Mutual Authentication Scheme for the Device-to-Server Communication in the Internet of Medical Things

Jiangfeng Sun, Fazlullah Khan, Junxia Li, Mohammad Dahman Alshehri, Ryan Alturki, Mohammad Wedyan

Research output: Journal PublicationArticlepeer-review

20 Citations (Scopus)


Internet of Medical Things (IoMT) is an application-specific extension of the generalized Internet of Things (IoT) to ensure reliable communication among devices Ci, designed for the medical industry. However, a challenging issue associated with these networks, i.e., IoMT and IoT, is to ensure the authenticity of both source and destination modules and further guarantee the integrity of the multimodal data in the emergencies such as the COVID-19 pandemic. Various mechanisms for device authentication have been presented in the literature to resolve both devices and data's authenticity, integrity, and privacy. Still, authentication of mobile device-to-server (in both homogeneous and heterogeneous IoMT) is not explicitly addressed for the black-hole attack. In this article, a device-to-server and vice versa mutual authentication scheme are presented to ensure secure communication sessions among numerous mobile devices Ci and server Sj in the operational IoMT. The proposed scheme is a hybrid of medium access control (MAC) and enhanced on-demand vector (EAODV)-enabled routing schemes. In the proposed scheme, an offline phase is introduced to complete the registration process of member devices with the concerned server module. It blocks every possible entry of the potential intruder devices Ak in the operational IoMT. A mobile device Ci interested in initiating a communication session with a particular server Sj is needed to pass the mutual authentication process. As a result, only registered devices Ci are allowed to communicate. Additionally, a reliable encryption and decryption scheme is used to ensure data reliability during these communication sessions. Simulation results verify the exceptional performance of the proposed mutual authentication scheme in terms of authenticity, security, and integrity of both devices and data in the operational IoMT.

Original languageEnglish
Pages (from-to)15663-15671
Number of pages9
JournalIEEE Internet of Things Journal
Issue number21
Publication statusPublished - 1 Nov 2021
Externally publishedYes


  • Authentication
  • COVID-19
  • Internet of Medical Things (IoMT)
  • Internet of Things (IoT)
  • privacy
  • security

ASJC Scopus subject areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications


Dive into the research topics of 'Mutual Authentication Scheme for the Device-to-Server Communication in the Internet of Medical Things'. Together they form a unique fingerprint.

Cite this