables end-user authentication to secure communication over adversarial networking devices. The enabled network gains information access to train the user modeling to learn different characteristics of user-specific services. The IoT-Cloud application uses legacy infrastructures to analyze real-time data which operates intelligent gateways to handle privacy-sensitive information of sustainable architectures [33]. In practice, the users of sustainable architecture exploit direct network access to eliminate the constraint of identity management. As a result, the architecture uses fog and cloud computing as complementary approaches to operating the connected layer with edge networks to minimize the quality issues related to cyber security and transmission latency [34]. Depending on the availability of edge-IoT devices, the generated data are transmitted to the related edge server.

To expand the storage limit horizontally and satisfy the quality requirements including delay and mobility, the network infrastructure prefers fog computing. However, fog computing cannot test any input data based on its similarity to learn the characteristics of data. Moreover, the computing paradigm cannot locate the user data centrally to train any predictive modeling due to the privacy sensitivity of any statistical database [35]. The user applications demand privacy protection to test or train any adversarial model to determine the leakage of embedding space and examine the security vulnerabilities using an authentication model. Thus, distributed machine learning, known as federated learning, is chosen to train the predictive modeling with the sensitive data of IoT devices. This model repeatedly communicates its weights and gradients between the dedicated server and the IoT devices to maximize the predictive correlation. In federated learning, the training models enable data sharing without user preference to access the aggregated models using input–output pairs. In most cases, the input–output pairs can obtain a better user interaction to learn different data characteristics with mobile AI applications.

The application of next-generation networks interconnects with IoT devices to form intelligent networking and provide a seamless data connection to achieve better data transmission and storage [36]. Intelligent networking has the potential features such as identity, data privacy, security, and connectivity to solve the problem of data collection in a distributed machine learning technology. This technology has an extensive observation to provide technical support to secure data sharing in distributed healthcare systems. Most computing systems utilize distributed machine learning to reduce the computation complexity of a centralized database and preserve the privacy of the data owner evaluated by aggregation strategies [37]. To offer better reliability with data sharing, the modeling strategy correlates the random binary output with embedding vectors. The data protection with user privacy makes the computing device to train and upload the local model with its respective weights and gradients to the centralized server. In general, federated learning guarantees device privacy to the local data [38]. However, local training has a possibility of data leakage while the modeling parameters are uploaded into untrusted servers.

The untrusted servers utilize the modeling weights and gradients to recover the actual local data in order to observe its network structure. The initial parameter and its training labels may vary over time using adversarial techniques to disclose the private information of the social IoMT device [39]. Modern IoT demands a promising approach to examine the behavior of the computing devices based on the extraction of user profiling patterns to verify the modalities with smart medical devices. Advances in IoMT and social networks communicate with high-end computing devices to establish social links in order to process authentication requests [40]. The continuous interactions within an environment deal with supportive infrastructure to exploit the sensitive features of the information system such as identity and pattern. To overcome the security issues associated with authentication protocol, the execution trade-off considers a robust optimization approach. The optimization approach consumes less computation and communication cost to meet the desired constraints of real-time applications and expedites the process of authentication to detect malicious behavior with minimum power consumption [41].

This strategy motivates researchers to design a robust lightweight authentication with unpredictable pseudonym updates which rely on hashing and XOR operation to offer high anonymity in the social IoMT [42]. The development of computing paradigms interconnects with medical devices and healthcare providers to offer remote consultation and patient monitoring with minimum computation overload in healthcare systems. Of late, various authentication schemes have been designed using elliptic-curve cryptography (ECC) for cloud-centric eHealth systems. Jian et al. [43] designed a cloud-assisted authentication scheme using ECC to secure communication between the users and the cloud server. Yang et al. [44] utilized a secure hash function and elliptic-curve operator to design a robust authentication protocol between wearable devices and cloud servers to achieve proper mutual authentication with minimum computation cost. Izza et al. [45] devised a hybrid authentication protocol based on ECC and lightweight operations to encrypt the data features of wearable medical devices. This mechanism uses symmetric encryption to perform various computing tasks with minimum energy consumption in order to guarantee end-to-end delivery of packet transmission with reduced packet loss.

Most healthcare system applies lightweight cryptography including hash functions and XOR operation to guarantee better transmission efficiency. Alzahrani et al. [46] designed a lightweight authentication scheme for a wearable body area network that uses a hash function and XOR operation to update the device identities locally. Chunka et al. [47] constructed a hash-based authentication scheme to operate the system parameters at the end of session establishment. Wei et al. [48] devised a two-factor authentication protocol with device anonymity for a cloud computing environment. Regrettably, this scheme cannot resist a few security vulnerabilities such as user and gateway masquerading. To address security issues, this paper formulates a lightweight two-factor authentication framework (L2FAK) with the functionality of privacy preservation, which utilizes a mobile sink for smart eHealth.

1.3. Contribution

The associated technologies interconnect the computing devices with unique identities to transfer sensitive data without human intervention. The development of the S-IoMT applications handles the data traffic using the communication channel to prepare a comparative study of different network-based countermeasures including security requirements and authentication protocols. Healthcare systems operate wearable devices to collect and transmit sensitive data periodically. As a result, in healthcare, the remote monitoring system using the S-IoMT applies decentralized verification and authentication to achieve data security with secure transmission. To meet the essential requirements of the S-IoMT including session key agreement and credible mutual authentication, this paper designs a lightweight two-factor authentication framework (L2FAK). For practical uses of the S-IoMT, the proposed L2FAK includes secure data storage and transmission when facing a privileged-insider attack. The study analysis showed that the existing lightweight authentication frameworks using IoMT [49] do not have any specific strategy such as a machine learning algorithm to protect the system features; therefore, the public and private keys of the sensing units cannot be well preserved to ensure device security. The major contributions of the proposed L2FAK are as follows.

• Use a two-factor strategy with privacy-preserving and federated learning to block potential threats such as privileged-insider and denial-of-service attacks through an authentic-ware system [15] and to analyze the data features effectively without any centralized server access.
• Apply a secure averaging function and Boolean and Numerical (BN) responses according to source attributes of the data to update secret keys locally and to transfer the weighted parameters and their relevant gradients.
• Design federated learning layered authentication (FLLA) which proactively manages the shared data in any social network to analyze two different datasets using the poisoning attacks. The extensive analysis utilizes the privacy features of FLLA to resist malicious behavior and guarantee better robustness and credibility.
• Explore the layer attributes of a communication channel to extract the authentication features and enable the classification system to train the authentication process based on controlled parameters with a high-level physical layer [16].
• A practical testbed using Raspberry Pi 3 and Arduino examines quality metrics such as transmission efficiency and overhead ratio.

1.4. Paper Organization

The remaining sections of the paper are organized as follows. Section 2 briefly describes the security efficiencies of existing authentication frameworks against threats, such as forgery, password guessing, user tracking, and perfect secrecy, to highlight the challenges of a resource-constrained IoT. Section 3 presents a smart healthcare system model that addresses two key challenges: computation and communication. Section 4 presents the phases of the proposed L2FAK and FLLA, and Section 5 discusses informal and formal security using RoR and learning analysis, offering computational analysis and reliable authentication. Section 6 presents the performance analysis using a real-time testbed, and Section 7 concludes this research work.

2. Related Works

This section discusses the issues of security frameworks, artificial intelligence, and federated learning to analyze a few crucial factors such as access rights, security, privacy, heterogeneous network, etc. Of late, the security frameworks have utilized an edge-adaptive federated learning approach for various peer-to-peer computing services. In the past decade, various system functionalities such as resource efficiency, perfect secrecy, anonymity, mutual authentication, nontraceability, revocability, and resiliency have been considered for the improvement of healthcare sectors. In the design of any secure authentication scheme, key properties such as session key agreement and mutual authentication are chiefly concerned with strengthening network performance. In recent studies, various security and privacy issues have been addressed [11,12,13,14] for significant solutions in terms of security and performance. One study revealed that cloud-centric architectures in the literature have not had enough work highlighting security and privacy issues.

Adbussami et al. [50] developed a provable lightweight authentication framework to preserve the privacy of healthcare systems. This framework uses a dedicated network architecture to explore the functional requirements of the edge computing paradigm in order to protect the privacy of the medical service provider. Kim et al. [51] constructed a lightweight authentication with anonymity preservation to protect the healthcare system against replay attacks. The anonymity preservation uses biometric-based authentication to ensure the key freshness of the message requests while integrating the gateway with medical sensors for any clinical decision. Praveen et al. [52] utilized a bioacoustics signal to design a robust secure lightweight authentication to meet the security requirements of IoMT applications including integrity, authenticity, security, and privacy. This strategy applies the Chinese Remainder Technique (CRT) to generate a group key via a protective network to validate the performance of application systems in terms of computation and communication overhead.

Chen et al. [53] intended to improve the lightweight authentication framework which uses low-power wearable sensors to analyze the key requirements of medical systems. Moreover, the lightweight framework applies biometric authentication to verify the key freshness of the message requests via a dedicated gateway. Nair et al. [54] applied a federated learning framework to construct a lightweight authentication with privacy preservation. This model adopts a strategy of big-data analytics to analyze the functionalities of multi-tier system architecture with load reduction. Gupta et al. [55] designed context-aware data authentication and access control to resist quantum attacks. The comprehensive analysis proved that context-aware authentication meets the network requirements of the IoMT networks such as anonymity, mutual authentication, and quantum security. Chatterjee et al. [56] employed a ring signature-based authentication to validate the collaborative environment of the medical system. This scheme exploits quality assessment criteria to resist the network attacks such as man-in-the-middle, denial-of-service, and privileged insider to maintain data confidentiality and integrity.

Deebak and Al-Turjman [57] formulated a single sign-on mechanism using Chebyshev chaotic map to analyze the computing services of the distributed network. This model uses a strategy of unary access control to meet the service level agreements of medical IoT systems. Dharminder et al. [58] developed an efficient authentication framework based on a Chebyshev chaotic map to protect the management systems against security vulnerabilities such as key impersonation and the privileged-insider attack. This modeling framework uses key verifiers to examine the requirements of digital systems. Dsouza et al. [59] proposed a policy-based security framework to control the flow of data transmission with multiple application domains to provide a high level of security. This framework initialized attribute-based authentication to acquire the essential criteria such as computing resources and services. The main objective is to execute computing services involving storing and processing sensitive information [60]. Shivraj et al. [61] designed a two-factor authentication using elliptic-curve cryptography (ECC) which utilizes fewer key sizes, a reliable infrastructure, and a robust testbed to analyze the core features of smart cities. However, this authentication scheme cannot be more genuine to examine the key elements of the three-tier architecture of fog computing architectures, namely, pre-processing, storage, and security.

Lu et al. [62] intended to develop a lightweight, privacy-preserving scheme to perform data aggregation in a fog computing environment. In this scheme, three basic techniques (the Chinese remainder problem, one-way hashing, and the Paillier cryptosystem) were applied to prevent data injection attacks at the edge of the network. Examination results demonstrated that this scheme can mitigate computation and communication costs to meet the standard constraints of a fog computing environment. Kumar and Gandhi [63] utilized data transport layer security to address vulnerability to denial-of-service (DoS) attacks. Their method uses a constrained application protocol to optimize deployment with a high number of computing devices. Ibrahim [64] designed a proper mutual authentication framework to explore the key functionalities of a master secret key. This scheme uses smart cards and intelligent devices to verify the identities of users who transmit sensitive data over public channels. Unfortunately, this scheme cannot achieve better device compatibility and user anonymity or lessen signal interference, to block unauthorized entities.

Amor et al. [65] designed a reliable authentication framework using a public-key cryptosystem. It uses pseudonym-based cryptography to maintain user anonymity between computing nodes and fog servers. However, this scheme cannot offer a secret session key agreement to meet the general requirements of a fog computing system. Xu et al. [66], Lee et al. [67], and Yu et al. [68] analyzed two-factor and three-factor authentication for a multi-server architecture. Watters et al. [69] implemented short messaging services to analyze key features of two-factor authentication. Test results revealed that the authentication scheme can only achieve about $76.5\%$ accuracy in analyzing key features such as authentication and anonymity [70]. Amin et al. [71] proved that the security mechanisms of He et al. [72] and Wu et al. [73] directly contact sensors to collect or read medical data. Therefore, their schemes could not restrict offline guessing, intractability, and a privileged-insider attack. Amin et al. presented two-factor authentication specifically designed for wireless medical sensor networks (WMSN) to address those security weaknesses. However, their scheme is still susceptible to offline password guessing. Kumari et al. [74] presented a novel lightweight authentication scheme that constructs a secure session key between real-time entities. Unfortunately, their scheme could not restrict offline password guessing and user traceability.

Farash et al. [75] designed a secure authentication protocol to prevent forgery and password guessing. Cryptanalysis proved that their scheme is still susceptible to user traceability. Wu et al. [76] presented a lightweight, two-factor authentication scheme that blocks threats such as privileged-insider attacks, user nontraceability, session key disclosure, and offline password guessing. Inopportunely, their scheme could not rely on perfect secrecy. Wazid et al. [77] designed a robust authentication scheme that applies a fuzzy extractor to manage biometric mechanisms. However, their scheme fails to prevent attacks such as password guessing, user traceability, breach of anonymity, etc. Above all, most of the existing authentication schemes still find it challenging to offer better security and privacy protection [78]. Gope et al. [79] developed an authentication framework using a one-time physical unclonable function to update the challenge–response pair dynamically to prevent a machine learning attack. Jegadeesan et al. [80] devised a lightweight privacy preservation framework with anonymous authentication to resolve the issue related to response errors. Jiang et al. [81] utilized a one-way hash function and an ideal physical unclonable function to minimize the operational cost between the medical devices and the server.

Table 1. Security and privacy challenges in existing authentication schemes.

Existing Schemes	Systematic Approach	Pros and Cons	Vulnerable To
			Forgery	Password Guessing	User Tracking	Perfect Secrecy
He et al. [72], 2015	Cryptography Hash Function	The lightweight functions are applied to minimize the computation cost. However, this scheme cannot have any specific platform to validate the energy consumption of medical sensors.	Yes	Yes	No	No
Kumari and Om [74], 2016	Cryptography Hash Function	Two-factor authentication is utilized to reduce cost efficiencies including computation and communication. However, this protocol cannot resist forgery and password guessing to meet the requirements of wireless medical sensor networks.	Yes	No	Yes	No
Wu et al. [73], 2017	Symmetric Encryption	This scheme uses lightweight two-factor authentication to achieve the property of mutual authentication and key agreement. Despite that, this scheme cannot achieve a property of perfect secrecy to resist a forgery attack.	No	Yes	No	No
Farash et al. [75], 2017	Symmetric Encryption	This scheme uses lightweight authentication with user anonymity to achieve better computation efficiency. In spite of its conditional provable security, this scheme cannot satisfy the design goals such as forgery, password guessing, and perfect secrecy.	No	No	Yes	No
Amin et al. [71], 2018	Cryptography Hash Function	An effective architecture is designed with anonymity-preservation to claim the key features of the mutual authentication framework. Contrarily, this framework cannot resist forgery and password-guessing attacks to achieve a property of perfect secrecy.	No	No	Yes	No
Wu et al. [76], 2018	Cryptography Hash Function	This scheme utilizes lightweight authentication to guarantee the security of data transmission between the communication entities. Conversely, this authentication scheme cannot prevent the forgery attack unconditionally to meet the requirement of wireless medical sensor networks.	Partially	Yes	Partially	No
Wazid et al. [77], 2019	Cryptography Hash Function	Device authentication and key management are employed to secure the communication of an edge-based IoT environment. Despite that, this key management scheme cannot withstand forgery and password-guessing attacks to authenticate the cloud server mutually.	No	No	Yes	No
Deebak [78], 2020	Cryptography Hash Function	The key management scheme is designed to offer secure data transmission between computing devices. Unfortunately, this management scheme cannot achieve the property of traceability to preserve the privacy of IoT-based technologies.	Yes	Yes	No	Yes
Kalaria et al. [70], 2021	Identity-based elliptic curve cryptography	A fog-based mutual authentication framework is constructed to protect the end device against cyberattacks. However, this framework cannot resist the security vulnerabilities such as forgery and password-guessing to function the fog computing appropriately.	No	No	No	No
Deebak and Al-Turjman [57], 2021	Chebyshev Chaotic-Map-Based Single-User Sign-in	In this scheme, sensor/sensor tag-based authentication is introduced to offer security and privacy. On the contrary, this scheme cannot resist forgery and password-guessing attacks to make it more suitable for telecare medical information systems.	No	No	No	No
Dharminder et al. [58], 2021	Chebyshev Chaotic-Map	In this framework, an efficient chaotic-map based authentication is designed to ensure anonymous communication with telemedicine services. In contrast, this authentication scheme cannot fulfill the design goals of healthcare systems such as user tracking and perfect secrecy.	Yes	No	No	No
Proposed L2FAK and FLLA	Elliptic-curve and learning framework of neural networks	This model applies a secure averaging function and Boolean and Numerical (BN) responses according to source attributes of the data to update secret keys locally. Moreover, the model can proactively manage the shared data in any social network to protect their system parameters	Yes	Yes	Yes	Yes

summarizes the challenging issues of existing authentication schemes.

3. System Model

This section provides a real-time scenario for an eHealth monitoring system offering a better quality of service and context awareness. It has a core deployment of fog and cloud network paradigms to address the challenging features of a large-scale system, such as security, scalability, heterogeneity, and programmability. The network paradigms use a distributed cloud computing model to handle data processing and to offload computing tasks to the cloud. The computing model builds an intelligent platform between the end devices and cloud data centers via authentic gateway access to examine quality metrics such as transmission efficiency and overhead ratio. The key components are as follows.

Sensing Units (IoT Devices)—Wearable sensing units collect the source medical data, such as blood pressure, heart rate, and glucose monitoring, to infer the conditional status of the patient. The application allows a medical expert to process the healthcare information of a patient via a dedicated gateway to offer better decision making.

Sink Node (Mobile Device)—A sink node can be any one of various computing nodes, such as a smart device, a microcontroller, and a sensing component to acquire and collect medical data. Most of the on-demand requests issued by end users share the healthcare information of the patient to improve the lifetime of the sensing units.

Authentic Gateway Access—The gateway acts as a reversible proxy to restrict unauthorized access and prevent suspicious activities. Moreover, it can handle authentication requests to protect the critical and sensitive information of the patient.

Cloud Server—In this framework, the cloud server acts as a semi-trusted entity to characterize the malicious behavior of the mobile device and exhibit curiosity-but-honest to deliver sufficient computing resources and data sharing between $M_E$/$P_A$ and $M_S$. In other words, $M_S$ cannot delete or modify the transferred data of $M_E$/$P_A$; however, $M_S$ makes an effort to correlate the relationship between the gathered data and $M_E$/$P_A$ to infer the actual data content.

Smart medical sensors are commonly implanted in or around the patient’s body to read physiological data that support healthcare monitoring in real time [44]. They are more portable and smaller to provide device intercommunication. They are designed to be implanted in, or worn on, a patient’s body to record vital signs such as breathing rate, heart rate, blood pressure, etc. Data communication is essential to elderly people or in an emergency situation, processing sensitive data wirelessly. It may be necessary to monitor or assess the medical situation or take immediate action to obtain proper treatment from doctors or medical experts. Figure 2 shows a model smart healthcare system with authentic gateway access. It has three real-time entities ($M_E$, $M_D$, and $A{G}_{Access}$) to handle sensitive information of patients via dedicated fog computing. Owing to limited computation resources to gather medical data, it is preferable to use lightweight cryptographic operations, including the bitwise exclusive operator and collision-resistant functions [45].

On the other hand, $A{G}_{Access}$ has sufficient resources to provide a secure interface between $M_D$ and $M_E$. These entities demand protected transmissions to achieve mutual authentication, data privacy, and anonymity. In addition, $A{G}_{Access}$ must provide session unlinkability and nontraceability to strengthen security efficiency. Because of public network access, data transmissions are easily susceptible to severe security risks, such as replay attacks, eavesdropping, data modification, data interception, etc. Moreover, intruders or adversaries may try to launch malicious techniques such as forgery, a session key disclosure, key impersonation, privileged-insider attacks, etc. It is worth noting that the overhead constraints on medical sensors can substantially weaken system efficiency.

In the system model, the patient’s condition is monitored periodically using smart sensors to assess status, including blood pressure, pulse rate, pedometer readings, etc. Smart sensors infer the medical condition of the patient through an access point. Subsequently, the inferred information is sent to the cloud via a system gateway to verify the system attributes using federated learning. The system acts as a smart entity to register the legal $M_E$ that collects sensitive patient data to observe their physical condition. As referred to in [23], overall system costs may vary depending upon the usage of transmission bits, $b_l$. Moreover, communication costs may directly influence the transmission distance between sensors and the target entity.

Table 2. Notations Used for the L2FAK.

Parameter	Description
$M_E/P_A$	Medical Expert/Patient
$M_D$	Medical/Mobile Device
$M_S$	Cloud Server
$D_{ID}$	Identity of Medical Device
$M_{id}$	Identity of Medical Expert
$TI{D}_i$	Temporary Pseudo-identity
$A{G}_{Access}$	Authentic Gateway Access
$I{D}_{gw}$	Gateway Identity
$M_{Key}$	Single Sign-on Authentication Key
$S_{Key}$	Secret Key
$I{D}_{gw}$	Identity of Gateway
$CH$	Challenge
$PI{D}_i$	Pseudo-identity of $M_E/P_A$
$SK$	Session Key
$E_K(.)/D_K(.)$	Symmetric Encryption/Decryption
$H\left(.\right)$	One-Way Cryptographic Function
$D_B$	Database
$A_{dv}$	Adversary
$F_{ID}$	Fake Identities
$K_P$	Fake Identities of Key Pairs
$S_L$	Softmax Loss Function
$K$	Legitimate Computing Devices
$Y_k$	Class Label
$a_k$	Predicted Values of $k^{th}$ Computing Device
$b{i}_{d^{″}}$	Model Bias
$\left(S_V,S_W\right)$	Sampling Vectors of the Matrix
$q_l$	Level of Quantization
$\widehat{W_{ij}}$	Quantized Matrix
$D_P$	Device Prediction

shows the notations used under the L2FAK protocol.

Threat Model

In accordance with the system model, a formal adversarial attack is considered to assess four different types of threats which may intimidate the security efficiency of the proposed L2FAK.

Formal Security Definition: A formal security assumption is introduced with probabilistic polynomial time (PPT) to represent the behavior of malicious or revoked users. This malignant act may forge or deceive the cloud server to generate a privacy leakage [82]. Moreover, the assumption defines the security against the malicious user where an adversary with PPT $A{D}_{PPT}$ is supposed to play the successive game with a competitor $C$.

Setup: $C$ initiates non-identities of $M_E$/$P_A$ using the proposed L2FAK. It is assumed that $A{D}_{PPT}$ represents $\beta$ as a non-identity of L2FAK to assess its behavior over $C$. As a result, $C$ instructs $\beta$ to attack the non-identity of L2FAK and utilizes the subprogram of $A{D}_{PPT}$ to work over L2FAK. In addition, $\beta$ as the competitor of L2FAK trains $A{D}_{PPT}$ and make an effort to obtain the results of $A{D}_{PPT}$ to drive an attack against the non-identity of L2FAK. Obtaining the inputs of non-identity L2FAK, $C$ generates the parameters $SK=\left\{M_{S_i},p{s}_2,p{s}_3,p{s}_4,S_{key},H\left(.\right)\right\}$ and $\beta$ produces the parameters $S{K}^{\text{'}}=\left\{M_{S_i},p{s}_2,p{s}_3,p{s}_4,S_{key},x_1,p{k}_{gw},H\left(.\right)\right\}$ to obtain the data content. In addition, the system parameters are processed to the adversaries $\beta$ and $A{D}_{PPT}$.

Queries: The adversaries can strategically issue the data queries to $C$, which maintains the query lists to explore the relationship between the data or address sequences, which is initially recorded as empty, however.

$\left(1\right)$ Hash Function $H\left(.\right)$: The adversary uses hash value to obtain any identity ${\Im }_i$. $C$ finds ${𝓌}_i$ and returns the value to the adversary. Using this query, the adversary can obtain the parameter of any secret key $S_{key}$.

$\left(2\right)$ Key: In query execution, the adversary processes the function lists $H{\left(.\right)}^{List}$ to the adversary. It is worth noting that $H{\left(.\right)}^{List}$ utilizes the hash value of $H\left(.\right)$ to obtain the user identities $M_{i{d}_j}$. If $S_{key}$ has not been suspected before, then $C$ will generate a legal message request $M_i$. Using this query, the adversary can obtain the parameter of any $S_{key}$ to acquire the encrypted messages.

End-Game: Lastly, the entities including adversary and competitor obtain the encrypted messages $C_{\eta }^{*}$ and $C_{\eta }^{{*}^{\prime }}$ respectively. If $C_{\eta }^{*}=C_{\eta }^{{*}^{\prime }}$ holds, then the adversary succeeds in its computation process to derive the encrypted messages.

Definition 1. 

The L2FAK protocol can be secure over forging the encrypted messages to ensure privacy preservation, even if any adversary$A{D}_{PPT}$plays the game with the competitor to obtain a negligible probability:$\left|2P_r\right|C_{\eta }^{*}+\left|C_{\eta }^{{*}^{\prime }}-1\right|\le ℇ\left(\mathcal{K}\right)$.

Four Types of Adversary Acts: To analyze the security efficiencies of the proposed L2FAK, the capabilities of an adversary $A{D}_{PPT}$ are as follows.

• $A{D}_{PPT}$ may collude with multiple user entities to infer the secret key of $M_E$/$P_A$ without any proper permission of $M_S$ to gain server access.
• $M_S$ may be a semi-trusted cloud server to collude with revoked user entities to maintain the encrypted data without the consent of $A{G}_{Access}$. Even if the outsourced data is known to the revoked users, the semi-trusted cloud still holds the key derivatives of $M_E$/$P_A$ to secure the data transmission.
• When any user of a group tries to access the shared data, it may operate its access types in a different form to protect the content of data. Moreover, the revoked user cannot collude with the semi-trusted cloud to guess the interested information.
• The cloud server cannot determine the significance of encrypted data content to explore its relationship with data and address sequences. In addition, the curious server can attempt to track the content of data based on the access time to determine its priority.

4. The Proposed L2FAK

This section systematically constructs the architectural processes of eHealth applications to fulfill design criteria such as confidentiality and integrity. To structure the protocol, the design is composed of four basic entities, namely, sensors, medical experts, a mobile sink, and an authentic gateway. The execution phases of the L2FAK protocol consider the following assumptions for significant roles of the real-time entities:

• $A{G}_{Access}$ assumes the role of a trusted node to establish and manage the point of service via proper authorization requests.
• $M_{key}$ utilizes a hardware device to generate unique passcodes among real-time entities for single sign-on authentication.
• $S_{key}$ uses secret key distributions to verify device identities and ensure mutual authenticity via $S_{key}=H\left(M_{key}⨁I{D}_{gw}\right)$.

The L2FAK scheme is composed of four execution phases (pre-deployment, initialization, and registration, plus login and authentication) for medical-expert registration, login, authentication, and session key updates.

Phase 1—Pre-deployment: In this phase, $M_E$/$P_A$ negotiates with $A{G}_{Access}$ to obtain $S_{key}$. To be associated with a legal system, each $M_D$ utilizes $S_{key}$ along with information about $M_E$/$P_A$. Furthermore, it is assumed that $S_{key}$ cannot be accessed or obtained by $A_{dv}$.

Phase 2—Initialization: This phase carries out systematic operations over a secure channel, sending the registration request for medical device $M_D$ (along with its identity, $D_{ID}$) to server $S$. After receiving the request, $S$ generates a challenge, $CH$, to verify the next interaction with $D_{ID}$. As a result, $S$ has a series of new challenges, $C{H}_{SYN}=\left\{c{h}_1,c{h}_2,\dots \dots ,c{h}_n\right\}$, which requires proper re-synchronization with $D_{ID}$ to send a functional argument $\left\{CH,C{H}_{SYN}\right\}$ to $M_D$. Accordingly, $M_D$ extracts functional outputs $R_{CH}=PU{F}_{ID}\left(CH\right)$ and $R_{CH-SYN}=PU{F}_{ID}\left(C{H}_{SYN}\right)$ using $\left\{CH,C{H}_{SYN}\right\}$ to process functional parameters $\left\{R_{CH},R_{CH-SYN}\right\}$ with $S$.

To prove the legitimacy of computing device $M_D$, $S$ generates first-factor authentication, including short-term identity $S{T}_{ID}=H\left(R_{CH}\parallel M_{key}\right)$ and a secret key, $S_{key}$. In addition, $S$ finds a set of fake identities along with key pairs, $\left(F_{ID},K_P\right)=\left\{\left(F_{ID1},K_{P1}\right),\left(F_{ID2},K_{P2}\right),\dots \dots ,\left(F_{IDn},K_{Pn}\right)\right\}$, to prepare a valid argument, $\left\{\left(S{T}_{ID},S_{key}\right),\left(F_{ID},K_P\right)\right\}$, which sets up secure channel access with $D_{ID}$. Lastly, $S$ stores the essential parameters, $\left\{\left(S{T}_{ID},S_{key}\right),\left(CH,R_{CH}\right),\left(C{H}_{SYN},R_{CH-SYN}\right),\left(F_{ID},K_P\right)\right\}$, in its database, $D_B$, to verify the parameters of $M_D$, i.e., $\left\{\left(S{T}_{ID},S_{key}\right),\left(F_{ID},K_P\right)\right\}$.

Phase 3—Registration (${\mathrm{M}}_{\mathrm{E}}$/${\mathrm{P}}_{\mathrm{A}}$): $M_E$/$P_A$ deal with $A{G}_{Access}$ to register credentials safely before message requests are transmitted via secure channels. The execution steps are as follows.

Step 1: $M_E$/$P_A$ select their own identities, $M_{id}$/$P{A}_{id}$, generate a pseudo-random number, $p{s}_1$, to compute a pseudo-identity, $PI{D}_i=H\left(M_{id}/P{A}_{id}\parallel H\left(p{s}_1\right)\right)$, and then transmit $PI{D}_i$ to $A{G}_{Access}$.

Step 2: After receiving the parameter $PI{D}_i$, $A{G}_{Access}$ determines whether $PI{D}_i$ is already registered in $D_B$. $A{G}_{Access}$ generates a temporary pseudo-identity, $TI{D}_i$, to compute $T{P}_1=H\left(TI{D}_i\parallel x_1\parallel I{D}_{gw}\parallel S_{key}\right)$ and assigns $T{P}_1$ to $M_E$/$P_A$. Subsequently, $A{G}_{Access}$ stores values $\left\{TI{D}_i,T{P}_1\right\}$ for $M_D$ and allows $M_E$/$P_A$ to access $PI{D}_i$ via $D_B$. Finally, $A{G}_{Access}$ transmits data from medical device $M_D$ to $M_E$/$P_A$.

Step 3: $M_E$/$P_A$ set a strong password, $p_{wd}$, in order to compute $T{P}_2=H\left(PI{D}_i\parallel TI{D}_i\parallel p_{wd}\right)$ to protect the device credentials of $M_E$/$P_A$ from $A_{dv}$. Later, $M_E$/$P_A$ compute $T{P}_3=H\left(H\left(p_{w{d}_i}\right)\parallel M_{id}/P{A}_{id}\right)\oplus H\left(p{s}_1\right)$, $T{P}_4=H\left(p_{w{d}_i}\parallel p{s}_1\right)$, and $T{P}_5=H\left(T{P}_1\parallel S_{key}\parallel PI{D}_i\right)$ to store system parameters $\left\{T{P}_2,T{P}_3,T{P}_4,TI{D}_i,S_{key}\right\}$ in $M_D$.

Phase 3—Registration (Sensor): Assume that a medical sensor, $M_S$, wishes to register with $A{G}_{Access}$ via dedicated device $M_D$ to transmit messages via secure channels.

Step 1: $A{G}_{Access}$ chooses an identity, $M_{S_i}$, for medical sensor $M_S$ and applies private key $p{k}_{gw}$ of $A{G}_{Access}$ to protect the $M_S$ identity.

Step 2: Additionally, $A{G}_{Access}$ utilizes the values of $M_{S_i}$ and $p{k}_{gw}$ to compute a pseudo-identity for $M_S$, i.e., $P_{M_{S_i}}=H\left(M_{S_i}\parallel p{k}_{gw}\right)$.

Step 3: After obtaining $P_{M_{S_i}}$, $A{G}_{Access}$ sends parameters $\left\{P_{M_{S_i}},M_{S_i},PI{D}_i\right\}$ to $M_S$ and subsequently stores them in $M_D$ via $M_S$ to limit data access based on the characteristics and to establish secure communications with uncompromised $M_S$.

Phase 4—Login and Authentication: In this phase, the system can legally process message requests when $M_E$/$P_A$ reviews and verifies the credibility of patient information. To gain system access, $M_E$/$P_A$ enter a legible $S_{key}$ into $M_D$, which authenticates the communication with $M_S$ via $A{G}_{Access}$, as shown in Figure 3. This phase shall operate the execution steps of different communication entities $M_E$/$P_A$ and $M_S$ via $A{G}_{Access}$ to exhibit the significance of secure registration and validation among the legitimate mobile/medical device $M_D$. Initially, $S$ handles the registration process with $M_E$/$P_A$ to verify the message requests and manage the medical devices $M_D$ with $A{G}_{Access}$ to control the system parameters. To begin with the registration process, $M_D$ safely registers the secret key $S_{key}$ with its trusted $A{G}_{Access}$ to validate the legitimacy of the patient $A{G}_{Access}$ and also generates a pseudo-random number, $p{s}_3$ to compute a legal message request $M$. Following this process, $A{G}_{Access}$ supplies the computation parameters $\left\{E_1,E_2\right\}$ not only to enroll the medical device $M_D$ but also to compute their signatures to advertise a secure session key $SK$ within the medical center. The center considers a learning network to generate a local chain whereby the entities such as $M_S$ and $A{G}_{Access}$ can handle a local batch signature to create private and public slabs in order to validate the service management controlled by the inter-hospital networks. The learning network forms predictive information to validate legitimate device $M_D$ via $A{G}_{Access}$ to determine the appropriate security features including the decryption key which manages the network verification with $M_S$ to extract the important parameter of $M_D$ and to establish secure communication between $M_E$/$P_A$ and $M_S$.

Step 1: $M_E{}_i$/$P_A{}_i$ enter login credentials $M_{id}{}_i$/$P{A}_{id}{}_i$ along with $p_{wd}{}_i$ via the preferred $M_D$ to compute $H\left(p{s}_1\right)=H\left(H\left(p_{wd}{}_i\right)\parallel M_{id}{}_i/P{A}_{id}{}_i\right)\oplus T{P}_3$. Subsequently, $M_E{}_i$/$P_A{}_i$ find $PI{D}_i=H\left(M_{id}{}_i/P{A}_{id}{}_i\parallel H\left(p{s}_1\right)\right)$ from $H\left(p{s}_1\right)$ to verify whether $\left(H\left(p_{wd}{}_i\right)\parallel M_{id}{}_i/P{A}_{id}{}_i\right)\stackrel{?}{\iff }T{P}_4$ is stored in $M_D$. After successful verification, $M_E$/$P_A$ is determined to be legitimate and can successfully log in.

Then, $M_E{}_i$/$P_A{}_i$ generate another pseudo-random number, $p{s}_2$, to compute $E_1=E{C}_{T{P}_5}\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel S_{key}\right)$ and $E_2=H\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel T{P}_1\right)$. Lastly, computation parameters, such as $\left\{E_1,E_2,TI{D}_i\right\}$, are transmitted via $M_D$ to $A{G}_{Access}$.

Step 2: $A{G}_{Access}$ initially uses $T{P}_1=H\left(TI{D}_i\parallel x_1\parallel p{k}_{gw}\right)$ to obtain $\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel S_{key}\right)=D_{T{P}_5}\left(E_1\right)$ via functional decryption. Additionally, $A{G}_{Access}$ utilizes $D_B$ to obtain the pseudo-random identities $M_{id}{}_i/P{A}_{id}{}_i$ using $\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel S_{key}\right)$ to verify source values with $E_2$.

Additionally, $A{G}_{Access}$ generates another pseudo-random number, $p{s}_3$, to compute $M=H\left(p{s}_2\parallel M_{S_i}\right)$, $E_3=H\left(M\parallel M_{S_i}\right)\oplus \left(p{s}_2\parallel p{s}_3\parallel PI{D}_i\parallel S_{key}\right)$, and $E_4=H\left(M\parallel M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel PI{D}_i\right)$. Finally, $A{G}_{Access}$ transmits parameters $\left\{E_3,E_4\right\}$ to $M_S$.

Step 3: To check the legitimacy of $A{G}_{Access}$ and to obtain the $p{s}_2,p{s}_3,$ and $PI{D}_i$ values, $M_S$ computes $\left(p{s}_2\parallel p{s}_3\parallel PI{D}_i\right)=H\left(M\parallel M_{S_i}\right)\oplus E_3$. Furthermore, $M_S$ determines $\left(M\parallel M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel PI{D}_i\right)$ to verify values with $E_4$.

After successful verification, $M_S$ generates pseudo-random number $p{s}_4$ to find $SK=H\left(M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel p{s}_4\parallel S_{key}\right)$, which creates a random number $r_l$ to compute $WL=E{C}_{GW}\left(r_l\right)$, $E_5=H\left(M\parallel p{s}_3\parallel M_{S_i}\parallel r_l\right)\oplus p{s}_4$, and $E_6=H\left(M\parallel p{s}_3\parallel p{s}_4\parallel SK\right)$. In the end, $M_S$ sends system parameters $\left\{E_5,E_6,WL\right\}$ to $A{G}_{Access}$.

Step 4: $A{G}_{Access}$ finds $r_l=D{C}_{AG}\left(WL\right)$ to compute a pseudo-random number, $p{s}_4=E_5\oplus H\left(M\parallel p{s}_3\parallel M_{S_i}\parallel r_l\right)$. Accordingly, $A{G}_{Access}$ evaluates $SK=H\left(M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel p{s}_4\parallel S_{key}\right)$ to verify values with $E_6$.

Successful verification prompts $A{G}_{Access}$ to generate a temporary identity, $T_{ID}^{New}$, and to compute $T{P}_1^{New}=H\left(T_{ID}^{New}\parallel x_1\parallel p{k}_{gw}\right)$, $E_7=E{C}_{T{P}_5}\left(p{s}_4\parallel p{s}_3\parallel T{P}_1^{New}\parallel T_{ID}^{New}\parallel S_{key}\right)$, and $E_8=H\left(T{P}_1^{New}\parallel T_{ID}^{New}\parallel SK\parallel p{s}_3\parallel p{s}_4\parallel T{P}_1\right)$. Finally, $A{G}_{Access}$ transmits source parameters $\left\{E_7,E_8\right\}$ to $M_E{}_i$/$P_A{}_i$ via $M_D$.

Step 5: $M_E{}_i$/$P_A{}_i$ initially decrypts $E_7$ using $T{P}_5$ to find the target value $\left(p{s}_4\parallel p{s}_3\parallel T{P}_1^{New}\parallel T_{ID}^{New}\parallel S_{key}\right)$. By then, $M_E{}_i$/$P_A{}_i$ find $SK=H\left(M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel p{s}_4\parallel S_{key}\right)$ to verify whether the source value is similar to $H\left(T{P}_1^{New}\parallel T_{ID}^{New}\parallel SK\parallel p{s}_3\parallel p{s}_4\parallel T{P}_1\right)$. Eventually, $M_E{}_i$/$P_A{}_i$ change $T{P}_2$ to find a new source, $T{P}_2^{New}=H\left(p_{wd}{}_i\parallel PI{D}_i\right)\oplus T{P}_1^{New}$, and accordingly, update source parameters $\left\{T{P}_2,TI{D}_i\right\}$ with $\left\{T{P}_2^{New},TI{D}_i^{New}\right\}$.

Phase 5—Learning Framework: In this phase, the application service uses the statistical features of the patients to discover a user behavior model. The designed model uses a connection module to extract the statistical vectors including a timestamp that computes the authentication levels of the interactive devices in real time. To meet the desired goals, the proposed framework uses four basic components:

Device Communication monitors the computing data via a dedicated application to manage complex issues in heterogeneous environments. Moreover, dynamic systems learn machine intelligence to discover a data-driven decision to optimize the network functionalities.

Data Preparation transforms the storage data to make an accurate prediction model which can explore a few essential tasks to uncover the relevant attributes of the application services, i.e., $\left\{\left({\mathrm{ST}}_{\mathrm{ID}},{\mathrm{S}}_{\mathrm{key}}\right),\left({\mathrm{F}}_{\mathrm{ID}},{\mathrm{K}}_{\mathrm{P}}\right)\right\}.$ Data Storage creates and maintains the application database ${\mathrm{D}}_{\mathrm{B}}$ to verify the parameters $\left\{\left({\mathrm{ST}}_{\mathrm{ID}},{\mathrm{S}}_{\mathrm{key}}\right),\left({\mathrm{F}}_{\mathrm{ID}},{\mathrm{K}}_{\mathrm{P}}\right)\right\}$ to leverage system performance and manage the file systems in parallel with low delivery latency.

Seamless Authentication simplifies the signing process to explore the trials of the password authentication scheme in order to examine the identities, social relationships, and access privileges.

In the lightweight device, the modeling parameters are preserved to compute the gradients effectively. In addition the parameters of the healthcare systems compare learning algorithms with various layer attributes to characterize the significance of computing devices. The layer attributes explore adaptive re-training to enhance the features of the detection model and to automate the utilization of neural networks using deep learning-based blind feature extraction. It is also worth noting that the proposed model operates the channel estimation matrix $\mathscr{H}\left(N\times 256\right)$ using a convolution network to capture the essential properties of the computing layers. Specifically, the modeling system has no consistent values between the predicted values of the authentication models, and thus, the true predicted values are computed using the softmax loss function, i.e., $S_L=-\sum _{k=1}^N{Y}_k.\log S_k$, where $K$ defines the legitimate computing devices, $Y_k$ represents the class label initially set to $1$, and $S_k$ denotes the $k^{th}$ value of the desired vector $S$. Hence, the softmax function can be rewritten as:

$${\mathrm{S}}_{\mathrm{k}}=\frac{{\mathrm{e}}^{{\mathrm{a}}_{\mathrm{k}}}}{{\sum }_{\mathrm{j}}^{\mathrm{K}}{\mathrm{e}}^{\mathrm{aj}}}$$

(1)

where $a_k$ shows the predicted values of $k^{th}$ computing device which is the fully connected layer of the application system. The purpose of a knowledge-based system is to acquire the blind features which functionalize the neuron to learn the complex features iteratively. Each feature tries to operate the mapping function of two adjacent layers which is as follows:

$$\begin{array}{l}\mathrm{Input}\mathrm{Matrix}:I{M}^{Conv-Layer}\in R^{V\times W\times D}\\ \mathrm{Convolution}\mathrm{Filter}:C{F}^{Conv-Layer}\in R^{V^{\prime }\times W^{\prime }\times D\times D^{″}}\\ \mathrm{Output}\mathrm{Matrix}:O{M}^{Conv-Layer}\in R^{V^{″}\times W^{″}\times D^{″}}\end{array}$$

where $V$ [$V^{\prime }or$ $V^{″}$], $W$[$W^{\prime }or{W}^{″}$], and $D$[$D^{\prime }or{D}^{″}$] define the height, width, and depth of the convolution matrix. As a result, the output matrix can be expressed as:

$$O{M}_{i^{″}.j^{″}.d^{″}}^{Conv-Layer}=b{i}_{d^{″}}+{\sum }_{i^{\prime }=1}^{V^{\prime }}{\sum }_{j^{\prime }=1}^{W^{\prime }}{\sum }_{d=1}^D{F}_{i^{\prime }.j^{\text{'}}.d.d^{″}}^{Conv-Layer}\times H_{S_v\left(i^{″}-1\right)+i^{\prime }-P_{\overline{v}},S_{w\left(j^{″}-1\right)+j^{\prime }-P_{\overline{w},d}}}$$

(2)

where $b{i}_{d^{\prime \prime }}$ is the model bias, $\left(S_V,S_W\right)$ denotes the sampling vectors of the matrix, namely, vertical $\left(V\right)$ and horizontal $\left(W\right)$, and $\left(P_v^{-},P_v^{+},P_w^{-},P_w^{+}\right)$ represents the output padding values in the directions of $V$ and $W$. The mapping functions are expressed as follows:

$$V^{″}=\langle \frac{V-V^{\prime }+P_v^{-}+P_v^{+}}{S_V}\rangle +1$$

(3)

$$W^{″}=\langle \frac{W-W^{\prime }+P_w^{-}+P_w^{+}}{S_W}\rangle +1$$

(4)

In order to quantize the mapping function, the proposed neural network utilizes a $1-bit$ random quantization scheme. This scheme utilizes the probabilistic quantizer to guarantee better quantization which exploits a mapping function to identify the level of quantization, i.e., $q_l=\left[{\log }_2{S}_V{S}_W\right]$. Let ${\omega }_{i^{\prime }{j}^{\prime }}=S_V{S}_W\frac{w_{i^{\prime }{j}^{\prime }}}{{\parallel W\parallel }_F}$, where $\parallel .{\parallel }_F$ is the Frobenius norm of two independent solutions simplified by the Euclidean norm of the matrix. Hence, the quantized matrix $\widehat{W_{ij}}$ is defined as:

$$\widehat{W_{ij}}=sgn\left(w_{i^{\prime }{j}^{\prime }}\right)\langle (\lfloor {\omega }_{i^{\prime }{j}^{\prime }}\rfloor )+{\partial }_{i^{\prime }{j}^{\prime }}\rangle {\parallel W\parallel }_F$$

(5)

where ${\partial }_{i^{\prime }{j}^{\prime }}$ defines a random function to express the distribution as follows:

$${\partial }_{i^{\prime }{j}^{\prime }}=\begin{array}{c}1withprobability{\omega }_{i^{\prime }{j}^{\prime }}-\lfloor {\omega }_{i^{\prime }{j}^{\prime }}\rfloor \\ 0otherwise\end{array}$$

(6)

$sgn\left(x\right)$ is the function suited to quantizing the positive and negative values of the sampling vectors, i.e., $1-\mathrm{bit}$ level. The convolution layer directly feeds the output data of the pooling layer to minimize the computing attributes which considers $2\times 2\times 128$ to operate two convolutions and two pooling functions. This functional operation uses a fully connected layer as a target one which designs its own softmax loss to optimize the computation operation used in the proposed L2FAK while training the sensitive data, i.e., $S_L=-\sum _{k=1}^N{Y}_k.\log S_k$.

The proposed federated scheme uses three computing phases such as training, authentication, and re-training to learn the significance of blind features based on a convolution neural network. The classified attributes perform both forward and backward propagation to converge the computed value close to $0$ which determines the legitimacy of any computing device. Each device shares its relevant parameters to train the physical characteristics of a well-trained neural network and to determine the data values of the computing device as shown in Algorithm 1. The device prediction is defined as follows:

$$D_P=\frac{{\mathrm{e}}^{{\mathrm{a}}_{\mathrm{k}}}}{{\sum }_{\mathrm{j}}^{\mathrm{K}}{\mathrm{e}}^{\mathrm{aj}}}$$

(7)

Algorithm 1 Federated Learning Layered Authentication (FLLA) Classifier.

Input: Collecting System Attributes $\left\{{\mathrm{SA}}_1,{\mathrm{SA}}_2,\dots \right\}$ of ${\mathrm{i}}^{\mathrm{th}}$ Computing Devices

Executing the number of rounds and Epoch $\mathcal{T}\&\mathsf{\tau }$

Output: Authenticating the results of the Computing Devices, i.e., OM of the neurons weights ${\mathsf{\omega }}_{\mathrm{i}\text{′}\mathrm{j}\text{′}}$ ${\Delta }_{\mathrm{FL}-\mathrm{Q}}\left({\mathrm{SA}}_1,{\mathrm{SA}}_2,\dots ,{\mathrm{SA}}_{\mathrm{N}},\mathcal{T},\mathsf{\tau }\right)$ $\mathrm{Step}1:$ Initialize random computed values W with their corresponding weights $\mathrm{Step}2:$ Obtain the classifiers models including proposed and others using storage database D_B to verify the parameters $\left\{\left({\mathrm{ST}}_{\mathrm{ID}},{\mathrm{S}}_{\mathrm{key}}\right),\left({\mathrm{F}}_{\mathrm{ID}},{\mathrm{K}}_{\mathrm{P}}\right)\right\}$ $\mathrm{Step}3:$ For any new physical attributes Do $\mathrm{Step}3.1:$ Send a quantized global model to train the own local model on its relevant computa-tion data $\mathrm{Step}3.2:$ Obtain a quantized local trained model which applies weighted averaging to receive the quantized local model and to perform parameter quantization on ${\mathrm{S}}_{\mathrm{V}}{\mathrm{S}}_{\mathrm{W}}$ $\mathrm{Step}3.3:$ Compute a probability level of better optimization ${\mathrm{q}}_{\mathrm{l}}$ trained by the proposed FL via $~10$ $\mathrm{Step}4:$ If the computing device is classified as a legal or legitimate device then $\mathrm{Step}4.1:$ Allow device access via an appropriate data center $\mathrm{Step}4.2:$ Modify the bit level of the training database D_B to find its corresponding prediction values of $\left\{\left({\mathrm{ST}}_{\mathrm{ID}},{\mathrm{S}}_{\mathrm{key}}\right),\left({\mathrm{F}}_{\mathrm{ID}},{\mathrm{K}}_{\mathrm{P}}\right)\right\}$ $\mathrm{Step}5:$ Else $\mathrm{Step}5.1:$ Terminate the device connection $\mathrm{Step}6:$ End If $\mathrm{Step}7:$ End For

It is worth noting that the fully connected layer determines whether the incoming messages of the computing devices are legitimate or not to verify the performance of the proposed FL with other learning mechanisms.

5. System Evaluation

This section discusses the security properties of the proposed L2FAK with the support of informal, formal, computation, and learning analysis.

5.1. Informal Analysis

The analysis of security properties is as follows.

Mutual Authentication: To analyze mutual authenticity between $M_E{}_i$/$P_A{}_i$, the communicating parties share a common session key to authenticate each other. In the L2FAK scheme, $M_S$ authenticates $M_E{}_i$/$P_A{}_i$ using $SK=H\left(M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel p{s}_4\parallel S_{key}\right)$ via $M_D$. In the system login and authentication phase, $A{G}_{Access}$ authenticates $M_E{}_i$/$P_A{}_i$ using the calculations $T{P}_1=H\left(TI{D}_i\parallel x_1\parallel p{k}_{gw}\right)$ and $\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel S_{key}\right)=D_{T{P}_5}\left(E_1\right)$ to check whether $M_E{}_i$/$P_A{}_i$ meets the conditional expression $\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel S_{key}\right)$ to initiate data transmission. Though $A_{dv}$ tries to intercept the login requests of $M_E{}_i$/$P_A{}_i$, and attempts to falsify the activities of $A{G}_{Access}$, the attacker cannot find source parameters $\left\{p{s}_2,p{s}_3,PI{D}_i\right\}$ to calculate derivative factors such as $\left\{E_3,E_4\right\}$. Therefore, $A_{dv}$ cannot transmit a legitimate message to $A{G}_{Access}$. Hence, the proposed L2FAK adheres to mutual authentication of $M_E{}_i$/$P_A{}_i$.

Session-Key Agreement: In L2FAK, $M_E{}_i$/$P_A{}_i$ share a common secure session key via $A{G}_{Access}$. Upon launch of the login and authentication phase, $M_E{}_i$/$P_A{}_i$ can confidently exchange sensitive data by knowing the common session key. $P_A{}_i$ data gathered by $M_D$ are encrypted from the computation of $SK=H\left(M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel p{s}_4\parallel S_{key}\right)$. Then, a secure session key is determined in order to validate $WL=E{C}_{GW}\left(r_l\right)$ using $E_5=H\left(M\parallel p{s}_3\parallel M_{S_i}\parallel r_l\right)\oplus p{s}_4$, and $E_6=H\left(M\parallel p{s}_3\parallel p{s}_4\parallel SK\right)$. Because parameters $p{s}_2$, $p{s}_3$, $p{s}_4$, and $S_{key}$ change periodically during execution, different sets of secure $SK$ can be generated to provide more communication services. Hence, the proposed L2FAK provides session-key agreement between patient and medical expert.

Resilience against Privileged-Insider Attacks: The L2FAK scheme infrequently transmits communication parameters $\left\{H(.),p_{wd}{}_i,M_{id}{}_i,M_{S_i},p{s}_2,P{A}_{id}{}_i,S_{key}\right\}$ to authenticate server access as plaintext. In order to examine them further, $M_E{}_i$/$P_A{}_i$ use $H\left(H\left(p_{wd}{}_i\right)\parallel M_{id}{}_i/P{A}_{id}{}_i\right)\oplus T{P}_3.$ Thus, the authentic server cannot obtain users’ secret keys without knowing $T{P}_3=H\left(H\left(p_{w{d}_i}\right)\parallel M_{id}/P{A}_{id}\right)\oplus H\left(p{s}_1\right)$, $T{P}_4=H\left(p_{w{d}_i}\parallel p{s}_1\right)$, and $T{P}_5=H\left(T{P}_1\parallel S_{key}\parallel PI{D}_i\right)$. Moreover, the hashing function, $H\left(S_N\oplus I{D}_{gw}\right)$, is eventually verified using $\left(p{s}_2\parallel M_{S_i}\parallel PI{D}_i\parallel S_{key}\right)$ to control session access by $M_E{}_i$/$P_A{}_i$. So, an attacker cannot infer the valid session key of $M_E{}_i$/$P_A{}_i$ without the presumption of $\left\{E_5,E_6,WL\right\}$. Hence, the proposed L2FAK is resilient to privileged-insider attacks.

Resilience against Replay Attacks: Suppose $A_{dv}$ exploits old captured messages to authenticate servers, $\left\{E_1,E_2,TI{D}_i\right\}$, medical sensors, $\left\{P_{M_{S_i}},M_{S_i},PI{D}_i\right\}$, and users, $\left\{T{P}_2,T{P}_3,T{P}_4,TI{D}_i,S_{key}\right\}$. However, $A_{dv}$ cannot generate any authorized message transmission to validate pseudo-identity $PI{D}_i$ using $\left(H\left(p_{wd}{}_i\right)\parallel M_{id}{}_i/P{A}_{id}{}_i\right)$. Hence, the proposed L2FAK can resist the replay attack.

Resilience against User Masquerade Attacks: To forge login message $\left\{P_{M_{S_i}},M_{S_i},PI{D}_i\right\}$, suppose $A_{dv}$ tries an IoT-ECF system login with message modification $\left\{P_{M_{S_i}}{}^{*},M_{S_i}{}^{*},PI{D}_i{}^{New}\right\}$. The parameters $\left\{P_{M_{S_i}}{}^{*},M_{S_i}{}^{*},PI{D}_i{}^{New}\right\}$ cannot be tampered with or verified by $A{G}_{Access}$, and thus, the original data message $PI{D}_i=H\left(M_{id}{}_i/P{A}_{id}{}_i\parallel H\left(p{s}_1\right)\right)$ cannot be deduced via fake decryption parameter $\left\{M_{S_i}{}^{*}\right\}$. Hence, the proposed L2FAK can be irrepressible when facing a user masquerade attack.

Resilience against Gateway Masquerade Attacks: Since $A_{dv}$ is unaware of some parameters, such as $\left\{E_5,E_6,WL\right\}$ from the data exchange protocol, $A_{dv}$ cannot exploit a gateway masquerade attack against the proposed scheme. Hence, the proposed L2FAK can be irrepressible when facing gateway masquerade attacks.

Resilience against Offline Password Guessing: In most cases, the adversary tries to acquire system parameters over a public network. Assume he/she obtains the values of system parameters $\left\{T{P}_2,T{P}_3,T{P}_4,TI{D}_i,S_{key}\right\}$ from $S_D$. In addition, $M_E{}_i$/$P_A{}_i$ make an effort to find a new secret key, $S{K}^{New}$, to compute $E_8=H\left(T{P}_1^{New}\parallel T_{ID}^{New}\parallel SK\parallel p{s}_3\parallel p{s}_4\parallel T{P}_1\right)$. However, valid key $S{K}^{New}$ cannot be computed because it is irretrievable from the $M_D$ of $M_E{}_i$/$P_A{}_i$. Thus, the proposed L2FAK can be resilient to offline password-guessing attacks.

Resilience against User Forgery: To forge communications of any legal entities, $A_{dv}$ requires parameters such as $\left\{T{P}_2,T{P}_3,T{P}_4,TI{D}_i,S_{key}\right\}$. To obtain them with little effort, $A_{dv}$ tries to compute $T{P}_3$, $T{P}_4$, and $T{P}_5$ consisting of $PI{D}_i$, $TI{D}_i$, and $p_{wd}$. Since $S_{key}$ is irretrievable, $A_{dv}$ cannot infer or obtain a legal identity for $A{G}_{Access}$ in order to derive a valid message request to authorize the session. Thus, the proposed L2FAK is resilient against the user forgery attack.

Resilience against Gateway Forgery: Assume $A_{dv}$ generates $PI{D}_i$ using $H\left(M_{id}{}_i/P{A}_{id}{}_i\parallel H\left(p{s}_1\right)\right)$. As a result, $A_{dv}$ claims that a legal request may be successfully generated. However, the proposed L2FAK cannot permit anyone to generate a valid request without proper associations for $p{s}_2$, $M_{S_i}$, and $S_{key}$. Importantly, $S_{key}$ and $M_{Key}$ are very hard to derive because they are associated with high-level security features. Thus, the proposed L2FAK can be resilient against gateway forgery.

Resilience against Gateway User Tracking: As $A{G}_{Access}$ randomly generates private key $p{k}_{gw}$ to establish secure sessions, $M_E{}_i$/$P_A{}_i$ cannot be tracked by adversaries. In addition, $S_{key}$ is irretrievable; thus, a legal request cannot be generated to track user sessions.

Perfect Forward Secrecy: In most cases, $A_{dv}$ tries to obtain system parameters such as $P_{M_{S_i}}$ and $M_{S_i}$. Moreover, $A_{dv}$ may examine legal message requests such as $\left\{P_{M_{S_i}},M_{S_i},PI{D}_i\right\}$ and $\left\{T{P}_2,T{P}_3,T{P}_4,TI{D}_i,S_{key}\right\}$ to generate valid session key $SK$ using $H\left(M_{S_i}\parallel p{s}_2\parallel p{s}_3\parallel p{s}_4\parallel S_{key}\right)$. As a rule, $M_D$ generates a firm and secure $SK$ that assigns a random number, $ps$. As a result, it is certain that $A_{dv}$ cannot obtain legal values such as $M{P}_{M_{S_i}}$, $M_{S_i}$, and $PI{D}_i$ to discover a secure session. Hence, the proposed L2FAK ensures perfect forward secrecy.

Under the procedures of the L2FAK scheme, $M_E{}_i$/$P_A{}_i$ can mutually endorse one another to access sensitive IoT-ECF data. Eventually, $M_E{}_i$ can access patients’ private information via $A{G}_{Access}$. As a session key is securely shared among the communication entities, the L2FAK can achieve security, namely, the properties of mutual authenticity and session-key agreement, and be irrepressible in the face of user and gateway masquerades, and privileged-insider and replay attacks, improving security efficiency.

5.2. Formal Analysis Using Random Oracle Model

This section performs formal analysis during the login and authentication phase to show the security efficiency of the proposed L2FAK [83].

Theorem 1. 

The revoked user cannot learn the stored files of $M_E$/$P_A$  even if they are in collision with the cloud server. Moreover, the user is not capable to learn the content of data stored as the blocks after the successful revocation.

Proof. 

When any user quits communication with $M_S$ based on the proposed L2FAK, the parameters such as $p{s}_2,p{s}_3,$ and $p{s}_4$ are utilized to decrypt the data files. Moreover, it uses $r.p{s}_2+r.p{s}_3+r.p{s}_4=r.SK$ to perform the computation again. Observing the following instance, the revoked user can use the secret key $S_{key}$ to participate and learn the data contents c Subsequently, the revoked user colludes with $M_S$ to decrypt the data file using an authentic key. The key verification is as follows:

$$\begin{gathered} e{\left(\tau ps,\nu ps\right)}^{H\left({\mathcal{K}}_i\right).\left(P_{pa},M_{pa},PI{D}_{pa}\right)}=e\left(\tau ps,\nu H\left({\mathcal{K}}_i\right)\left(P_{pa}+M_{pa}+PI{D}_{pa}\right)ps\right) \\ =e{\left(\nu ps,H\left({\mathcal{K}}_i\right)P_{pa}ps\right)}^{\tau }.e{\left(\nu ps,H\left({\mathcal{K}}_i\right)M_{pa}ps\right)}^{\tau }.e{\left(\nu ps,H\left({\mathcal{K}}_i\right)PI{D}_{pa}ps\right)}^{\tau } \\ =p{s}_2{}^{\tau }.p{s}_3{}^{\tau }.p{s}_4{}^{\tau } \end{gathered}$$

(8)

However, the system parameters of the encrypted key imply $p{s}_2{}^{\tau }.p{s}_3{}^{\tau }.p{s}_4{}^{\tau }\ne rp{s}_2{}^{\tau }.rp{s}_3{}^{\tau }.rp{s}_4{}^{\tau }$ to ensure that the revoked user cannot perform any decryption process to update the source file. As a consequence, the proxy $M_S$ has the ability to control the access rights of the revoked users, whereby they cannot collude with $M_S$ to learn the actual data content. □

Theorem 2. 

The semi-trusted cloud server cannot differentiate its access operation to learn the interested data contents.

Proof. 

When any content of data has gained its access several times, the curious cloud server determines such data as more significant to monitor or likely to tamper with a forged secret key. Meantime, the curious cloud collaborates with the revoked users to learn the data contents and its accessing capabilities. Thus, the probability of accessing data should be identical to the data that appeared in the cloud server. The access operation includes real and $2^N$ pseudo-random requests to process the application services to the cloud server while the user applies an access control algorithm. In practice, real-time data is only known to the authentic user to gain system access. It is worth noting that the accessed data is uniformly distributed to the cloud server to maintain better data consistency. Though the algorithm known as lazy obfuscation is applied to access the data content, the relationship of the data including address sequences cannot be applied by the cloud server to discover its actual form. The user performs a specific access operation on the data content to view it as a new one of the cloud servers. Hence, it is claimed that the semi-trusted cloud server cannot differentiate its access operation to learn the interested data contents. □

Theorem 3. 

The accessed data pattern can be secure under the adversary act of $A{D}_{PPT}$.  Assume the proposed L2FAK can support a feature of data untraceability to enhance the privacy of data content. The adversary tries to access the proposed L2FAK over a wireless channel to initiate the session between $M_E$/$P_A$  and  $M_S$ to arbitrate the user  $U$  activities. Moreover, the adversary is known to determine a few computation parameters  $M=H\left(p{s}_2\parallel M_{S_i}\right)$  and  $P_{M_{S_i}}=H\left(M_{S_i}\parallel p{k}_{gw}\right)$  which executes two queries  $\left\{M^s,N^s\right\}$  and  $\left\{N^s,M^s\right\}$  to breach the secure communication of the proposed L2FAK.

$$A{D}_{PPT}\left(U\right)=\left|2P_r\right|C_{\eta }^{*}+\left|C_{\eta }^{{*}^{\prime }}-1\right|$$

(9)

where $C_{\eta }^{*}$ is a coin flicked by the adversary, and $C_{\eta }^{{*}^{\prime }}$ is the outcome of the flicked coin. For the execution of hash queries, the advantage with adversary act $U$ is as follows:

$$A{D}_{PPT}\left(U\right)=\left|P_r\left(S_2\right)-P_r\left(S_1\right)\right|+q^{\left(H^2/2^{th}\right)\left(S+1\right)}+q^{\left(\left(H+1\right)2/2^{th}\right)\left(S+1\right)}+q^{\left(H^2/2^{th}\right)\left(S\right)}$$

(10)

where $q^{\left(H^2/2^{th}\right)\left(S+1\right)}+q^{\left(\left(H+1\right)2/2^{th}\right)\left(S+1\right)}+q^{\left(H^2/2^{th}\right)\left(S\right)}$ defines the collision of the hash code function with each user in the oracle model. Using Equation (8), we obtain:

$$\left|P_r\left(S_3\right)-P_r\left(S_2\right)\right|\le [2q_U+\frac{{2q}_{M_E/P_A}}{{2q}_{M_S}}]$$

(11)

The advantage with adversary act $U$ tries to obtain the shared session key $SK$:

$$\left|P_r\left(S_1\right)-P_r\left(S_2\right)\right|\le q_{M_E/P_A}.A{D}_{PPT}\left(U\right)$$

(12)

In case of accessing the storage space $M_D$, the probability with adversary $U$ is as follows:

$$\left|P_r\left(S_3\right)\right|=\frac{1}{2}max\left(\frac{q_U}{2},\frac{q_{M_E/P_A}}{D}\right)$$

(13)

Using Equations (9)–(11), we obtain:

$$\begin{array}{ll}A{D}_{PPT}\left(U\right)& =P_r\left(S_1\right)-1\\ & =2\left|P_r\left(S_0\right)-P_r\left(S_4\right)\right|+max\left(\frac{q_U}{2},\frac{q_{M_E/P_A}}{D}\right)\\ & \le 2\left|P_r\left(S_0\right)-P_r\left(S_4\right)\right|+max\left(\frac{q_U}{2},\frac{q_{M_E/P_A}}{D}\right)\\ & =2\left|P_r\left(S_1\right)-P_r\left(S_2\right)+P_r\left(S_3\right)-P_r\left(S_4\right)\right|+max\left(\frac{q_U}{2},\frac{q_{M_E/P_A}}{D}\right)\\ & \le \left(\frac{q_U{}^2+q_{M_E/P_A}{}^2+q_{M_S}{}^2}{2^q}+\frac{{\left(q_U+q_{M_E/P_A}\right)}^2}{2\left(q-1\right)}+2q_{M_E/P_A}.A{D}_{PPT}\left(U_{M_E/P_A}\right)+2.\left[\frac{q_U}{2^q},\frac{q_{M_E/P_A}}{\left|D\right|}\right]\right)\end{array}$$

(14)

5.3. Computation Analysis

In this subsection, the performance of the proposed L2FAK is evaluated along with other existing schemes [42,44,49,50,51,53]. In computation analysis, the system login and authentication phases were considered to examine the security features of the proposed L2FAK and the other schemes [42,44,49,50,51,53]. The authentication schemes employ the OpenSSL library between two computer terminals for analysis of computation costs. The user-side terminal had a Core i3-1035G1 CPU with 8GB RAM and a clock speed of 3.6 GHz, whereas the server-side terminal had a Core i5-1035G1 CPU with 16GB RAM and a 2.3 GHz clock speed to construct the simulation environment. The user and server were connected over H3C S1024R to ensure that the connected device had a $100\mathrm{Mbps}$ bandwidth to perform the simulation more than 100 times. From the NIST [Anon] recommendation [26], $P-192$ is preferred as the standard elliptic curve.

To regulate the message digest, $SHA-256$ cryptographic hashing was utilized.

Table 3. Execution Times of Cryptographic Operations.

Operator	Execution Times $\langle ms\rangle$
	User	Server
$T_{HD}$	0.16073	0.208057
$T_{SY}$	0.013125	0.004343
$T_{EED}$	0.095417	0.011054
$T_{MU}$	79.256041	6.132746
$T_{EOR}$	27.987396	2.493921
$T_{AD}$	0.011667	0.004737

shows the execution times of the cryptographic operations. Since L2FAK has a low computation overhead of $15.343\mathrm{ms}$, the phase execution time of the proposed L2FAK can be further reduced to achieve better computation efficiency compared to the other authentication schemes [42,44,49,50,51,53], as shown in

Table 4. Assessment of Computational Efficiency.

Scheme	Registration		Login and Authentication			Execution Time $\langle ms\rangle$
	$M_E$	$A{G}_{Access}$	$M_E$	$A{G}_{Access}$	$M_S$
Proposed L2FAK	$7T_{HA}+1T_{EED}$	$1T_{HA}$	$7T_{HA}+1T_{EED}$	$8T_{HA}+2T_{EOR}+1T_{EED}$	$4T_{HA}+2T_{EOR}+1T_{EED}$	15.343
Yang et al. [44]	$4T_{HA}+3T_{EOR}$		$8T_{HA}+6T_{MU}+3T_{AD}$			123.080
Deebak et al. [49]	$2T_{MU}+4T_{XOR}+2T_{AD}$		$5T_{HA}+4T_{EOR}+4T_{SY}$			281.518
Abdussami et al. [50]	$5T_{HA}+2T_{EOR}$		$15T_{HA}+5T_{EOR}+1T_{EED}$			72.380
Kim et al. [51]	$6T_{HA}+4T_{EOR}$		$13T_{HA}+18T_{EOR}$			160.509
Chen et al. [53]	$5T_{HA}+1T_{EOR}+1T_{EED}$		$27T_{HA}+14T_{EOR}+2T_{EED}$			69.441
Li et al. [42]	$19T_{HA}+11T_{EOR}$		$19T_{HA}+11T_{EOR}$			342.302

$T_{HA}$ represents the one-way hashing function; $T_{SY}$ represents the symmetric cryptosystem function; $T_{EED}$ represents the elliptic-curve encryption/decryption operation; $T_{MU}$ represents one-point multiplication over ECC; $T_{EOR}$ represents the Exclusive-OR operation; and $T_{AD}$ represents one-point addition over ECC.

.

5.4. Learning Analysis

In learning analysis, datasets such as MNITS and FashionMNIST [84] are adopted to evaluate the proposed FLLA and other relevant layered mechanisms [17,18]. The evaluation mechanisms utilize a dedicated message-passing interface (MPI) to maintain optimal load factors in a distributed environment [85]. The environment uses Python to implement the source codes and prefers a high-performance computing package, i.e., mpi4py to access the computing platform. This platform is compatible with 12th Gen Intel Core i7, 16GB RAM, 14 cores, and a clock rate of 4.7 GHz. The compatible system uses MPI specification to build the source codes of the proposed FLLA and other relevant layered mechanisms [17,18], in order to provide a separate object interface. The object interfaces exploit a few significant key features of the configured prototype to facilitate the computation process. This prototype has one central server $C_S$, four computing service $c{p}_s$, and one coded data service $D_s$ to test the behavior of targeted and untargeted attacks.

Table 5. Detailed Description of Datasets.

Parameters	MNIST	FashionMNIST
Domain Name	Handwritten Numbers	Clothing
Training Data	60,000	60,000
Testing data	10,000	10,000
Classes	10	10
Clients	3	3
Data Type	Images	Images

shows the detailed descriptions of the datasets. In MNIST, the data are relevant to handwritten numbers of $250$ different people, where $50\%$ are high-school students, and another $50\%$ are Census Bureau.

Moreover, this dataset has a similar portion of digital data to test its relevance and is composed of $60,000$ training and $10,000$ testing images to verify the performance of the proposed FLLA along with other mechanisms [17,18] in terms of accuracy and testing rate. In case of no special instructions, this analysis chooses $200$ as primary data to meet the constraint of data distribution represented as $P{D}_0$. The FashionMNIST uses a similar size as MNIST to categorize its selective images of clothing. To realize the scenario of the proposed FLLA along with other mechanisms [17,18] in practice, this experiment uses poisoning attacks. This attack considers the activities of a malicious client to define the roles of targeted and untargeted attacks. The former attack arbitrarily performs its changes to operate the global model, whereas the latter exploits label-flipping to control the behavior of the malicious client, i.e., from $l$ to $\left(N-l-1\right)$, where $l\in \left\{0,1,\dots ,N-1\right\}$ and $N$ represents the total number of labeling data.

Evaluation Metrics: The metrics such as test accuracy and error rate are used as an indicator of the evaluation model to train the datasets. The object of the proposed FLLA is to enhance the inference rate or detection accuracy of the global model. In data analysis, federated learning chooses a prominent model, the so-called FEDSGD, as a baseline which has the existence of different malicious clients to examine the results of the proposed FLLA along with other mechanisms [17,18].

Learning Settings: The evaluation considers cross-silo settings and defines the number of computing cores $n_c=10$ to exercise the clients during the training process. The selected model uses a three-layered neural network to load two different datasets on the interface of Keras with a backend platform of TensorFlow.

Table 6. Detailed Description of Datasets.

Layered Type	Output Shape	Set Values
Flatten [flatten]	786	0
Dense [dense]	128	100,780
Dense [dense_1]	10	1310

enlists the modeling parameters of two different datasets including MNIST and FashionMNIST to allocate the data inputs to the object interface. Each interface handles $6000$ data sources which have a distribution of malicious clients ranging from $20\%$ to $40\%$ to perform a few critical scenarios [86]. The batch size $b_s$ and loss function $l_f$ are set to $128$ and $50$ rounds, respectively, to observe the results of the proposed FLLA along with other mechanisms [17,18]. Note. The epoch $e$ is set to $50$ to train the learning models in order to obtain the optimal solution for every iteration.

Experimental Results: The results show the effectiveness of the proposed FLLA along with other mechanisms [17,18] in contact with poisoning attacks. The classified outputs prove that the proposed FLLA achieves better robustness, accuracy, reliability, and privacy than other mechanisms [17,18].

Table 7. Test Error Rate of the Proposed and other Existing Mechanisms versus Distribution of Malicious Clients in the Global Model [Targeted and Untargeted Attack] on MNIST and FashionMNIST.

Dataset	Learning Mechanisms	Distribution of Malicious Clients in the Global Model
		$20\%$	$30\%$	$40\%$
MNIST	Proposed FLLA (Untargeted)	0.04	0.05	0.05
	PBFL (Untargeted)	0.05	0.06	0.06
	CFL-ALDP (Untargeted)	0.06	0.06	0.21
	Proposed FLLA (Targeted)	0.05	0.05	0.05
	PBFL (Targeted)	0.06	0.08	0.18
	CFL-ALDP (Targeted)	0.07	0.09	0.13
FashionMNIST	Proposed FLLA (Untargeted)	0.15	0.18	0.19
	PBFL (Untargeted)	0.17	0.19	0.21
	CFL-ALDP (Untargeted)	0.21	0.23	0.27
	Proposed FLLA (Targeted)	0.14	0.15	0.15
	PBFL (Targeted)	0.15	0.15	0.19
	CFL-ALDP (Targeted)	0.19	0.19	0.23

shows the test error rate of the proposed and other existing mechanisms versus the distribution of malicious clients in the global model [targeted and untargeted attack] on MNIST and FashionMNIST. The training process involves $50$ iterations on the given dataset MNST and Fashion MNIST to signify the importance of the security features. Precisely, in the existence of malicious clients, the proposed FLLA retains the constant accuracy rate as its own baseline to resist various types of targeted and untargeted attacks. Figure 4 and Figure 5 show test accuracy versus Epoch $(\#)$ on MNIST and FashionMNIST. The proposed FLLA and other existing mechanisms [17,18] acquire the layered features to observe the transition states of the distribution matrix and to identify any abnormal condition determining any anomaly degree of the data points. The system cores executed via a message-passing interface rely on layered features to analyze the abnormal behavior of any computing device as shown in Table 7.

While the features such as the proposed FLLA and other existing mechanisms [17,18] were applied to the behavior of the computing devices, we observed that the proposed FLLA maintain a better consistent rate of accuracy than the other mechanisms [17,18]. A few hyperparameters such as learning rate $\alpha =0.001$ and influence factor $\gamma =0.1$ were applied to change the computing models which choose its probabilistic quantizer to guarantee better quantization. Moreover, adaptive learning may momentarily accelerate the training process to Investigate the modeling performance of the layered features. In order to examine in real time, the training process was repeatedly iterated $\approx 50times$. From Figure 4 and Figure 5, it is more evident that the proposed FLLA obtains a more reliable authentication procedure in extracting the system attributes of the physical layer than other learning mechanisms [17,18], whereby the behavior of the FLLA system can fully be characterized to secure the authentication process. Importantly, key-based cryptosystems demand more computation time to establish a secure connection, whereas the physical layer security depends on the quantification of the system attributes to enable device authentication and adaptive training to fulfill the objectives of model-based authentication.

6. Performance Analysis

This section describes a real-time testbed that verifies the transmission efficiency of the proposed L2FAK compared with other schemes [42,44,49,50,51,53]. To realize the efficiency factor, the testbed chosen used resource-constrained devices with a low code overhead, as shown in

Table 8. Hardware Configuration Details.

Host Terminal [Raspberry Pi 3 Model B]	Wireless LAN–802.11 b/g/n
	Processor–1.2 GHz Quad-Core ARM
	Memory–1 GB LP-DDR2
Arduino Mega 2560	ATmega2560; SRAM–8 KB; Flash Memory–256 KB
Operating System	Ubuntu MATE 18.04.2
Number of user identities	$\approx 700$

. Components such as the Raspberry Pi-3 Model B and Arduino Mega 2560 were deployed for authentic gateway access and edge computing devices, respectively [87]. Note that the Arduino was equipped with ATmega2560 with 8KB of SRAM and 256KB of flash memory to process data transmissions from about $700$ identities. Importantly, the uninitialized power-up state, i.e., on-chip SRAM, was utilized to generate a unique device key, and the user registration phase was executed to gain system access. The registration and authentication phases of the proposed L2FAK and other existing schemes [42,44,49,50,51,53] were implemented on Python 3.5, which generated the user identities to process the data flow on the Ubuntu platform.

In addition, dedicated firmware was written in C to read uninitialized memory between the heap and the stack when extracting SRAM data to establish communication with the host terminal. To measure the transmission ratio, real-time analysis was conducted that varied packet sizes of about $256bits$. The execution of firmware steps is as follows.

$\mathrm{Step}1:$ Load the firmware to read the available memory space that contains only the subroutine for SRAM data.

$\mathrm{Step}2:$ Combine authentication and application subroutines to shift and store the generated ID in the microcontroller.

$\mathrm{Step}3:$ Load the function $D\left[I{D}_{start}\right]$ to $D\left[I{D}_{start}+\langle e-1\rangle \right]$ that returns the locations of the stable bits. However, the location of the stable bits may vary due to availability in the hardware.

$\mathrm{Step}4:$ Match the data pointers (stack and heap) to return the retrieval rate of data transmission (DT).

$\mathrm{Step}5:$ Extract the user identities to compute the session key, storing the value in the microcontroller to authenticate device access.

6.1. Data Transmission Ratio

To test the data flow process, the DT ratio considers the number of user identities. It is randomly generated upon successful execution of power-up states that analyze the retrieval rate of data transmission. In Figure 6, we observe that the proposed L2FAK has a better power-up state to achieve maximum authentication access (i.e., $0.8545$) than the other schemes [42,44,49,50,51,53]. Due to the increasing number of users, the collision probability may appear high. From the analysis, the transmission delay soars when the number of packet transmissions increases in proportion to the number of user identities. However, the proposed L2FAK keeps the delay within the restriction limit to improve transmission efficiency between the authentic gateway and the edge devices compared to the other schemes [42,44,49,50,51,53].

6.2. Overhead Analysis Ratio

Overhead analysis (OA) included the system authentication phase of the proposed L2FAK and the other schemes [42,44,49,50,51,53] to examine the core features of $A{G}_{Access}$ and edge computing device $M_E$. Flow connectivity is as follows:

$\mathrm{Step}1:$ The authentication phase prefers a dedicated $A{G}_{Access}$ to generate valid tokens, e.g., for $M_E$. The real-time entities, including $A{G}_{Access}$ and $M_E$, use a reliable authentic token to process authentication requests that integrate a legal message request, $\left\{H(.),C,N_i,S_{key}\right\}$, to generate valid session key $SK$.

$\mathrm{Step}2:$ $M_E$ applies $\left\{N_i,S_{key}\right\}$ to retrieve and convert the computational parameters using the $SHA-2$ algorithm. It can execute the extraction subroutines of user identities to construct a $256-bit$ stable identity using the addressed slots from SRAM. Computation parameters such as $M_{id}$ and $SHA-2\langle N_i\rangle$ are processed to generate a valid $\langle X-OR\rangle$ value for $S_{key}$.

$\mathrm{Step}3:$ $A{G}_{Access}$ processes the generated $M_{id}$ retrieved from $M_E\langle N_i\rangle$ to decrypt the authentication request, i.e., $M_{id}^{\text{'}}=SHA-2\langle N_i\rangle \oplus S_{key}$. The generated identity then compares the values with a stored identity to process the authentication request.

As to analyzing overhead costs, key parameters such as key size and timing frame are preferred. The overall function has an overhead ratio of $3.65\%$ in processing the system authentication phase. The overhead cost includes the hash algorithm and string processing to compute the memory requirements that use the symmetric key to store $256-bit$ values. Device security plays a crucial role in achieving the security level of the IoT architecture; thus, a proper configuration setup is made to examine the core features of low-cost application systems.

Figure 7 shows the overhead ratio versus the number of user identities. It is worth noting that the performance of IoT devices considers the generated identities to authorize the legal authentication requests of $M_E$ at regular intervals. The system analysis included the generation of about 700 IoT devices in order to analyze the RAM power-up states among different computing devices. The examination reveals that the proposed L2FAK incurs lower overhead costs, $\approx 89.45\%$, to determine genuine legal authentication requests, i.e., the identities of IoT devices, than the other schemes [42,44,49,50,51,53].

7. Conclusions

In this paper, the L2FAK protocol has been presented using a mobile sink in the IoT-ECF paradigm for smart eHealth systems. Two factors are strategically exploited through an authentic-ware system to mitigate computation costs. Computation analysis proves that the proposed L2FAK incurs lower operational costs to enhance the performance of a real-time system. The proposed L2FAK includes a lightweight operation to improve the computational efficiencies from system authentication and key agreement phases. Using informal and formal analysis, the security efficiency of the proposed L2FAK proved it strengthens the security level of the authentication phase. Moreover, the performance analysis shows that the L2FAK achieves better transmission efficiency and a better overhead ratio than other schemes [23,24,44,47,48]. In addition, applied layered authentication using federated learning, i.e., FLLA, utilizes the most appropriate system attributes of the proposed L2FAK to ensure device privacy and improve authentication accuracy in healthcare applications. The experiments are established using TensorFlow Federated to examine the proposed FLLA and other relevant mechanisms on two different datasets including MNIST and FashionMNIST. The analytical results show that the proposed FLLA preserves the privacy features of authentication schemes exceedingly better than other mechanisms used to promise accuracy on standard datasets.

In the future, we will use reliable resource-constrained IoT devices, such as gateway devices and an advanced Raspberry Pi, to implement and evaluate several instances of a cloud server. In addition, we prefer to incorporate lightweight operators to analyze different traffic patterns, which may evolve into several test cases to examine the core features of fog instances and cloud servers to enhance system efficiencies, including computation, communication, and storage.