Enhancing Security and Privacy in Healthcare Systems Using a Lightweight RFID Protocol

Abstract

Exploiting Radio Frequency Identification (RFID) technology in healthcare systems has become a common practice, as it ensures better patient care and safety. However, these systems are prone to security vulnerabilities that can jeopardize patient privacy and the secure management of patient credentials. This paper aims to advance state-of-the-art approaches by developing more secure and private RFID-based healthcare systems. More specifically, we propose a lightweight RFID protocol that safeguards patients’ privacy in the Internet of Healthcare Things (IoHT) domain by utilizing pseudonyms instead of real IDs, thereby ensuring secure communication between tags and readers. The proposed protocol has undergone rigorous testing and has been proven to be secure against various security attacks. This article provides a comprehensive overview of how RFID technology is used in healthcare systems and benchmarks the challenges faced by these systems. Then, it reviews the existing RFID authentication protocols proposed for IoT-based healthcare systems in terms of their strengths, challenges, and limitations. To overcome the limitations of existing approaches, we proposed a protocol that addresses the anonymity and traceability issues in existing schemes. Furthermore, we demonstrated that our proposed protocol had a lower computational cost than existing protocols and ensured better security. Finally, our proposed lightweight RFID protocol ensured strong security against known attacks and protected patient privacy using pseudonyms instead of real IDs.