Abstract: This study evaluates a four-factor authentication protocol designed for IoT healthcare systems, identifying several key vulnerabilities that could compromise its security. The analysis highlights risks associated with node cloning, insider threats, biometric data security, session management, and scalability. To address these vulnerabilities, the study proposes a series of enhancements, including the implementation of Physical Unclonable Functions (PUFs) to prevent node cloning and the use of advanced encryption techniques, such as homomorphic encryption, to protect biometric data. Additionally, the adoption of role-based access control (RBAC) and attribute-based access control (ABAC) systems can mitigate insider threats by limiting user permissions. Optimizing session management through strict expiration and key rotation policies can maintain session integrity, while lightweight cryptographic algorithms and adaptive power management techniques enhance scalability and resource utilization. Future research directions include exploring quantum-resistant cryptographic algorithms and developing adaptive security policies leveraging artificial intelligence. These efforts are essential for maintaining the protocol's resilience against evolving threats and ensuring the secure operation of IoT-based healthcare systems.

Haewon Byeon. “An In-Depth Analysis of Security Flaws in Advanced Authentication Protocols for the Internet of Medical Things”. International Journal of Advanced Computer Science and Applications (IJACSA) 16.7 (2025). http://dx.doi.org/10.14569/IJACSA.2025.0160743

@article{Byeon2025,
title = {An In-Depth Analysis of Security Flaws in Advanced Authentication Protocols for the Internet of Medical Things},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160743},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160743},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {7},
author = {Haewon Byeon}
}