Research On Cross-domain Authentication And Access Control Technology For Medical Wearable Devices Based On Blockchain

The rapid growth of the Internet of Things(IoT)has facilitated the widespread use of mobile medical devices,which monitor patients’ physical conditions in real time.The health-related data collected is highly sensitive and needs to be carefully protected during access and transmission for specialized analysis.Therefore,mutual authentication and secure communication between devices is particularly important.When patients visit different hospitals,secure sharing of patient’s healthcare records between doctors is required,and repeated authentication of mobile medical devices requires a lot of valuable time to be wasted.Most traditional IoT authentication schemes are centralized,choosing a third-party certificate authority to authenticate all devices,which is prone to single point of failure,centralized communication traffic,and vulnerable to Do S attacks.In the cross-domain authentication scenario,there is also the problem of certificate mutual trust difficulties.Frequent authentication of devices also consumes more time and network traffic due to the flexibility of removable medical devices.In addition,it is difficult to establish a unified centralized certification authority among healthcare organizations to authenticate all devices.In this paper,we propose a blockchain-based authentication and access control scheme for IoT devices among healthcare organizations.All IoT devices are securely authenticated on the blockchain based on their own public and private keys.When a patient visits a hospital,the hospital administrator registers the device as a trusted device,and the trusted devices can share data securely with each other.When a patient migrates to another hospital,the devices can still communicate securely if the hospital is trusted with each other.Removable devices authenticate themselves through blockchain addresses to prevent counterfeiting of malicious devices.Access control is achieved through crossdomain authentication contracts to form trust lists between healthcare institutions,and mutually trusted institutions can send transaction data securely.Cross-domain access control mechanism for blockchain-based mobile wearable devices is realized through access control contracts.By deploying smart contracts such as device registration contract,access token contract,and supervision contract,access control of device resources is realized to prevent excessive resource access of unauthorized devices.The three smart contracts work together to achieve cross-domain access control of devices.A secure,controlled and trusted authentication and access control scheme is formed among hospitals.