This project shows how the healthcare Internet of Medical Things (IoMT) network security implementation works through its use of the MQTT protocol which requires Transport Layer Security (TLS) and multiple types of authentication. The system uses an ESP32-S3 microcontroller which functions as a medical sensing node and supports a local Mosquitto MQTT broker and a Python-based subscriber that monitors clinical telemetry in real time. The study begins with baseline connectivity and vulnerability analysis over an unsecured MQTT channel (port 1883), where packet inspection using Wireshark demonstrates the exposure of personally identifiable information (PII) and medical telemetry in clear text. The unencrypted MQTT deployment which operates in healthcare environments demonstrates critical security risks which need immediate attention. The system needs to achieve better security through its architecture upgrade which implements Mutual TLS (mTLS) protection on port 8883. The system uses X.509 certificates to manage authentication while maintaining encrypted communication channels between its two systems. The security system uses two authentication systems which protect access to the network while protecting data transmission through Zero-Trust security. The Rockey2 hardware dongle prevents terminal access which combines with Time-Based One-Time Passwords (TOTP) to protect high-sensitivity clinical data that users must authenticate through smart card (ATR) validation and biometric verification. The medical data remains locked until the system reaches a state that only allows access to people with verified high-trust credentials. The project presents a security framework which scales up to handle healthcare MQTT deployments through its combination of cryptographic security measures.
Seliani et al. (Thu,) studied this question.