[1][2] Mutual authentication can be accomplished with two types of credentials: usernames and passwords, and public key certificates.
Mutual authentication is a crucial security step that can defend against many adversarial attacks,[3] which otherwise can have large consequences if IoT systems (such as e-Healthcare servers) are hacked.
A mutual authentication process that exchanges user IDs may be implemented as follows:[citation needed] To verify that mutual authentication has occurred successfully, Burrows-Abadi-Needham logic (BAN logic) is a well regarded and widely accepted method to use, because it verifies that a message came from a trustworthy entity.
[1][2][5][6] Mutual authentication supports zero trust networking because it can protect communications against adversarial attacks,[7] notably: Mutual authentication also ensures information integrity because if the parties are verified to be the correct source, then the information received is reliable as well.
[13] As it requires provisioning of the certificates to the clients and involves less user-friendly experience, it's rarely used in end-user applications.
Mutual TLS authentication (mTLS) is more often used in business-to-business (B2B) applications, where a limited number of programmatic and homogeneous clients are connecting to specific web services, the operational burden is limited, and security requirements are usually much higher as compared to consumer environments.
[2][9] Thus, it becomes a desired characteristic of many mutual authentication schemes to have lightweight properties (e.g. have a low memory footprint) in order to accommodate the system that is storing a lot of data.
One solution to keep schemes lightweight during the mutual authentication process is to limit the number of bits used during communication.
[14] Schemes may sacrifice a better runtime or storage cost when ensuring mutual authentication in order to prioritize protecting the sensitive data.
While applications could simply require users to use a computer-generated password, it is inconvenient for people to remember.
[16] However, a negative aspect about password-based authentication is that password tables can take up a lot of memory space.
[11][18] Radio frequency identification (RFID) tags are commonly used for object detection, which many manufacturers are implementing into their warehouse systems for automation.
[11] This is beneficial for patients that should not be disturbed while being monitored, and can reduced the workload for medical worker and allow them to focus on the more hands-on jobs.
[2] Clouds are useful for storing large amounts of data, such as medical information, that can be accessed by many devices whenever needed.