EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Post-quantum cognitive zero trust architecture for healthcare IoT devices

Hashim Hussain, Shailendra Mishra and Reem Alshenaifi

PLOS ONE, 2026, vol. 21, issue 5, 1-27

Abstract: Healthcare IoT systems increasingly rely on interconnected, resource-constrained devices that are vulnerable to both classical and emerging quantum-enabled cyber threats, but introduced heightened cybersecurity risks, particularly from emerging quantum computing threats that can break conventional encryption such as RSA and ECC. This study addresses the urgent need to secure resource-constrained healthcare IoT systems against both classical and post-quantum attacks while maintaining low-latency performance suitable for non-real-time clinical traffic.This study proposed the Post-Quantum Cognitive Zero-Trust Architecture (PQ-CZTA), which integrates NIST-standardized post-quantum cryptography,CRYSTALS-Kyber for key encapsulation and SPHINCS+ for stateless digital signatures,with a lightweight cognitive engine. The engine employs three machine learning classifiers (Random Forest as primary, Logistic Regression, and Multi-Layer Perceptron) trained with SMOTE oversampling and 5-fold cross-validation on six diverse intrusion detection datasets (NSL-KDD, CIC-IDS2017, MedBIoT, Edge-IIoTset, IoT-23, TON_IoT). Intrusion probabilities are converted to dynamic trust scores that drive zero-trust policy decisions (ALLOW, MONITOR, DENY, QUARANTINE) in a layered architecture enforcing least privilege and hop-by-hop re-authentication.Evaluations demonstrate excellent detection performance with F1-scores ranging from 0.972 to 1.000 across datasets, particularly strong on modern IoT traffic. The full post-quantum handshake incurs 3.1–4.4 seconds latency (dominated by SPHINCS+), which remains acceptable for periodic vital-sign reporting, alerts, and firmware updates. An ablation study proves the importance of the components, with SMOTE contributing 5–20% to the F1 score on imbalanced data and cognitive ML providing the advantage of adaptive policies over static policies.PQ-CZTA provides a practical, quantum-resilient framework that enhances patient data privacy (HIPAA compliance via adaptive risk scoring), predicts attacks on limited devices, and supports resilient IoT-enabled healthcare systems against future quantum threats.

Date: 2026
References: Add references at CitEc
Citations:

Downloads: (external link)
https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0348600 (text/html)
https://journals.plos.org/plosone/article/file?id= ... 48600&type=printable (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:plo:pone00:0348600

DOI: 10.1371/journal.pone.0348600

Access Statistics for this article

More articles in PLOS ONE from Public Library of Science
Bibliographic data for series maintained by plosone ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2026-05-31
Handle: RePEc:plo:pone00:0348600