Page 79 - IJEEE-2022-Vol18-ISSUE-1
P. 79
Hamed & Yassin | 75
2. Disease prevention: ???? resists the disease based on devices V. FORMAL SECURITY ANALYSIS WITH SCYTHER TOOL
of doctors (??1, ??2, ??3 … , ???? ) and avoids all foods caused
from the severity of chronic diseases. Currently, we are focusing on establishing that the
3. Laboratory and diagnostic care: ???? can receive the results suggested method can withstand severe assaults such as
of his test directly in his account (????????). In the other side, phishing, man-in-the-middle (MITM), replay attacks, and
early examination through the symptoms associated with eavesdropping attacks. Furthermore, our work incorporates a
chronic diseases by sending his symptoms to the health number of security features. We do the following analysis of
foundation. the suggested scheme. It considers as a cryptography tool
4. Remote emergency and inpatient services: ???? can get full used for formal security analysis and proof to ensure from
services to the case emergency to take first aid and treatment security, resisting well-known malicious attacks, correctness
and prepare logistics before arriving at the hospital. of the messages via communication channel applied with the
5. The mechanism of sending a query from ???? to ?????? and perfect cryptography functions such as hash function,
vice versa. This query represents "Inquiries about symptoms EMAIL, encryption, and decryption. Finally, this tool gains
of a specific disease or other". However, ???? writes his secure the proposed scheme a guarantee to implement in the safe
query ???? = ?????????????? (??????????_????????) and sends ???? to ??????. condition and can resist the familiar attacks until the attacker
6. In the side of ?????? , he retrieves the ??????????_???????? by is accessible. Currently, the proposed scheme has been
decrypting ???? based on ???????????'??????? = ?????????????? (????) . Then, written in SPDL language and the viewed the results in the
?????? sends the ???????????'??????? to the concerned department in the state of (?????????????????? ??????????) and (???????????????????????? ??????????).
health foundation. After that, the specialist doctor answers
the patient query by doctor report (????2???? ) and then ?????? 1. Verification of Claim : Scyther's input language allows
encrypts this report (???? = ?????????????? (????2????)) and resubmits security features to be specified in terms of claimed events.
???? to ????. For example, one may argue in a role definition that a
7. Upon receiving ????, ???? can read the replying of his queries particular value is confidential (confidentiality) and that
by ????2???? = ?????????????? (????). certain traits should apply to communication partners
(authentication). Scyther can be used to verify or disprove
Fig.3: Healthcare phase for patient these traits.
5. Key Management Phase 2. Automatic of Claim: If the protocol specification lacks
security assertions, Scyther can generate them automatically.
Here, the main parties have an agreement to generate once Verification claims assert that the protocol's putative
key for each login request based on ( ????????, ???? ). In the communication partners must have followed it as intended at
moment of successful login of patient, the main parties the conclusion of each role. All parameters and locally
(????, ??????) performs the following points to apply this phase. produced values are likewise subject to confidentiality claims
1. Patient (????) side computes ???????? = ????????? ????. (nonce). Scyther evaluates the expanded protocol
2. Cloud Healthcare Server (??????) side computes ???????? = description, in the same manner, he did previously. This
allows users to quickly study a protocol's characteristics.
????????? ????'. Based on the scyther tool, our work resists harmful attacks
such as MITM, Insider, Replay, Spoofing, and
Impersonation. The login and authentication phases are
depicted in Figure 4 [37].
We notice that the proposed scheme has protect against
malicious attacks as above mention. So, SPDL supports
many major crypto functions like sending or receiving
messages among components, and the roles of each
component. When we strip the proposed system from
security factions like crypto hash, encryption, we will notice
the apparent weakness of the system, as Figures 5 and 6.
Figure 5 represents the result of an safe system that does
not contain perfect cryptography functions. Therefore, this
system becomes insecure and vulnerable to face the
malicious attacks (see Figure 6).
