42 research outputs found
A Survey on Smart Home Authentication: Toward Secure, Multi-Level and Interaction-based Identification
With the increased number and reduced cost of smart devices, Internet of Things (IoT) applications such as smart home (SHome) are increasingly popular. Owing to the characteristics of IoT environments such as resource constrained devices, existing authentication solutions may not be suitable to secure these environments. As a result, a number of authentication solutions specifically designed for IoT environments have been proposed. This paper provides a critical analysis of existing authentication solutions. The major contributions of the paper are as follows. First, it presents a generic model derived from an SHome use-case scenario. Secondly, based on the model, it performs a threat analysis to identify possible means of attacks. The analysis leads to the specification of a set of desirable security requirements for the design of authentication solutions for SHome. Thirdly, based on the requirements, existing authentication solutions are analysed and some ideas for achieving effective and efficient authentication in IoT environments are proposed
A Multi-Factor Homomorphic Encryption based Method for Authenticated Access to IoT Devices
Authentication is the first defence mechanism in many electronic systems,
including Internet of Things (IoT) applications, as it is essential for other
security services such as intrusion detection. As existing authentication
solutions proposed for IoT environments do not provide multi-level
authentication assurance, particularly for device-to-device authentication
scenarios, we recently proposed the M2I (Multi-Factor Multi-Level and
Interaction based Authentication) framework to facilitate multi-factor
authentication of devices in device-to-device and device-to-multiDevice
interactions. In this paper, we extend the framework to address group
authentication. Two Many-to-One (M2O) protocols are proposed, the Hybrid Group
Authentication and Key Acquisition (HGAKA) protocol and the Hybrid Group Access
(HGA) protocol. The protocols use a combination of symmetric and asymmetric
cryptographic primitives to facilitate multifactor group authentication. The
informal analysis and formal security verification show that the protocols
satisfy the desirable security requirements and are secure against
authentication attacks
An end-to-end bidirectional authentication system for pallet pooling management through blockchain internet of things (BIoT)
Pallet pooling is regarded as a sustainable and cost-effective measure for the industry, but it is challenging to advocate due to weak data and pallet authentication. In order to establish trust between end-users and pallet pooling services, the authors propose an end-to-end, bidirectional authentication system for transmitted data and pallets based on blockchain and internet-of-things (IoT) technologies. In addition, secure data authentication fosters the pallet authenticity in the whole supply chain network, which is achieved by considering the tag, location, and object-specific features. To evaluate the object-specific features, the scale invariant feature transform (SIFT) approach is adopted to match key-points and descriptors between two pallet images. According to the case study, it is found that the proposed system provides a low bandwidth blocking rate and a high probability of restoring complete data payloads. Consequently, positive influences on end-user satisfaction, quality of service, operational errors, and pallet traceability are achieved through the deployment of the proposed system
A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications
Existing authentication solutions proposed for Internet of Things (IoT)
provide a single Level of Assurance (LoA) regardless of the sensitivity levels
of the resources or interactions between IoT devices being protected. For
effective (with adequate level of protection) and efficient (with as low
overhead costs as possible) protections, it may be desirable to tailor the
protection level in response to the sensitivity level of the resources, as a
stronger protection level typically imposes a higher level of overheads costs.
In this paper, we investigate how to facilitate multi-LoA authentication for
IoT by proposing a multi-factor multi-level and interaction based (M2I)
authentication framework. The framework implements LoA linked and interaction
based authentication. Two interaction modes are investigated, P2P
(Peer-to-Peer) and O2M (One-to-Many) via the design of two corresponding
protocols. Evaluation results show that adopting the O2M interaction mode in
authentication can cut communication cost significantly; compared with that of
the Kerberos protocol, the O2M protocol reduces the communication cost by 42% ~
45%. The protocols also introduce less computational cost. The P2P and O2M
protocol, respectively, reduce the computational cost by 70% ~ 72% and 81% ~
82% in comparison with that of Kerberos. Evaluation results also show that the
two factor authentication option costs twice as much as that of the one-factor
option
Recommended from our members
ENABLING IOT AUTHENTICATION, PRIVACY AND SECURITY VIA BLOCKCHAIN
Although low-power and Internet-connected gadgets and sensors are increasingly integrated into our lives, the optimal design of these systems remains an issue. In particular, authentication, privacy, security, and performance are critical success factors. Furthermore, with emerging research areas such as autonomous cars, advanced manufacturing, smart cities, and building, usage of the Internet of Things (IoT) devices is expected to skyrocket. A single compromised node can be turned into a malicious one that brings down whole systems or causes disasters in safety-critical applications. This dissertation addresses the critical problems of (i) device management, (ii) data management, and (iii) service management in IoT systems. In particular, we propose an integrated platform solution for IoT device authentication, data privacy, and service security via blockchain-based smart contracts. We ensure IoT device authentication by blockchain-based IC traceability system, from its fabrication to its end-of-life, allowing both the supplier and a potential customer to verify an IC’s provenance. Results show that our proposed consortium blockchain framework implementation in Hyperledger Fabric for IC traceability achieves a throughput of 35 transactions per second (tps). To corroborate the blockchain information, we authenticate the IC securely and uniquely with an embedded Physically Unclonable Function (PUF). For reliable Weak PUF-based authentication, our proposed accelerated aging technique reduces the cumulative burn-in cost by ∼ 56%. We also propose a blockchain-based solution to integrate the privacy of data generated from the IoT devices by giving users control of their privacy. The smart contract controlled trust-base ensures that the users have private access to their IoT devices and data. We then propose a remote configuration of IC features via smart contracts, where an IC can be programmed repeatedly and securely. This programmability will enable users to upgrade IC features or rent upgraded IC features for a fixed period after users have purchased the IC. We tailor the hardware to meet the blockchain performance. Our on-die hardware module design enforces the hardware configuration’s secure execution and uses only 2,844 slices in the Xilinx Zedboard Zynq Evaluation board. The blockchain framework facilitates decentralized IoT, where interacting devices are empowered to execute digital contracts autonomously
Security in Internet of Things: networked smart objects.
Internet of Things (IoT) is an innovative paradigm approaching both industries and humans every-day life. It refers to the networked interconnection of every-day objects, which are equipped with ubiquitous intelligence. It not only aims at increasing the ubiquity of the Internet, but also at leading towards a highly distributed network of devices communicating with human beings as well as with other devices. Thanks to rapid advances in underlying technologies, IoT is opening valuable opportunities for a large number of novel applications, that promise to improve the quality of humans lives, facilitating the exchange of services.
In this scenario, security represents a crucial aspect to be addressed, due to the high level of heterogeneity of the involved devices and to the sensibility of the managed information. Moreover, a system architecture should be established, before the IoT is fully operable in an efficient, scalable and interoperable manner.
The main goal of this PhD thesis concerns the design and the implementation of a secure and distributed middleware platform tailored to IoT application domains. The effectiveness of the proposed solution is evaluated by means of a prototype and real case studies
Shaping the future of cold chain 4.0 through the lenses of digital transition and sustainability
The digitisation of supply chain management
lies at the crux of modern industry and similar trends are
noticeable in the cold chain (CC) under the cold chain 4.0
(CC 4.0) concept. However, the extant research lacks a
systematic summary of existing findings on CC 4.0.
Therefore, this study provides a bibliometric and network
analysis of 618 high-quality CC 4.0 publications extracted
from the Web of Science (WoS). The study uses
performance assessment and science mapping to investigate
the impact of digital and sustainable technologies in the CC
domain. Four main research streams and 19 research
propositions are identified to provide an informative
overview of the most recent developments in the emerging
and growing domain of CC 4.0 and the interface between
information systems and operations management. The
study further identifies the critical role and impacts of
digital-sustainable transformation and presents an agenda
for future research focusing on critical theoretical and
managerial areas that remain understudied
Novel Cryptographic Authentication Mechanisms for Supply Chains and OpenStack
In this dissertation, first, we studied the Radio-Frequency Identification (RFID) tag authentication problem in supply chains. RFID tags have been widely used as a low-cost wireless method for detecting counterfeit product injection in supply chains. We open a new direction toward solving this problem by using the Non-Volatile Memory (NVM) of recent RFID tags. We propose a method based on this direction that significantly improves the availability of the system and costs less. In our method, we introduce the notion of Software Unclonability, which is a kind of one-time MAC for authenticating random inputs. Also, we introduce three lightweight constructions that are software unclonable. Second, we focus on OpenStack that is a prestigious open-source cloud platform. OpenStack takes advantage of some tokening mechanisms to establish trust between its modules and users. It turns out that when an adversary captures user tokens by exploiting a bug in a module, he gets extreme power on behalf of users. Here, we propose a novel tokening mechanism that ties commands to tokens and enables OpenStack to support short life tokens while it keeps the performance up
A Level Dependent Authentication for IoT Paradigm
The Internet of Things (IoT) based services are getting a widespread expansion in all
the directions and dimensions of the 21st century. The IoT based deployment involves
an internet-connected sensor, mobiles, laptops, and other networking and computing de-
vices. In most IoT based applications, the sensor collects the data and communicates
it to the end-user via gateway device or fog device over a precarious internet channel.
The attacker can use this open channel to capture the sensing device or the gateway
device to collect the IoT data or control the IoT system. For a long time, numerous
researchers are working towards designing the authentication mechanism for the sen-
sor network to achieve reliable and computationally feasible security. For the resource
constraint environment of the IoT, it is essential to design reliable, ecient, and secure
authentication protocol. In this paper, we propose a novel approach of authentication in
the IoT paradigm called a Level-Dependent Authentication(LDA). In the LDA protocol,
we propose a security reliable and resource ecient key sharing mechanism in which users
at level li can communicate with the sensor at level lj if and only if the level of user in
the organizational hierarchy is lower or equal to the level of sensor deployment. We pro-
vide a security analysis for the proposed LDA protocol using random oracle based games
& widely accepted AVISPA tools. We prove mutual authentication for the proposed
protocol using BAN logic. In this paper, we also discuss a comparative analysis of the
proposed protocol with other existing IoT authentication systems based on communica-
tion cost, computation cost, and security index. We provide an implementation for the
proposed protocol using a globally adopted IoT protocol called MQTT protocol. Finally,
we present the collected data related to the networking parameters like throughput and
round trip delay