A Features-Based Privacy Preserving Assessment Model for Authentication of Internet of Medical Things (IoMT) Devices in Healthcare

Abstract

Internet of Things (IoT) devices have drawn significant attention over the last few years due to their significant contribution to every domain of life, but the major application of these devices has been witnessed in the healthcare sector. IoT devices have changed the complexion of healthcare set-up, however, the major limitation of such devices is susceptibility to many cyberattacks due to the use of embedded operating systems, the nature of communication, insufficient software updates, and the nature of backend resources. Similarly, they transfer a huge amount of sensitive data via sensors and actuators. Therefore, the security of Internet of Health Things (IoHT) devices remains a prime concern as these devices are prone to various cyberattacks, which can lead to compromising and violating the security of IoT devices. Therefore, IoT devices need to be authenticated before they join the network or communicate within a network, and the applied method of authentication must be robust and reliable. This authentication method has to be evaluated before being implemented for the authentication of IoT devices/equipment in a healthcare environment. In this study, an evaluation framework is introduced to provide a reliable and secure authentication mechanism based on authentication features. The proposed framework evaluates and selects the most appropriate authentication scheme/method based on evaluating authentication features using a hybrid multicriteria decision-making approach. It completes this in two steps: in the first step, the analytic hierarchy process (AHP) method is applied for assigning criteria weights; and in the second step, the technique for order preference by similarity to ideal solution (TOPSIS) approach selects the best authentication solution for IoHT devices based upon identified authentication features. This is the first attempt to present a features-based authentication model for selecting the improved authentication solution employed in IoHT devices.

1. Introduction

The terms IoHT and IoMT are often used interchangeably, these concepts describe a collection of medical devices connected with each other through a network to provide access to healthcare personnel and data related to patients. IoT has provided significant changes not only in the healthcare sector, but the number of IoT sensors, devices, and equipment is exponentially increasing due to their suitability and adaptability in other domains. It is predicted that this number will be between 50 and 100 billion by 2020 [1]. However, IoT devices have brought many challenges related to security in different fields, but these challenges become noteworthy in the healthcare area, where sensitive data is collected and processed by IoT sensors and equipment. Security and privacy concerns may arise as these devices are attributed to constrained resources and low processing abilities [2]. These features make them susceptible to many cyberattacks, such as spoofing, denial of service (DoS), man-in-middle, replay attacks, eavesdropping, phishing, privacy breaches, etc. [3,4]. There are security challenges that IoT devices need to address since they can operate in an ad-hoc network [5,6,7], wireless network [8,9,10], and the Internet of Things in a healthcare setting [11,12], where sensitive data is transmitted and collected by a terminal node [13]. Keeping the privacy and security of IoT devices in mind, strong authentication schemes are indispensable for dealing with emerging security problems. Authentication is a mechanism for verifying the identity of an entity against the stored credential in a database or authentication server [14]. The authentication schemes in the IoT are always the main security concern due to the machine-to-machine interactions and number of devices [15]. Authentication provides preventive measures against certain types of attacks and confirms the validity of messages [16]. The authentication of IoHT devices has to be performed efficiently by considering factors such as power consumption, processing abilities, and storage options [17]. The authentication mechanism employed for the IoT is implemented based on different factors, such as biometrics, mobile devices, smart cards, fingerprints, and passwords [18]. These factors are the most important considerations before deploying an authentication model for IoT devices in a healthcare setting.

In the last decade, many authentication schemes have been presented to overcome the security issues in the healthcare domain. Consequently, it has become a challenging job to compare the existing authentication methods based on their security performance. Similarly, the vast number of vendors, the complexity of authentication methods, and the number and type of features supported by the authentication methods are also a major concern for healthcare professionals and network engineers. Furthermore, in a healthcare environment, technical personnel fail to evaluate and test the existing authentication solutions against a proper benchmark. Therefore, a features-based evaluation framework is introduced to evaluate the authentication schemes against the proposed criteria that consist of the most important features related to authentication. The features related to authentication are selected based on the extensive literature study, and the most essential features are taken into account. A case study is conducted with an expert panel to design a benchmark/criterion that can be applied as an evaluation benchmark for authentication schemes. A full-pledged criterion is built with input from the expert group in the field of network security. After finalizing the criteria, AHP and TOPSIS multi-criteria decision-making (MCDM) methods have been applied to assess and rank the authentication methods/algorithms against the criteria’s features.

1.1. Contribution

The following are the points of contribution to this research work.

• According to our literature study, it has been observed that various assessment methodologies have been proposed to address the security aspects of healthcare systems, but we did not find any significant study that focuses on evaluating the authentication aspects of security. Although, existing evaluation models in the healthcare area targeted security evaluation of electronic medical records (EMR) and electronic health records (HER).
• This is the first attempt to solve authentication issues with IoT devices in the healthcare sector by presenting an assessment framework for authentication using a hybrid MCDM approach. The supposed framework leverages the most advanced evaluation techniques, such as AHP and TOPSIS, for decision-making and installing authentication methods in the healthcare area.
• Similarly, it has also been noticed that the existing criteria are designed without significant literature study and feature analysis. The existing evaluation models or frameworks do not focus on sufficient features related to authentication. The authentication features are identified and collected from authentic sources of literature. A detailed and in-depth search has been carried out to select and scrutinize all papers for the identification of features. Therefore, a research gap exists and is addressed by this proposed work, which provides a robust and efficient solution to the selection problem of the best authentication scheme employed in IoHT devices.
• A survey-based case study is conducted to check the robustness and validity of features with an expert panel. A systematic and well-organized methodology is followed in the overall evaluation of the proposed framework. The proposed model is tested by experts, and it is recommended for the evaluation of authentication in the healthcare area.

1.2. Motivation

The main motivations to pursue this research are mentioned below.

• The security of IoHT devices has been a hot research topic in the last few years. Therefore, a lot of evaluation models have been presented to cope with the security concerns in the healthcare area, however, the authentication of IoT devices is found to be missing in the literature.
• IoHT devices in the healthcare sector are susceptible to more security attacks, so it is more important to check their authenticity before making them part of the healthcare network infrastructure. Access control and identity management are imperatives, as any intruder will compromise the security of the entire network. An assessment framework is required to check the degree of authenticity of IoMT devices.
• A lot of authentication models have been proposed over the last few years with varying features. It is not possible to directly compare these authentication mechanisms with each other. There is a need for an evaluation model where the existing authentication schemes can be assessed and improved in terms of features due to the type of data managed by the healthcare sector.

This paper is split into four (4) sections. Section 2 discusses related work, Section 3 discusses the overall procedure of the proposed methodology and Section 4 discusses the conclusion of this research study.

2. Related Work

Security assessment of IoT devices and sensors deployed in healthcare has been the most intriguing area of research in the last few years. In this respect, different evaluation models have been proposed to deal with security concerns and challenges. These models adopted different evaluation approaches for evaluating the security of IoHT devices, but the authentication aspect is never addressed in the existing literature. The complete list of related works for the proposed work is given below as:

Haghparast et al. [19]’s evaluation model adopted a fuzzy analytic network process (ANP) for security evaluation in the healthcare area. This work addresses the layer-based security of IoHT devices. Al-Zahrani et al. [20] conducted a unified approach by leveraging ANP and TOPSIS with the support of fuzzy logic for the evaluation of healthcare technologies based on four evaluation metrics, such as confidentiality, integrity, availability, and satisfaction. A study put forward by Zarour et al. [21] focused on the assessment of blockchain technology models for preserving the security of electronic health records. They evaluated selected alternatives against six (6) parameters, such as data monitoring, immutability, consensus, value, identity, and data security. Another similar research study was also conducted by Enaizan et al. [22] to design a decision-support system for the security and privacy of electronic medical records (EMR). They adopted AHP-TOPSIS methods along with the K-mean clustering technique to identify the most critical factors, such as authentication, availability, nonrepudiation, integrity, and illegal access. Huang et al. [23] evaluated IoMT-based systems by using the ANP method and considering features from the most popular security standard, such as ISO/IEC 27002 (ISO 27002). The main elements of the evaluation criteria of IoMT systems are: secure key, confidentiality, availability, safety, network monitoring, continuity, authentication, nonrepudiation, trustworthiness, auditing, and secure key management. The study of Hussain Seh1 et al. [24] is aimed at introducing an effective and efficient assessment framework for evaluating web-based healthcare applications. They utilized AHP and TOPSIS approaches for the evaluation and ranking of alternatives against features, such as authentication, encryption, robustness, revocation of access, data validation, and audit. This study is similar to the computational methodology that is suggested by Ahmad et al. [25] for the empirical analysis of selecting the most ideal security technique for medical care devices. This study applied AHP, hesitant fuzzy, and AHP to evaluate alternatives for criteria features, such as biometric authentication, passwords, backup, access control, software recovery, security tokens, version control, and error detection. Algarni et al. [26] checked the level of security of web-based medical image processing systems by using fuzzy AHP and TOPSIS. The major parameters in their design criteria were authentication, confidentiality, utility, integrity, authorization, resilience, and procession. They evaluated the various aspects of MRI devices, such as X-ray, ultrasound, and CT scan devices. Ansari et al. [27] proposed a quantification framework for the evaluation and selection of the right security requirement engineering (SRE) technology in the medical care system. The major elements of the evaluation criteria are composed of security, threats, risks, assessment, vulnerability, stakeholders, and security requirements. The work suggested by Kumar et al. [28] also utilized AHP-TOPSIS techniques for evaluating factors that affect healthcare information security. Healthcare information security is tested against factors such as human error, malware, social engineering, outdated information technology, med jacking, and low access control management.

3. Proposed Methodology

In wireless sensors or IoT networks, the authentication of nodes or IoT devices brings significant importance from different security perspectives. It is only possible to attain full-fledged security by selecting the most appropriate and full-pledged security scheme or algorithm for authentication. In the last few years, an array of authentication methods has been presented to address the security concerns of IoT devices deployed in the healthcare area. This proliferation has resulted in decision-making issues regarding the installation of the most suitable choice of authentication scheme. Therefore, the major objective of this research approach is to assess and opt for the best algorithm/scheme for IoT devices. Initially, features related to authentication were identified from literature sources and presented at a consultation with experts on a panel. Authentication features were used as metrics for the selection of the best authentication algorithm in the medical care system. This evaluation framework consists of two major phases, as shown in Figure 1. In the first phase, the AHP method was applied to assign criteria scores, and in the second phase, the TOPSIS method was applied to assess and rank the authentication methods with respect to criteria features. The chosen features in this research are the most commonly used and most relevant to the strength of any authentication scheme or algorithm. The complete list of procedures for the proposed research method is given below.

3.1. Collection and Selection of Authentication Features

The feature selection procedure was carried out by completely searching the literature. The criteria were designed based on assessment features. Features were included after consulting with the expert panel, and they provided valuable input in finalizing the list of features. The list of features selected in this study include the criteria for mutual authentication, privacy protection, key agreement, password change, integrity, confidentiality, forward security, scalability, and availability. This research work follows a systematic approach to the collection of features. The following authentication features are collected from literature sources, and the details are given in

Table 1. Features Literature.

Criteria Features	References
Mutual Authentication	[29,30,31,32,33,34,35,36,37,38,39,40,41]
Privacy Protection	[29,37,38,42,43,44]
Key agreement	[31,39,40,41,44,45]
Password Change	[36,39,40,46]
Integrity	[37,39,40,44,47,48,49,50]
Confidentiality	[30,32,37,42,44,45,47,48,49,50,51]
Forward Security	[41,45,46,49]
Scalability	[39,45,50,52]
Availability	[38,41,42,45,47]

.

We selected the most vital features that have an overall impact on authentication from the literature. The importance of selected features can be estimated from the number of citations, i.e., references used by different authors for evaluation. The frequency of individual authentication features cited in the literature is given in Figure 2.

The hierarchical structure of features and authentication devices is given in Figure 3.

3.2. Case Study

A case study is conducted with ten (10) experts who are working as expert network security analysts. The major purpose of consultation with experts is to understand the level of importance of each feature in the evaluation approach. In this method, a questionnaire was given to experts in the field of network/IoT security. A few questions were asked about the authentication features of IoT devices. They rated the importance of features for any authentication mechanism by using their expert opinions. Criteria are built by considering the most vital feature. The experts responded by using the well-known Saaty’s scale. The answers were provided on a different sheet of paper. After collecting data, the average of the values assigned by each expert is calculated for individual features. The complete procedure of steps of this case study is depicted in Figure 4. In the first step, the authentication issues were investigated based on the literature study, and then a survey was conducted with security experts who know about the significance of features in the authentication method.

3.3. Assigning Criteria Weights

It is important to assign weights to the criteria’s features. In this regard, a well-known MCDM approach such as AHP was adopted to assign criteria weights. This method is the most suitable choice for assigning weights to the criteria in MCDM problem scenarios. There are several reasons behind the application of this method. First, it focuses on eliminating the cognitive errors through the simplification procedure, multi-attribute comparison, and partitioning. This approach has the potential to compare both qualitative and quantitative attributes, simultaneously. Hence, it covers different decision-making situations, such as evaluation, prioritization selection, conflict resolution, resource allocation, and optimization. Furthermore, this method is subjective, which means it can be used to assign criteria weights based on opinions provided by the expert panel or decision makers [53]. The AHP approach prioritized the selected alternatives by using the concept of goal identification and the significance of hierarchy [54]. The AHP method applies the following steps [55,56,57].

• Step-1. Assigning weights

The AHP method starts its step-wise procedure while assigning weightage scores to criteria by using the concept of relative importance. In this process, the relative importance of each criterion over another criterion is defined according to a predefined scale. Then, the qualitative values are shifted into a quantitative form.

• Step-2. Comparison matrix

A pairwise comparison table/matrix is similar to an input to the AHP method. In this step, a scale normally ranges from 1 to 9. It assigns values to the criteria features based on a comparison matrix, such as a_ij, and denotes the relative importance of the ith criteria over the jth criteria. In this step, if a_ij is assigned a value greater than one, then the ith criterion is more important than the jth criterion. Additionally, in the case that the a_ij value is less than one, then the ith criterion is considered comparatively less important. In situations where a_ij = 1, then both criteria elements are considered to have equal significance. The results of this procedure can be obtained by using the following matrix (P_m), as given by Equation (1).

$$P_m=\left[\begin{array}{ccc}1& a_{12}\dots \dots . & a_{1n}\\ \frac{1}{a_{12}}& 1\dots \dots .& a_{2n}\\ ⋮& ⋮& ⋮\\ \frac{1}{a_{1n}}& \frac{1}{a_{2n}}& 1\end{array}\right]$$

(1)

• Step-3. Normalizing pairwise comparison matrix

During the normalization procedure, the total of columns in the matrix is obtained then every element of the matrix is divided by the total, and then the average of the rows is obtained. This normalization process led to the production of the criteria weights. This process can be accomplished by two methods, such as the geometric mean and Lambda max. λmax actually denotes the eigenvalues. It is obtained by using the following equation:

$${\lambda }_{max}=\frac{1}{n}{\displaystyle \sum }_{i=1}^n\frac{{\left(Aw\right)}_i}{w_i}$$

(2)

• Step-4. Creating consistency matrix

The major purpose of the consistency matrix is to check the results comparison for consistency. In this procedure, initially the consistency index was equated with the help of Equation (3). Then, the consistency ratio was obtained using Equation (4).

$$C.I=\frac{{\lambda }_{max}-n}{n-1}$$

(3)

$$C.R=\frac{C.I}{R.I}$$

(4)

The score value of the consistency ratio (C.R) is very important, for example, when C.R = 0.1 OR C.R < 0.1, then it is within the acceptable range, otherwise, the process will be restarted.

In context of this research, AHP is applied to assign weights to the criteria features. The procedure of assigning the weights criteria begins right after the identification of the alternatives, criteria, and sub-criteria. The criteria have been already defined by collecting the authentication features from different sources of literature. In the proposed methodology, we have identified nine (9) authentication features. According to our literature study, these are the most frequently used and recognized features for authentication for IoT devices in healthcare networks. After defining the criteria, the experts in the field of IoT security assigned weights to the criteria. Weights to criteria were assigned by the expert panel using Saaty’s scale. For simplicity, the calculation of different codes was assigned to criteria, such as mutual authentication, privacy protection, key agreement, password change, integrity, confidentiality, forward security, scalability, and availability, such as C₁, C₂, C₃, C₄, C₅, C₆, C₇, C₈, and C₉, respectively. A pairwise comparison matrix was built by using Equation (1), and the details are given in the pairwise matrix.

$$P_m=\left[\begin{array}{cccccccccc}& {\mathit{C}}_1& {\mathit{C}}_2& {\mathit{C}}_3& {\mathit{C}}_4& {\mathit{C}}_5& {\mathit{C}}_6& {\mathit{C}}_7& {\mathit{C}}_8& {\mathit{C}}_9\\ {\mathit{C}}_1& 1& 2& 1& 1& 1& 5& 2& 5& 3\\ {\mathit{C}}_2& \frac{1}{2}& 1& 1& 1& 2& 3& 4& 7& 4\\ {\mathit{C}}_3& 1& 1& 1& 2& 3& 3& 3& 7& 2\\ {\mathit{C}}_4& 1& 1& \frac{1}{2}& 1& 3& 2& 3& 5& 4\\ {\mathit{C}}_5& 1& \frac{1}{2}& \frac{1}{3}& \frac{1}{3}& 1& 3& 5& 4& 3\\ {\mathit{C}}_6& \frac{1}{5}& \frac{1}{3}& \frac{1}{3}& \frac{1}{2}& \frac{1}{3}& 1& 2& 3& 2\\ {\mathit{C}}_7& \frac{1}{2}& \frac{1}{4}& \frac{1}{3}& \frac{1}{3}& \frac{1}{5}& \frac{1}{2}& 1& 2& 3\\ {\mathit{C}}_8& \frac{1}{5}& \frac{1}{7}& \frac{1}{7}& \frac{1}{5}& \frac{1}{4}& \frac{1}{3}& \frac{1}{2}& 1& 2\\ {\mathit{C}}_9& \frac{1}{3}& \frac{1}{4}& \frac{1}{2}& \frac{1}{4}& \frac{1}{3}& \frac{1}{2}& \frac{1}{3}& \frac{1}{2}& 1\end{array}\right]$$

The sum of the columns is calculated, and individual elements in the table are divided by the sum of the columns. This process is repeated for all individual elements. The details of the normalized pairwise matrix are shown in

Table 2. Normalized pairwise matrix.

Features	C1	C2	C3	C4	C5	C6	C7	C8	C9
C1	0.14	0.31	0.19	0.15	0.09	0.27	0.05	0.14	0.13
C2	0.07	0.15	0.19	0.15	0.18	0.16	0.20	0.20	0.17
C3	0.14	0.15	0.19	0.30	0.27	0.16	0.15	0.20	0.08
C4	0.14	0.15	0.10	0.15	0.27	0.11	0.15	0.14	0.17
C5	0.14	0.08	0.06	0.05	0.09	0.16	0.25	0.12	0.13
C6	0.14	0.05	0.06	0.08	0.03	0.05	0.10	0.09	0.08
C7	0.14	0.04	0.06	0.05	0.02	0.03	0.05	0.06	0.13
C8	0.03	0.02	0.03	0.03	0.02	0.02	0.03	0.03	0.08
C9	0.05	0.04	0.10	0.04	0.03	0.03	0.02	0.01	0.04

.

The weights of the criteria elements are calculated from Table 2 by using Equation (2). The results obtained for each criterion are displayed in

Table 3. Weights of features.

Codes	Features	Criteria Weights
C1	Mutual Authentication	0.16
C2	Privacy Protection	0.17
C3	Key agreement	0.18
C4	Password Change	0.15
C5	Integrity	0.12
C6	Confidentiality	0.08
C7	Forward Security	0.06
C8	Scalability	0.03
C9	Availability	0.04

.

Consistency matrix is formed by applying Equation (3). The results of the consistency matrix are shown in

Table 4. Consistency matrix.

C.F	C1	C2	C3	C4	C5	C6	C7	C8	C9
C1	0.16	0.33	0.18	0.15	0.12	0.38	0.06	0.16	0.12
C2	0.08	0.17	0.18	0.15	0.24	0.23	0.26	0.22	0.16
C3	0.16	0.17	0.18	0.31	0.36	0.23	0.19	0.22	0.08
C4	0.16	0.17	0.09	0.15	0.36	0.15	0.19	0.16	0.16
C5	0.16	0.08	0.06	0.05	0.12	0.19	0.32	0.13	0.12
C6	0.16	0.06	0.06	0.08	0.04	0.03	0.13	0.10	0.08
C7	0.16	0.04	0.06	0.05	0.02	0.02	0.06	0.06	0.12
C8	0.03	0.02	0.03	0.03	0.03	0.01	0.03	0.03	0.08
C9	0.05	0.04	0.09	0.04	0.04	0.02	0.02	0.02	0.04

.

After calculating the criteria weights of individual elements, it is necessary to check the procedure of finding the weights of the criteria. For this purpose, the procedure was extended to find the consistency index and was calculated to check how consistent the results were. The random index (R.I) for the “N” number of criteria is given in

Table 5. R.I values.

No. of Criteria	1	2	3	4	5	6	7	8	9	10	11	12	13
R.I value	0	0	0.52	0.89	1.11	1.25	1.35	1.4	1.45	1.49	1.52	1.54	1.56

[58]. In this study, as we have selected nine (9) security features, the value of R.I is 1.45, as shown in Table 5.

Lambda max (λmax) finds the eigenvalue. First lambda max is calculated and then C.I is found with the help of Equation (3). Both are given below.

$${ \mathsf{\lambda }}_{\max }=9.9$$

Consistency index is computed as given below.

$$\mathrm{C}.\mathrm{I}=\frac{9.9-9}{9-1}=0.11$$

Equation (4) has been used to obtain the C.R value.

$$\mathrm{C}.\mathrm{R}=\frac{0.11}{1.45}=0.077<0.1 \mathrm{or} (7.7\%<10\%)$$

Here, C.R. is less than 0.077 or 7.7%. This means that the results of this procedure are accurate and good enough to carry on with further security evaluation steps.

3.4. Ranking Alternatives

Initially, the TOPSIS method was presented by Hwang and Yoon [59]. It works on the principle of using ideal solutions. It is a simple working mechanism, reliable and well-established [51]. In this approach, whenever the chosen alternative is required to be at the shortest distance from the positive ideal solution and it should be located at the farthest distance from the negative ideal solution. The TOPSIS method is intended to be applied for the assessment and ranking of authentication mechanisms based upon an identified set of features. It involves following steps for the ranking of alternatives [59,60].

• Step-1 Constructing decision matrix

A decision matrix, denoted (D_m), is constructed with the help of alternatives and criteria. For “n” numbers of alternatives denoted by A₁, A₂…An and criteria denoted by C₁, C₂…C_n, the decision matrix is given as:

$$D_m=\begin{array}{c}{A}_1\\ {\begin{array}{c}⋮\\ A\end{array}}_n\end{array}\left[\begin{array}{ccc}{C}_1& ..\dots \dots ....& C_n\\ X_{11}& \dots \dots ..& X_{1n}\\ & & \\ ⋮& \ddots & ⋮\\ X_{m1}& \dots \dots \dots .& X_{mn}\end{array}\right]$$

(5)

• Step-2 Normalizing decision matrix

As a decision matrix collects data from heterogeneous/different sources, it is mandatory to convert data into a dimensionless form. Therefore, a normalized decision matrix denoted by R_IJ can be given as:

$${ \mathrm{R}}_{\mathrm{i}}{}_{\mathrm{j}}=\frac{{\mathrm{X}}_{\mathrm{i}}{}_{\mathrm{j}}}{\sqrt{{{\displaystyle \sum }}_{\mathrm{i}=1}^{\mathrm{m}}{\mathrm{x}}_{\mathrm{ij}}^2} }$$

(6)

In Equation (6), the value of i = 1…….m, and while, j = 1…n

• Step-3. Weighted normalized decision matrix (WNDM)

The attributes may vary with respect to their importance; therefore, every value of the normalized decision matrix is multiplied with a random score value by using the following equation to obtain a weighted normalized decision matrix (V) as given below:

$$\mathrm{V}={\mathrm{W}}_{\mathrm{j}}\times { \mathrm{R}}_{\mathrm{ij}} \left(7\right)$$

(7)

$$\mathrm{V}=\left[\begin{array}{cccc}{\mathrm{V}}_{11}& {\mathrm{V}}_{12}& {\mathrm{V}}_{1\mathrm{j}}& {\mathrm{V}}_{1\mathrm{n}}\\ ⋮& ⋮& ⋮& ⋮\\ ⋮& ⋮& ⋮& ⋮\\ {\mathrm{V}}_{\mathrm{i}1}& {\mathrm{V}}_{\mathrm{i}2}& {\mathrm{V}}_{\mathrm{i}\mathrm{j}}& {\mathrm{V}}_{\mathrm{i}\mathrm{n}}\\ ⋮& ⋮& ⋮& ⋮\\ ⋮& ⋮& ⋮& ⋮\\ {\mathrm{V}}_{\mathrm{m}1}& {\mathrm{V}}_{\mathrm{m}2}& {\mathrm{V}}_{\mathrm{m}\mathrm{j}}& {\mathrm{V}}_{\mathrm{m}\mathrm{n}}\end{array}\right]=\left[\begin{array}{cccc}{\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}\\ ⋮& ⋮& ⋮& ⋮\\ ⋮& ⋮& ⋮& ⋮\\ {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}\\ ⋮& ⋮& ⋮& ⋮\\ ⋮& ⋮& ⋮& ⋮\\ {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}& {\mathrm{w}}_1{\mathrm{r}}_{11}\end{array}\right]$$

• Step-4. Ideal points Calculation

Positive ideal solution denoted by A⁺ and negative ideal solution expressed by A⁻ are computed by using the following equations:

$${\mathrm{A}}^{+}=\left\{{\mathrm{V}}_1^{+},{ \mathrm{V}}_2^{+},{ \mathrm{V}}_3^{+}...{ \mathrm{V}}_{\mathrm{n}}\right\},{ \mathrm{Where} \mathrm{V}}_{\mathrm{j}}^{+}=\left\{(\left(\mathrm{maxi}\left({\mathrm{V}}_{\mathrm{ij}}\right)\mathrm{if} \mathrm{j}\in \mathrm{J}\right);\left({\mathrm{mini} \mathrm{V}}_{\mathrm{ij}} \mathrm{if} \mathrm{j}\in {\mathrm{J}}^{\prime }\right)\right\}$$

(8)

$${\mathrm{A}}^{-}=\left\{{\mathrm{V}}_1^{-},{ \mathrm{V}}_2^{-},{ \mathrm{V}}_3^{-}..{ \mathrm{V}}_{\mathrm{n}}^{-}\right\},{ \mathrm{Where} \mathrm{V}}_{\mathrm{j}}^{-}=\left\{\left(\mathrm{mini}\left({\mathrm{V}}_{\mathrm{ij}}\right)\mathrm{if} \mathrm{j}\in \mathrm{J}\right);\left({\mathrm{maxi} \mathrm{V}}_{\mathrm{ij}} \mathrm{if} \mathrm{j}\in {\mathrm{J}}^{\prime }\right)\right\}$$

(9)

where, J represents beneficial features whereas, J′ is showing nonbeneficial criteria features. Beneficial criteria and nonbeneficial criteria identification is the most important part of the MCDM method. Beneficial criteria are normally those attributes for which high values are desirable, while, on other hand, nonbeneficial criteria are those for which less value is desirable.

• Step-5. Finding separation measures

Separation measures, i.e., ideal separation and no-ideal separation measures, are computed by using the following two equations:

$$S^{+}=\sqrt{{\displaystyle \sum }_{\mathrm{J}=1}^{\mathrm{n}}{({\mathrm{V}}_{\mathrm{ij}}-{\mathrm{V}}^{+})}^2 } \mathrm{where} \mathrm{i}=1\dots ... \mathrm{m}$$

(10)

$$S^{-}=\sqrt{{\displaystyle \sum }_{\mathrm{J}=1}^{\mathrm{n}}{({\mathrm{V}}_{\mathrm{ij}}-{\mathrm{V}}^{-})}^2 } \mathrm{where} \mathrm{i}=1\dots \dots . \mathrm{m}$$

(11)

• Step-6. Measuring relative closeness

The relative closeness denoted by C_i is measured for each alternative with respect to the ideal solutions by using the following equation:

$${\mathrm{C}}_{\mathrm{i}}=\frac{{\mathrm{S}}_{\mathrm{i}}^{-}}{\left({\mathrm{S}}_{\mathrm{i}}^{+}+{\mathrm{S}}_{\mathrm{i}}^{-}\right)} \mathrm{When} 0\le {\mathrm{C}}_{\mathrm{i}}\le 1{ }_{ }$$

(12)

• Step-7. Ranking of alternatives

The ranking of alternatives is based on their C_i values, such that the higher values possessed by the alternative are considered the best preference, while a low value of C_i comparatively shows less performance value.

• The TOPSIS method uses the concept of an ideal solution. It means that if a specific alternative is located at the shortest distance from the positive ideal solution, and if it is located at the maximum distance from the negative ideal solution, then it is considered the best option among the alternatives. The TOPSIS method is more reliable and well-established in its working procedure.
• It has the characteristic of presenting efficiency in the computation process, and results are presented in a simple mathematical form. It is more flexible, and it has various applications in theoretical and real-world MCDM problems.

The purpose of the TOPSIS method is to prioritize alternatives with respect to the identified security features of authentication. The security experts were consulted to know the importance of each feature of the criteria for the authentication solution as discussed in the previous case study. They provided their response according to a ten (10)-point scale. The responses collected from the ten (10)-point scale by the expert panel were divided among ten (10) different authentication alternative solutions. They were assigned values based on a scale starting from 1 to 10. The complete input provided by the expert panel against the authentication criteria is given in the following matrix:

$$D_m=\left[\begin{array}{cccccccccc}& {\mathit{C}}_1& {\mathit{C}}_2& {\mathit{C}}_3& {\mathit{C}}_4& {\mathit{C}}_5& {\mathit{C}}_6& {\mathit{C}}_7& {\mathit{C}}_8& {\mathit{C}}_9\\ {\mathit{A}}_1& 7& 9& 9& 8& 6& 7& 4& 6& 8\\ {\mathit{A}}_2& 8& 7& 8& 7& 7& 5& 4& 5& 8\\ {\mathit{A}}_3& 9& 6& 9& 8& 8& 6& 3& 6& 7\\ {\mathit{A}}_4& 8& 7& 8& 6& 9& 6& 5& 3& 9\\ {\mathit{A}}_5& 6& 7& 6& 7& 8& 5& 6& 5& 7\\ {\mathit{A}}_6& 7& 5& 6& 8& 6& 7& 4& 8& 9\\ {\mathit{A}}_7& 6& 7& 4& 8& 7& 8& 5& 5& 8\\ {\mathit{A}}_8& 5& 8& 7& 4& 8& 5& 7& 7& 5\\ {\mathit{A}}_9& 6& 6& 5& 8& 9& 8& 5& 4& 7\\ {\mathit{A}}_{10}& 6& 5& 7& 4& 6& 7& 4& 4& 8\end{array}\right]$$

The decision matrix is computed with the help of Equation (6), and the results are listed and given in

Table 6. Normalized decision matrix.

Alternatives	C1	C2	C3	C4	C5	C6	C7	C8	C9
A1	0.32	0.42	0.40	0.36	0.25	0.34	0.26	0.35	0.33
A2	0.37	0.48	0.47	0.48	0.46	0.41	0.49	0.49	0.50
A3	0.41	0.28	0.40	0.36	0.34	0.29	0.20	0.35	0.29
A4	0.37	0.33	0.36	0.27	0.38	0.29	0.33	0.17	0.37
A5	0.28	0.33	0.27	0.32	0.34	0.24	0.39	0.29	0.29
A6	0.32	0.23	0.27	0.36	0.25	0.34	0.26	0.46	0.37
A7	0.28	0.23	0.27	0.36	0.25	0.34	0.26	0.46	0.37
A8	0.23	0.33	0.18	0.36	0.30	0.39	0.33	0.29	0.33
A9	0.28	0.37	0.31	0.18	0.34	0.24	0.46	0.40	0.21
A10	0.28	0.28	0.22	0.36	0.38	0.39	0.33	0.23	0.29
C.W	0.16	0.17	0.18	0.15	0.12	0.08	0.06	0.03	0.04

. In the last row, the criteria weights that were previously obtained by using AHP are also listed.

It is not always the case that every criteria element will be of equal importance, therefore, WNDM is created. To obtain a weighted normalized matrix, we used Equation (7). Normalized data is given in

Table 7. Weighted normalized data.

Alternatives	C1	C2	C3	C4	C5	C6	C7	C8	C9
A1	0.051	0.071	0.072	0.054	0.030	0.027	0.016	0.010	0.013
A2	0.059	0.081	0.085	0.072	0.055	0.033	0.030	0.015	0.020
A3	0.066	0.047	0.072	0.054	0.041	0.023	0.012	0.010	0.012
A4	0.059	0.055	0.064	0.041	0.046	0.023	0.020	0.005	0.015
A5	0.044	0.055	0.048	0.048	0.041	0.019	0.024	0.009	0.012
A6	0.051	0.040	0.048	0.054	0.030	0.027	0.016	0.014	0.015
A7	0.044	0.040	0.048	0.054	0.030	0.027	0.016	0.014	0.015
A8	0.037	0.055	0.032	0.054	0.035	0.031	0.020	0.009	0.013
A9	0.044	0.063	0.056	0.027	0.041	0.019	0.028	0.012	0.008
A10	0.044	0.047	0.040	0.054	0.046	0.031	0.020	0.007	0.012

.

The next step is to find A⁺ and A⁻ for every criteria feature. Equations (8) and (9) have been applied and the results are given in

Table 8. Values of A⁺ and A⁻ of criteria elements.

	C1	C2	C3	C4	C5	C6	C7	C8	C9	C1
A+	0.081	0.071	0.072	0.063	0.068	0.040	0.041	0.033	0.038	0.022
A−	0.063	0.047	0.064	0.047	0.045	0.029	0.025	0.017	0.029	0.015

.

Both ideal separation measures and relative closeness are measured with the help of Equations (10), (11), and (12), respectively and their values are given in

Table 9. Relative Closeness.

Alternative	S+	S=	${\mathbf{S}}^{+}+{\mathbf{S}}^{-}$	Relative Closeness
A1	0.041	0.061	0.102	0.597
A2	0.007	0.091	0.099	0.926
A3	0.048	0.059	0.107	0.549
A4	0.048	0.048	0.096	0.500
A5	0.060	0.035	0.095	0.370
A6	0.067	0.038	0.104	0.360
A7	0.069	0.035	0.104	0.340
A8	0.072	0.035	0.107	0.330
A9	0.064	0.040	0.104	0.382
A10	0.065	0.037	0.102	0.362

.

Ranking is performed according to the values of relative closeness as given in

Table 10. Ranking preferences.

Alternatives	A1	A2	A3	A4	A5	A6	A7	A8	A9	A10
Final score	0.597	0.926	0.549	0.500	0.370	0.360	0.340	0.330	0.382	0.362
Ranking	2	1	3	4	5	8	9	10	6	7

. As we can see, among all the alternatives, “A₂” has the highest value. This alternative is the best with respect to the criteria.

From the empirical assessment of this study, it is concluded that the A₂ alternative has higher values among the other selected alternatives. It means that by taking features into account based on our assessment model of authentication, it is more reliable in terms of the authentication features. Thus, any algorithm having such a feature should be adopted for secure authentication in the healthcare sector. The complete details of the ranking scores of all authentication alternatives are given in Figure 5.

The complete input data provided to the D2 alternative against the criteria features is given in Figure 6. It shows that it can be a better choice of authentication method based on the degree of importance of features. The authentication scheme can be judged based on features, such as mutual authentication, privacy protection, key agreement, password change, integrity, confidentiality, forward security, scalability, and availability.

4. Conclusions

The secure protection of IoMT devices in the healthcare domain remains a major concern due to the nature of the devices and data managed by the network. Therefore, it has become an important topic over the last couple of years for researchers and practitioners to provide reasonable security solutions in this area. A plethora of IoT authentication solutions have been introduced to the market for secure authentication of IoMT devices in the healthcare field. This significant intensification of IoT devices has led to decision-making and selection problems for healthcare personnel trying to install the right security solution. In this research study, we present an assessment framework to provide reasonable solutions for the selection and deployment of the right authentication solution. This framework adopts a mathematical approach for decision-making and implements the best authentication solution based on considering the most important features. A case study was conducted with an expert panel to collect data about the authentication features and set criteria for the evaluation of authentication schemes. This framework is composed of two multicriteria decision-making approaches, i.e., AHP and TOPSIS. The AHP technique assigns quantification scores to criteria features; and TOPSIS performs the performance evaluation of the authentication alternatives against the proposed criteria.

The findings of the proposed study suggest that this framework can be used as the best choice for the assessment and ranking of IoT authentication algorithms/schemes in a real-world scenario in the healthcare area. This framework can be applied as a guideline for practitioners and researchers to evaluate the existing authentication methods based on the selected feature. The research will assist security developers and policymakers in reviewing the existing authentication schemes with respect to security features by applying the proposed model to the evaluation.

There are some limitations to this study, such as the fact that the features used in this criterion are not absolute metrics for the evaluation of authentication algorithms. Other studies might consider other features for the criteria. The decision-making process can be further improved by using fuzzy concepts. Therefore, we are looking forward to applying the fuzzy approach for the purpose of evaluating authentication algorithms and bringing more accuracy and efficiency to the results.