https://orcid.org/0000-0002-6264-9783
Figures
Abstract
Mobile Agents are a new type of computing that is replacing the client-server approach. Mobile agents are little pieces of code that function automatically on behalf of the owner. Many applications, such as e-commerce, parallel computing, network management, and health care, use mobile agents. The healthcare industry is one of the most growing fields in any country. As the population increases day by day the requirement of medical resources is proportionally increasing. Due to high patient demand and a severe lack of medical resources, a remote medical healthcare system is required. However, the deployment of remote healthcare systems over the Internet introduces a new set of challenges, including interoperability among heterogeneous networks and the need to navigate through multiple public systems dispersed over insecure networks. This paper explores how mobile agents can effectively tackle these challenges, especially in heterogeneous and potentially malicious environments. A key focus of this research is the development of a mathematical model for secure medical information retrieval. This model incorporates a variable threshold secret-sharing mechanism, employing the Chinese remainder theorem and multiplicative inverse with modular arithmetic at different levels. By integrating these cryptographic techniques, the proposed approach ensures the confidentiality and integrity of medical information during its retrieval, contributing to the overall safety and robustness of mobile agent computing in healthcare scenarios.
Citation: Kumar P, Rawat SS, Banerjee K, Salau AO, Kumar G, Singhal N (2025) Secure mobile agents for efficient medical information retrieval: A verifiable variable threshold secret sharing approach. PLoS One 20(6): e0325950. https://doi.org/10.1371/journal.pone.0325950
Editor: Yang (Jack) Lu, Beijing Technology and Business University, CHINA
Received: August 27, 2024; Accepted: May 16, 2025; Published: June 20, 2025
Copyright: © 2025 Kumar et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
Data Availability: The datasets generated during and/or analysed during the current study are available within the manuscript itself.
Funding: The author(s) received no specific funding for this work.
Competing interests: The authors have declared that no competing interests exist.
1. Introduction
Medical facilities represent one of the most crucial concerns in human civilizations, as they directly impact on the quality of residents’ lives. Medical care is characterized by highly specialized healthcare institutions and clinical divisions [1]. The healthcare industry is not only dispersed and fragmented but also diverse, exhibiting significant regional autonomy. Due to the sheer volume of medical data, coupled with its complexity and diversity, traditional computation paradigms falter when attempting to simulate such an environment.
In this context, we delve into the effective utilization of the mobile agent paradigm within the healthcare domain. Mobile agents consist of small programs that migrate as distinct independent units from one platform to another. They can execute processes on a platform, suspend their execution, migrate to a different platform, and resume their execution there. Mobile agents [2] adhere to a specific lifecycle for executing assigned tasks, as depicted in Fig 1.
Given the inherently self-driven mobility of mobile agents across distributed networks, they often interact with malicious agents and platforms.
In the present era, one of the burgeoning paradigms for overseeing applications in distributed computing is the Mobile Agent. Various client-server paradigms, such as Remote Procedure Call (RPC), Message Passing Interface (MPI), and code on demand, were utilized in distributed computing prior to the advent of mobile agent technology. Numerous benefits have been introduced in the computing landscape, including the automatic dynamic execution of tasks, reduced channel load, and minimized latency.
A mobile agent [3] moves seamlessly across a network, transitioning from one machine to another. Ensuring the security of both the mobile agent and the platform it interacts with presents a substantial challenge when embracing the mobile agent paradigm.
1.1. Characteristic of mobile agents
- 1). Mobility: Agents can temporarily halt their execution on one agent platform and then resume it on another, namely, in a different location. This phenomenon is commonly known as migration.
- 2). Self-determination: Each mobile agent operates based on a code specifically crafted to accomplish one or more objectives. The actions performed by mobile agents are solely determined by this code, without any direct interaction from external entities.
- 3). Reactivity: Agents adapt to environmental changes to accomplish their objectives.
- 4). Proactively: Agents alter their surroundings and employ a variety of actions to attain their objectives.
- 5). Sociability: This pertains to an agent’s capacity to engage in communication with other agents. Given that certain agents rely on communication with others to observe their environment, this attribute is of paramount importance.
Mobile agent Security as shown in Fig 2 is categorized into three main parts: Security of Mobile agent, Security of Platform, and Security of mobile agent Network.
1.2. Mobile agent applications in the healthcare domain
The utilization of the Mobile Agent paradigm is widespread and applied in numerous real-life applications, such as electronic commerce, networking, and personal assistance. Employing mobile agent technology entails the collaboration of multiple agents: each agent is assigned specific responsibilities, which collectively break down the entire task.
Healthcare operates within a vast open ecosystem [4] characterized by decentralized decision-making and care management. This necessitates the exchange of complex and diverse data types among various clinics. During emergencies, there arises a need to collaborate on patient information from different medical institutes to review the patient’s medical history. Mobile agent technology stands as one of the most popular and sought-after strategies for accessing patient medical history information [5]. Through cooperation and coordination of their actions, mobile agents present a natural approach to resolving distributed problems with heterogeneous inputs. They also proactively carry out tasks that can be beneficial to the user. Within the medical domain, various applications of mobile agents abound.
- 1). Medical data management: Providing information from different medical data sources and consolidating it.
- 2). Decision-making support: Approaches converged to aid healthcare practitioners in completing tasks such as treatments and diagnostics.
- 3). Securing medical information: Methodologies for enhancing the security and privacy of patient data.
- 4). Patient management: Medical information acquisition, analysis, and protection systems are critical to providing high-quality patient care.
- 5). Medical training and education: Mobile technology is used in medical training and education.
- 6). Remote care or telemedicine: Patients’ status can be monitored remotely, allowing for more comprehensive care.
- 7). Planning and resource allocation: Used in planning and resource allocation.
- 8). Information retrieval and integration: Methodologies for retrieving medical data from disparate databases.
Medical services are perhaps the most pressing issue in human social order, as the existing nature of humans directly relies upon healthcare services. Medical services are data-driven and information-driven. The application of mobile agents in the medical field is shown in Fig 3.
Healthcare in the medical sector is one of the most intricate undertakings due to the absence of all medical facilities in a centralized location. The healthcare industry is not only dispersed and fragmented, but it also exhibits considerable diversity, along with significant local autonomy. Furthermore, within the medical sector, patient information holds paramount importance, and a majority of treatments are critical. Given the vast volume of information, as well as the complexity and diversity of data, conventional computational methods prove inadequate in functioning effectively.
Mobile agent computing [6] plays a pivotal role in addressing challenges within the healthcare sector. Mobile agent programming has emerged as a prominent standard for organizing web-based applications, wherein these agents migrate across a network to execute tasks beyond their host machines. Each task is executed independently by the mobile agent. Mobile agents find extensive applications in the healthcare domain, encompassing decision-making systems, accessing distributed data sources, and coordinating healthcare-related tasks. This is due to their adaptive, proactive, and cooperative nature.
The principal objective of this article is to ensure the security of mobile agents during migration, as these agents carry sensitive patient personal data and medical reports. The proposed framework is founded on the multilevel Chinese remainder theorem, incorporating a variable threshold value to safeguard patient data and medical reports.
1.3. Contribution of the paper
The contribution of this paper is summarized as follows:
- This paper presents a novel approach to bolster the security of mobile agents and platforms by employing multilevel key management and dynamic threshold values.
- A dynamic threshold value is essential for both the mobile agent and platform, catering to diverse levels of authentication requirements. To secure the migration of mobile agents effectively, we propose a technique grounded in the Multilevel Chinese Remainder Theorem.
- For the execution and authentication of mobile agent migration, we generate multilevel secret keys, each assigned a dynamic threshold value specific to its corresponding level.
1.4. Organization of the paper
The article is organized as follows: In Section 2, we primarily delve into related work. Our proposed approach, along with preliminaries, is detailed in Section 3. The performance evaluation and implementation of our approach are addressed in Section 4. Section 5 concludes the article, highlighting the key findings and avenues for future work.
2. Related work
Mobile agent technology has been explored in numerous fields, including the medical sector, to enhance secure and efficient data processing, resource management, and task execution. This work delves into key concepts and potentially related work associated with the deployment of secure mobile agents within the medical field.
Srivastava et al. [7] introduced a technique aimed at enhancing the security of mobile agents. Their approach ensures the confidentiality of these agents in both the communication channel and the execution environment, while also preserving their integrity. To safeguard mobile agents from hostile execution environments, it becomes imperative to limit the security verification authority on the execution environment side. This involves adopting an agent-driven methodology wherein the mobile agent safeguards its sensitive code and data from the external malicious environment. The author proposed a novel technique for a critical component of mobile agents. To guarantee confidentiality, a private key is generated, composed of two key parts: one generated through a hash function and the other generated randomly (AES-generated).
The authors in [8] present a significant contribution in their work by introducing the concept of Trust Score, an original metric for assessing platform reliability. They introduce a Trust Score-based Itinerary Arranging Algorithm designed to assist Mobile Agents in making dynamic decisions informed by the Trust Score. To enhance the Trust Scoring system, they introduce the Trustability Coefficient of Variation. Although the Trust Scoring system generates separate sections for a server platform, the framework consolidates these sections using the Coefficient of Variation, culminating in a unified metric referred to as the Trustability Coefficient of Variation. This approach leverages the Trustability Coefficient of Variation to rank server platforms according to experimental results, showcasing its superiority over existing alternative support networks.
Geetha et al. [9] presented a dual encryption mechanism aimed at safeguarding data blocks, effectively addressing concerns such as snooping and alteration. This approach guarantees the confidentiality, integrity, authentication, authorization, and scalability of Mobile Agents (MA). The proposed model ensures the security of free-roaming MAs through Trustworthy Roaming Model and cryptographic algorithms, providing resilience against both passive and active attacks, specifically connived truncation attacks.
Han et al. [10] addressed the public key management challenges in mobile networks by proposing the “Trust Delegation” concept based on an ID-based cryptosystem, which enhances security. This concept enables multiple applications concurrently while remaining resilient against fundamental transparency and key loss. Their design, which minimizes transaction quantity and complex elements like Home Subscriber Server and Bootstrapping Function, proves to be robust against denial of service (DoS) attacks targeting HSS or BSF.
Raji et al. [11] proposed a distinctive approach ensuring anonymity for both agent owners and itineraries. By utilizing a public anonymizer system consisting of auxiliary hosts, the owner employs this system for each step of the agent’s journey. These hosts serve as intermediaries, maintaining security. Security remains an emerging area within MA systems, and substantial work remains to be accomplished.
Cavalcante et al. [12] Stated the benefits of agent technology for application systems with advanced attributes like autonomy and cooperative problem-solving. They emphasize the necessity of ensuring the security of such agent-based ecosystems, and many security approaches have been proposed by researchers to meet security requirements.
The authors in [13] presented a secret-sharing technique based on the Chinese Remainder Theorem (CRT), termed multilevel threshold secret sharing (MTSS). Their scheme divides share into levels, each with a distinct threshold value for secret key recovery. Only when a specific number of valid shares are available at each level can the secret be reconstructed. Xingxing Jia et al. [14] proposed a novel TCSS (Threshold Secret Sharing) framework based on the CRT, offering reduced share size and recovery complexity compared to previous schemes.
Kandar et al. [15] presented a verified secret-sharing approach based on shadow sharing to safeguard the reconstruction of secret information. Their system also includes a strategy for detecting cheaters, easing updates for the combiner and dealer, and protecting against various security risks.
Bagga et al. [16] discuss the use of Mobile Agents for organizing, processing, and retrieving medical data from heterogeneous sources, aiding healthcare decisions. Agents assist healthcare providers during treatment and enhance the security of health data stored in local repositories. Chen et al. [17] considered multiple public systems distributed across unsecured heterogeneous networks, addressing these challenges with the use of Mobile Agents. They propose a safe access control mechanism based on the Chinese Remainder Theorem and discrete logarithm to ensure secure patient data monitoring and control. M. van der Haak et al. [18] aim to identify legal requirements for data security and data protection in cross-institutional electronic patient records (EPR), exploring methods to achieve these requirements.
Jung et al. [19] highlight the application potential of agent technology in systems with advanced qualities like autonomy and dynamic problem-solving abilities. They emphasize the need for security within such agent-based ecosystems and discuss various security approaches proposed by researchers.
Ruxandra et al. [20] focused on Verifiable Secret Sharing (VSS), ensuring consistent secret reconstruction even if a malicious dealer distributes invalid shares. Verma et al. [21] proposed a hybrid-based VSS scheme for communicating secrets in a multilevel setting, aiming to create effective and secure systems. Zhao et al. [22] presented a verifiable multi-secret sharing (VMSS) scheme based on the YCH scheme and the intractability of the discrete logarithm, enhancing verification while reducing computation quantity. Das et al. [23] introduced a one-way collision-resistant hash function-based multi-secret sharing approach with general access structures, offering flexibility and reduced computational costs. B. Orgun et al.[24] Discussed a framework based on the multi-agents and ontology to provide better communication in distributed health care system without considering the limitation of the client server approach. The aurthour introduced the Electronic Medical Agent System (eMAGS), a multi-agent system utilizing an ontology based on the Health Level Seven (HL7) public health messaging standard. The aim is to streamline the flow of patient data across the healthcare sector. In a separate work, Su [25] detail the design and implementation of a mobile multi-agent platform-based open information system (IMAIS). This system incorporates an automated diagnosis engine for enhanced and distributed ubiquitous fetal monitoring. The adoption of a FIPA2000 standard-compliant agent development platform, the Java Agent Development Environment (JADE), effectively addresses issues related to interoperability, scalability, and openness in diverse e-health contexts. IMAIS, when used with lightweight, portable fetal monitors, allows for continuous long-term monitoring without disrupting a patient’s daily activities or limiting mobility. The versatile system architecture is applicable to various monitoring scenarios, including elder care and vital sign monitoring.
The current body of literature addressing the security of migrating agents outlines diverse methods, yet none offers a comprehensive framework that seamlessly integrates compatible techniques into a unified security model [26,27]. Despite the advantages of employing mobile agent technology in remote healthcare, it introduces security concerns. As a mobile agent conducts its operations, traversing the Internet and engaging with various hosts and agents for information exchange, it becomes vulnerable to security threats [28]. However, the focus is gradually shifting towards developing solutions aimed at securing migrating (mobile) agents, a significantly more intricate challenge. The issue of devising a mechanism is difficult due to the independence and adaptability of mobile agents. Despite the practical benefits of Mobile Agent technology, both the mobile agent and its platform remain susceptible to various security threats [29].
3. Proposed solution
Security of mobile agent in the field of healthcare for securing accessing data of patient proposed multilevel secure key distribution using multilevel Chinese remainder theorem. Some preliminaries are important for proposed framework.
3.1. Preliminaries
In this section, we define MTSS, the CRT, Mignotte’s, and Asmuth–Bloom schemes based on the CRT, as well as other preliminaries that are crucial to our approach.
- 1). Multilevel threshold secret sharing:
In a multilevel threshold secret scheme, authorized set
, while
Let be the threshold values.
where
- 2). Mignotte series: Mignotte series is a collection of positive integers
, in increasing order in such a way
. All positive integers’ pair wise is co-prime
- 3). Chinese remainder theorem: Chinese remainder theorem provides us with a method to uniquely determine a number x modulo t-many relatively prime integers
given that:
One solution of given congruence relation
3.2. Proposed model
In this paper, we propose a key management [27] approach for secure mobile agent migration based on a variable threshold multilevel framework utilizing the Chinese remainder theorem. A secret key is generated for authenticating both mobile agents and platforms, and it is utilized within the mobile host computer during execution. For a malicious platform or attacker attempting to access the agent’s security key, a fixed threshold value is necessary.
The selected secret ‘S’ is randomly divided into ‘k’ partial shares through the application of the Chinese remainder theorem, as depicted in Fig 4.
The framework comprises ‘n’ levels, ranging from higher to lower levels. Higher-level mobile agent shares can be employed to reconstruct the secret for the execution of mobile agents on lower-level platforms. However, lower-level shares cannot be used to retrieve the key at upper levels. Each level of mobile agent necessitates a distinct threshold number of shares to reconstruct the key, and these threshold values vary across different levels. This differentiation in threshold values across mobile agent levels ensures higher security for the execution of mobile agents at varying levels.
The proposed framework is based on the three main phase initializations (algorithm 1), Secret hiding (algorithm 2), Share creation (algorithm 3), and reconstruction of share (algorithm 4).
Algorithm 1 In the initialization phase, every host selects for each level. Each level has a fixed number of mobile agents and respectively pairwise coprime integers. This number selection is based on the Mignotte sequence. Hosts choose a secret key
in set of
.
Initialization:
Input: Number of levels n, where each level has mobile agents, and integer t (threshold).
Output: Secret key S, and pairwise coprime integers .
Step 1: Parameter initialization
i. Select a random integer from
for secret key
ii. (0 ≤ S < q0) for each level secret key.
iii. Initialize an empty list Q to store integers .
Step 2: Choose pairwise coprime integers
for i=1 to n
i. Select in such a way
.
ii.
iii. Append in to list Q.
Step 3: Check the Mignotte sequence condition
i. If
ii. {
iii. proceed with
iv. }
v. Else
vi. Recalculate q values and repeat from Step 2 until the condition is satisfied.
Step 4: Return the secret key S and the sequence of integers Q.
Algorithm 2 Consider finite field where p is the prime number. Select m any random number except 1 used for hiding the Secret
. Since 1 is a multiplicative identity and cannot be used in an algorithm for hiding the secret, it is avoided. After multiplying m by S, different numbers were obtained.
Input:- S: Secret (integer). - p: Prime number (defining the finite field Fp).
Output:- y: Hidden parameter. - m: Random number used for hiding the secret.
Step 1: Select a random number m
i. Generate a random number m such that: - m ∈Zp (i.e., 1 < m < p). - m ≠ 1 (since 1 is a multiplicative identity and cannot hide the secret).
Step 2: Compute the hidden value y
i. Multiply m by the secret S.
ii. Compute y ≡ (m * S) mod p to keep the result within the finite field Fp
Step 3: Return the result
i. Return (y, m), where: – y is the hidden value. - m is the random number used to hide the secret.
Algorithm 3 Shares are created for each level, from higher level to lower level.
Share creation:
Input:
- S: Secret.
- : Sequence of pairwise coprime integers (for levels).
- t: Threshold (number of shares required to reconstruct the secret).
- pi: Public moduli for each mobile agent at each level (from q0 to qn).
Output: - Si: Public shares for each mobile agent.
Step 1: Calculate value of α
i.
Step 2: Share creation for each level (from upper to lower)
i. public share of every Mobile agent 0 ≤ i ≤ n
ii. Save the public share Si for mobile agent i.
Step 3: Return the shares
i. Return the list of shares S0, S1,..., Sn.
Algorithm 4 At the reconstruction of the secret key for the execution of the mobile agent every upper-level mobile agent utilized lower-level share. The threshold value of each level is different in such a way, .
Reconstruction of share
Input:
- i: The level at which the mobile agent wants to reconstruct the secret.
- ti: The threshold value for the ith level
- q0,: Pairwise coprime moduli for respective mobile agents.
- The shares from the lower-level mobile agents.
- αj: The value αj used for share creation at level j.
Output: – S: Reconstructed secret key.
Step 1: Initialize variables for reconstruction
i. Mobile agent wants to reconstruct share at ith level
ii. i = ith level/*choose level */
iii. ti = threshold value of each mobile agent to regenerate secret
iv.
Step 2: Use shares from the lower levels to reconstruct the share at level i
i. Each level of a mobile agent has a different threshold as compared to other levels that provide higher security to mobile agent execution at different levels.
ii.
iii. /*Public parameter
in such a way i < j with respective mobile agent.
iv.ai depend on the level of mobile Agent
Step 3: Solve the system of congruences to reconstruct the secret
i.Solve the system of congruence relations using the Chinese Remainder Theorem (CRT):
Step 4: Final reconstruction of the secret
i.
Algorithm 5 Generated secret authentication based on the algorithm verification of secret key. if (y = m.S′modq0) satisfies the relationship, the generated key is correct otherwise is wrong.
Verification of secret key
Input:
- y: Public parameter.
- m: Random number used for hiding the secret Key.
- q0: Modulus prime number with in finite field.
- x: Some value that, when reduced modulo q0, gives the candidate secret S′.
Output: – Message indicating whether the generated secret is correct or wrong.
Step 1: Compute secret key S′
i. Calculate S′ ≡ xmodq0
ii. Step 2 Verify the relationship
iii. If (y = m.S′modq0)
iv. {
v. “Generated secret is Correct”.
vi. else
vii. “Generated secret is wrong”.
3.2.1. Example of proposed model.
The mathematical example below serves as an illustration of our suggested strategy.
The host chooses a secret key for authentication of mobile agents at the time of execution, S = 102, and q0 = 113, at level one in the subset, L1, the integers associated with shareholders, , k = 1, 2, 3, 4,…… are
= 137,
= 139, and
= 250. The t1-threshold range is (250, 19043). The dealer selects α1 = 150 and s + α1 q0 = 17052 which is in the above range. The shares are
= 64,
= 94, and
= 52
In the subset, L2, the integers associated with shareholders, , k = 1, 2, 3, 4, are
= 293,
= 307,
= 313, and
= 319. The t2-threshold range is (99847, 28154663). The dealer selects α2 = 6864 and s + α2q0 = 775 734 which is in the above range. The shares are
= 163,
= 252,
= 120 and
= 245.
In the subset, L3, the integers associated with shareholders, , k = 1, 2,..., 7, are
= 229,
= 233,
= 239,
= 241,
= 277,
= 281, and
= 283. The t3-threshold range is (22027871, 3073309843). The dealer selects α3 = 194 946 and s + α3q0 = 22029000 which is in the above range. The shares are
= 116,
= 15,
= 131,
= 154,
= 21,
= 5, and
= 280.
For generation of secret key in higher level 3, used from subset L1,
from subset L2. Mobile agents choose moduli
,
,
are 263,269 and 251 respectively using condition
<
<
. Where j is higher level and i is lower-level j > i.241=
<
,
<
= 277. Calculate public parameter associated to
.
Mobile agent evaluates (s + α3q0-)mod
.
(22029000-52) mod263 = 68 then public information of in subset L3is (68,263). Similarly, the public parameter
and
are (201,269) and (242,251) respectively.
Case 1: Assume that at level 3 for generation of secret key collaboration of from L1,
from L2,
and
from L3 are required. Four shares are required to regenerate the secret key level 3 because at level three threshold is ‘t3=4’.
= 52,
= 245,
= 131 and
= 5. Public information of (68,263), (242,251)
= 239, and
= 281 are used to compute secret key.
after apply CRT to solve congruent relation x = 22029000. Secret share is reconstructed as s = x modq0, 22029000%113 = 102.
Verification of Secret: public parameter are (y,m) =(63,97) If y = S*m% q0
102*97%113=63 correct. Generate secret is correct.
Case 2: Assume that at level 3 for generation of secret key collaboration of and
from L2 level, and
and
from L3, are required. Number of partial shares at level three are 4. To find the secret key by solving the system of equations as follows
After apply CRT to solve congruent relation x = 22029000. Secret share is reconstructed as s = x modq022029000%113 = 102
Verification of Secret: public parameter are (y,m) =(63,97), If y = S*m% q0
(102*97)%113=63 correct. Generate secret is correct.
Case 3: Assume that at level 3 for generation of secret key collaboration of from L2 level,
from L3, and
from level L3are required. Number of partial shares at level three is but the shod value for regeneration of key is 4. So, can’t not generate the key by using three partial shares,
x = 21mod277, after apply CRT to solve congruent relation x = 3743399. Secret share is reconstructed as s’ = x’ modq03743399%113 = 48 which is not equal of secret key.
Verification of Secret: public parameter is (y, m) = (63, 97). If y = S*m% q0, (48*97) %113 = 23 not equal to 63 correct. Generate secret is incorrect.
4. Results and discussion
This section discusses the significance of the findings in the healthcare industry after presenting the outcomes of using secure mobile agents in conjunction with the Verifiable Variable Threshold Secret Sharing (VVTSS) approach for effective medical information retrieval [30].
4.1. Security measurements and implementations
Table 1 presents the comparison of proposed approach with other methodology previously proposed on the basis of different parameter Validity (V), Traceable (T), Confidentiality (C) and Consistency (C). As a result, the proposed approach if far better than the other.
Table 2 presents the comparison of proposed approach on the basis of parameter Proactive, Threshold, Verifiable, single/multiple authentications and Change Secret. As a result, the proposed approach is far better than the other.
The proposed approach is based on the fusion of the multiplicative inverse concept and the Chinese remainder theorem with a variable threshold value. It is compared with three other approaches: the Reputation-based Model (RBM), Trust Scoring System (TSS), and Trust Ranking System (TRS). These three approaches provide only a single level of authentication and lack verification. Table 3 presents a comparison of the proposed approach with the three techniques based on the number of mobile agents and the time taken for authentication key generation [31].
In this table, as the number of mobile agents in a malicious environment increase, the time required for key generation also increases proportionally. The RBM, TSS, and TRS do not rely on the threshold value, whereas the proposed approach is based on variable threshold values at multiple levels for generating the secret key used in authentication [32].
In proposed framework implement a variable threshold based secret sharing model for mobile agent security. Every mobile agent utilize multiple level ach level has a unique key for execution of assigned task. And each level has different threshold to generate the secret key. In our implementation considering three level and level one, level two and level three consider threshold 2, 3, 4 respectively. Secret share distributed among the mobile agents. Reconstruction of secret key is allowed only when required minimum number of mobile agent collaborated. Implementation of different mobile agents for secure accessing of data there is requirement of secret key. Here consider three levels each level required fixed number of secret shares of mobile agents to regenerate the key to accessing the resources of platform. Higher level utilizes lower level of share to regenerate the share but vice versa not possible. Table 3 show the all calculation regarding implementation of proposed framework.
In Table 4, ‘16’ epochs are used for different values of the number of mobile agents [33]. Upon observation, it is noted that the proposed approach’s authentication processing time is significantly better than that of the RBM and TSS, but it takes longer compared to the TRS. However, the TRS approach employs single-level authentication, resulting in the proposed approach being the superior choice among the three. In order to create a mobile agent using a typical Python toolkit, we can use a number of frameworks and modules, such as Pykka which enable agent-based modelling, mobility, and interaction across distributed settings. With Pykka, you can use the actor-based model to simulate mobile agents that have the ability to move and interact. It’s perfect for simulating locally [34]. To simulate and analyze the results for the algorithm that secures mobile agents for medical data retrieval using the VVTSS approach, enhanced by a Multilevel CRT, the following steps can be taken:
Fig 5 shows the response time comparison for different trust models as the number of mobile agent’s increases:
- RBM: Response time increases the most significantly as the number of mobile agents grows.
- TSS: Has moderate response times, higher than TRS but lower than RBM.
- TRS: Shows the lowest response time across all agent numbers.
- VTSSS: Multiple level system response times are lower than RBM and TSS but slightly higher than TRS, especially as the number of agent’s increases.
This simulation provides a way to secure mobile agents in medical data retrieval using a verifiable variable threshold secret sharing approach, enhanced by the Multilevel CRT. The analysis helps measure the time efficiency, security strength, and verification effectiveness.
The Verifiable Variable Threshold Secret Sharing (VVTS) Approach using Multilevel CRT can be added to the preceding table and graphs in order to compare it with the current scenarios. Usually, the VVTS method with multilevel CRT offers effective key reconstruction, scalability, and a high degree of security.
4.2. Comparison parameters
Many factors, including time complexity, computational overhead, and communication cost, security level, and scalability, can be assessed in order to conduct a thorough analysis of secured mobile agents across multiple metrics and scenarios [35].
Fig 6 show the Comparison table of mobile agents across multiple metrics and scenarios.
- Time Complexity: Multiple levels of verification and modulus computations may result in moderate to high time complexity for VVTS employing multilayer CRT.
- Computational Overhead: The multilevel key reconstruction and verification phases make it slightly more complex than simple methods like Shamir’s.
- Communication Cost: Moderate, since some data transmission is required for key distribution and verification.
- Security Level: The threshold key generation and verification process is safe and effective thanks to CRT.
- Scalability: High, because the CRT can handle various security levels and secret reconstruction with ease.
Table 5 presents the comparison table of mobile agents across multiple metrics and scenarios.
Table 6 illustrates the comparison of the proposed model, which relies on multilevel secret sharing, with similar techniques. The parameters for comparison include secret generation time, secret distribution time, reconstruction time, scalability, and threshold value.
After analyzing these various parameters, it becomes evident that secret key sharing based on the multilevel security using the Chinese Remainder Theorem offers distinct advantages over other techniques. The Multilevel security approach is based on CRT secret sharing exhibits greater efficiency in terms of share size when compared to Shamir’s Secret Sharing. This efficiency is attributed to the employment of modular arithmetic in CRT, enabling the achievement of smaller shares. This reduction in share size contributes to minimizing storage requirements and lowering transmission overhead.
5. Conclusion and future scope
This paper suggested a secure framework for mobile agents that use VVTSS to retrieve medical information efficiently. The crucial problem of protecting privacy and security in the flow of sensitive medical data across dispersed contexts is addressed by this framework. The Multilevel CRT in conjunction with the VVTS technique greatly improves the security and effectiveness of medical data retrieval in mobile agent systems. The comparative analysis shows that VVTS maintains a high security level of 5 and supports scalability for up to 600 agents while achieving a time complexity of 40 ms, a computational overhead of 10 ms, and a communication cost of 8 KB. Traditional techniques, like Shamir’s Secret Sharing, on the other hand, have a time complexity of 20 ms, a lower security level of 3, and less scalability—they can only handle up to 100 agents. In addition to fixing the flaws in the current models, the VVTS framework performs better than them on important performance indicators. Potential future research directions include expanding the VVTS framework’s capability beyond 600 agents, improving its scalability for even bigger networks, and investigating how to integrate it with block chain technology for improved data integrity and traceability. Furthermore, to confirm the VVTS approach’s efficacy, flexibility, and usefulness and to guarantee its resilience to new security risks in mobile agent environments, real-world deployments in healthcare settings can be carried out.
References
- 1. Tariq U, Ahmed I, Bashir AK, Shaukat K. A critical cybersecurity analysis and future research directions for the internet of things: a comprehensive review. Sensors (Basel). 2023;23(8):4117. pmid:37112457
- 2. Hur J, Han K, Sohn S. A framework for mobile agent system security policy management. Int J Security Appl. 2010;4(1):53–62.
- 3. Dhasarathan C, Shanmugam M, Kumar M, Tripathi D, Khapre S, Shankar A. A nomadic multi-agent based privacy metrics for e-health care: a deep learning approach. Multimed Tools Appl. 2024;83:7249–72. pmid:37362729
- 4. Kim H-I, Lee H-K. Mobile agent-based healthcare information system. IEEE Trans Inf Technol Biomed. 2000;4(2):152–60.
- 5. Bindra SS, Aggarwal A. Security in cyber physical systems: Transformation and challenges. J Autonom Intell. 2024;7(4).
- 6. Hung WL, Chang HT. Mobile agent-based healthcare monitoring system for elderly and chronically ill patients. J Med Syst. 2016;40(3):1–9.
- 7. Srivastava S, Nandi GC. Self-reliant mobile code: a new direction of agent security. J Netw Comput Appl. 2014;37:62–75.
- 8. John Joseph AJ, Mariappan M. A novel trust-scoring system using trustability co-efficient of variation for identification of secure agent platforms. PLoS One. 2018;13(8):e0201600. pmid:30071002
- 9. Geetha G, Jayakumar C. Data security in free roaming mobile agents. Commun Comput Inf Sci. 2011;196:472–82.
- 10. Han K, Mun H, Shon T, Yeun CY, Park JJ. Secure and efficient public key management in next generation mobile networks. Pers Ubiquit Comput. 2011;16(6):677–85.
- 11. Raji F, Tork Ladani B. Anonymity and security for autonomous mobile agents. IET Inf Secur. 2010;4(4):397–410.
- 12. Cavalcante RC, Bittencourt II, da Silva AP, Silva M, Costa E, Santos R. A survey of security in multi-agent systems. Expert Syst Appl. 2012;39(5):4835–46.
- 13. Harn L, Fuyou M. Multilevel threshold secret sharing based on the Chinese Remainder Theorem. Inf Process Lett. 2014;114(9):504–9.
- 14. Jia X, Wang D, Nie D, Luo X, Sun JZ. A new threshold changeable secret sharing scheme based on the Chinese Remainder Theorem. Inf Sci (Ny). 2019;473:13–30.
- 15. Kandar S, Dhara BC. A verifiable secret sharing scheme with combiner verification and cheater identification. J Inf Secur Appl. 2020;51:102430.
- 16. Bagga P, Hans R. Applications of mobile agents in healthcare domain: a literature survey. Int J Grid Distrib Comput. 2015;8(5):55–72.
- 17. Hsiao T-C, Wu Z-Y, Chen T-L, Chung Y-F, Chen T-S. A hierarchical access control scheme based on Lagrange interpolation for mobile agents. Int J Distrib Sens Networks. 2018;14(7):155014771879089.
- 18. Wang H, Zhang L, Liu B. Research and design of a hybrid DV-hop algorithm based on the chaotic crested porcupine optimizer for wireless sensor localization in smart farms. Agriculture. 2024;14(8):1226.
- 19. Bhukya CR, Thakur P, Mudhivarthi BR, Singh G. Cybersecurity in internet of medical vehicles: state-of-the-art analysis, research challenges and future perspectives. Sensors (Basel). 2023;23(19):8107. pmid:37836937
- 20. Olimid RF. Dealer-leakage resilient verifiable secret sharing. IACR Cryptol. ePrint Archive. 2014:1–10.
- 21. Verma OP, Jain N, Pal SK. A Hybrid-based verifiable secret sharing scheme using Chinese Remainder Theorem. Arab J Sci Eng. 2019;45(4):2395–406.
- 22. Sankaranarayanan S, Sivachandran AT, Mohd Khairuddin AS, Hasikin K, Wahab Sait AR. An ensemble classification method based on machine learning models for malicious Uniform Resource Locators (URL). PLoS One. 2024;19(5):e0302196. pmid:38820435
- 23. Das A, Adhikari A. An efficient multi-use multi-secret sharing scheme based on hash function. Appl Math Lett. 2010;23(9):993–6.
- 24. Mohammad A, Chirchir B. Challenges of integrating artificial intelligence in software project planning: a systematic literature review. Digital. 2024;4(3):555–71.
- 25. Geetha G, Jayakumar C. Implementation of trust and reputation management for free-roaming mobile agent security. IEEE Syst J. 2015;9(2):556–66.
- 26. Saini P, Kumar K, Kashid S, Dhiman A, Negi A. BEMSS- Blockwise Encryption based Multi Secret Sharing scheme for Securing Visual Content. In: 2022 IEEE 9th Uttar Pradesh Section International Conference on Electrical, Electronics and Computer Engineering (UPCON), Prayagraj, India. 2022. p. 1–6.
- 27.
Ravichandran A, Sankaranarayanan S. Anomaly detection in videos using deep learning techniques. In: Applications of Artificial Intelligence and Machine Learning: Select Proceedings of ICAAAIML 2020. Springer Singapore; 2021. p. 263–75.
- 28.
Saini P, Kumar K, Kashid S, Negi A. MEVSS: modulo encryption based visual secret sharing scheme for securing visual content. In: Troiano L, Vaccaro A, Kesswani N, Díaz Rodriguez I, Brigui I, Pastor-Escuredo D, editors. Key Digital Trends in Artificial Intelligence and Robotics. ICDLAIR 2022. Lecture Notes in Networks and Systems, vol 670. Cham: Springer; 2023. https://doi.org/10.1007/978-3-031-30396-8_3
- 29.
Adamu AA, Salau AO, Zhiyong L. A Robust Context and Role-Based Dynamic Access Control for Distributed Healthcare Information Systems. Internet of Things, Taylor and Francis, CRC Press. 2021. p. 1–21. https://doi.org/10.1201/9781003140443-10
- 30. Anwar A, Goyal SB, Verma C, Salau AO. Blockchain-enabled secure electronic health records management: a comprehensive framework for access control, encryption, data validation. J Logist Info Serv Sci. 2024;11(4):49–72.
- 31. Samet D, Ktata FB, Ghedira K. A security framework for mobile agent systems. Autom Softw Eng. 2024;31(1):12.
- 32.
Odhiambo MO, Mwashita W. Security provision for the internet of intelligence using autonomous mobile agents. In: From internet of things to internet of intelligence. Cham: Springer Nature Switzerland; 2024. p. 147–56.
- 33. Khellaf R, Boudouda S. Enhancing mobile enterprise security: A blockchain and agent paradigm-based approach for continuous protection and rapid adaptation. IEEE Access. 2024.
- 34.
Kumar P, Singhal N, Asim M, Kumar A, Alam M. Mobile agent security using lagrange interpolation with multilayer perception neural network. In Advances in Computing and Data Sciences: 5th International Conference, ICACDS 2021, Nashik, India, April 23–24, 2021, Revised Selected Papers, Part I 5. Springer International Publishing; 2021. p. 290–302.
- 35. Kumar P, Banerjee K, Singhal N, Kumar A, Rani S, Kumar R, et al. Verifiable, secure mobile agent migration in healthcare systems using a polynomial-based threshold secret sharing scheme with a Blowfish Algorithm. Sensors (Basel). 2022;22(22):8620. pmid:36433217