A Survey on Smart Home Authentication: Toward Secure, Multi-Level and Interaction-based Identification

With the increased number and reduced cost of smart devices, Internet of Things (IoT) applications such as smart home (SHome) are increasingly popular. Owing to the characteristics of IoT environments such as resource constrained devices, existing authentication solutions may not be suitable to secure these environments. As a result, a number of authentication solutions specifically designed for IoT environments have been proposed. This paper provides a critical analysis of existing authentication solutions. The major contributions of the paper are as follows. First, it presents a generic model derived from an SHome use-case scenario. Secondly, based on the model, it performs a threat analysis to identify possible means of attacks. The analysis leads to the specification of a set of desirable security requirements for the design of authentication solutions for SHome. Thirdly, based on the requirements, existing authentication solutions are analysed and some ideas for achieving effective and efficient authentication in IoT environments are proposed

A Multi-Factor Homomorphic Encryption based Method for Authenticated Access to IoT Devices

Authentication is the first defence mechanism in many electronic systems, including Internet of Things (IoT) applications, as it is essential for other security services such as intrusion detection. As existing authentication solutions proposed for IoT environments do not provide multi-level authentication assurance, particularly for device-to-device authentication scenarios, we recently proposed the M2I (Multi-Factor Multi-Level and Interaction based Authentication) framework to facilitate multi-factor authentication of devices in device-to-device and device-to-multiDevice interactions. In this paper, we extend the framework to address group authentication. Two Many-to-One (M2O) protocols are proposed, the Hybrid Group Authentication and Key Acquisition (HGAKA) protocol and the Hybrid Group Access (HGA) protocol. The protocols use a combination of symmetric and asymmetric cryptographic primitives to facilitate multifactor group authentication. The informal analysis and formal security verification show that the protocols satisfy the desirable security requirements and are secure against authentication attacks

An end-to-end bidirectional authentication system for pallet pooling management through blockchain internet of things (BIoT)

Pallet pooling is regarded as a sustainable and cost-effective measure for the industry, but it is challenging to advocate due to weak data and pallet authentication. In order to establish trust between end-users and pallet pooling services, the authors propose an end-to-end, bidirectional authentication system for transmitted data and pallets based on blockchain and internet-of-things (IoT) technologies. In addition, secure data authentication fosters the pallet authenticity in the whole supply chain network, which is achieved by considering the tag, location, and object-specific features. To evaluate the object-specific features, the scale invariant feature transform (SIFT) approach is adopted to match key-points and descriptors between two pallet images. According to the case study, it is found that the proposed system provides a low bandwidth blocking rate and a high probability of restoring complete data payloads. Consequently, positive influences on end-user satisfaction, quality of service, operational errors, and pallet traceability are achieved through the deployment of the proposed system

A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications

Existing authentication solutions proposed for Internet of Things (IoT) provide a single Level of Assurance (LoA) regardless of the sensitivity levels of the resources or interactions between IoT devices being protected. For effective (with adequate level of protection) and efficient (with as low overhead costs as possible) protections, it may be desirable to tailor the protection level in response to the sensitivity level of the resources, as a stronger protection level typically imposes a higher level of overheads costs. In this paper, we investigate how to facilitate multi-LoA authentication for IoT by proposing a multi-factor multi-level and interaction based (M2I) authentication framework. The framework implements LoA linked and interaction based authentication. Two interaction modes are investigated, P2P (Peer-to-Peer) and O2M (One-to-Many) via the design of two corresponding protocols. Evaluation results show that adopting the O2M interaction mode in authentication can cut communication cost significantly; compared with that of the Kerberos protocol, the O2M protocol reduces the communication cost by 42% ~ 45%. The protocols also introduce less computational cost. The P2P and O2M protocol, respectively, reduce the computational cost by 70% ~ 72% and 81% ~ 82% in comparison with that of Kerberos. Evaluation results also show that the two factor authentication option costs twice as much as that of the one-factor option

ENABLING IOT AUTHENTICATION, PRIVACY AND SECURITY VIA BLOCKCHAIN

Although low-power and Internet-connected gadgets and sensors are increasingly integrated into our lives, the optimal design of these systems remains an issue. In particular, authentication, privacy, security, and performance are critical success factors. Furthermore, with emerging research areas such as autonomous cars, advanced manufacturing, smart cities, and building, usage of the Internet of Things (IoT) devices is expected to skyrocket. A single compromised node can be turned into a malicious one that brings down whole systems or causes disasters in safety-critical applications. This dissertation addresses the critical problems of (i) device management, (ii) data management, and (iii) service management in IoT systems. In particular, we propose an integrated platform solution for IoT device authentication, data privacy, and service security via blockchain-based smart contracts. We ensure IoT device authentication by blockchain-based IC traceability system, from its fabrication to its end-of-life, allowing both the supplier and a potential customer to verify an IC’s provenance. Results show that our proposed consortium blockchain framework implementation in Hyperledger Fabric for IC traceability achieves a throughput of 35 transactions per second (tps). To corroborate the blockchain information, we authenticate the IC securely and uniquely with an embedded Physically Unclonable Function (PUF). For reliable Weak PUF-based authentication, our proposed accelerated aging technique reduces the cumulative burn-in cost by ∼ 56%. We also propose a blockchain-based solution to integrate the privacy of data generated from the IoT devices by giving users control of their privacy. The smart contract controlled trust-base ensures that the users have private access to their IoT devices and data. We then propose a remote configuration of IC features via smart contracts, where an IC can be programmed repeatedly and securely. This programmability will enable users to upgrade IC features or rent upgraded IC features for a fixed period after users have purchased the IC. We tailor the hardware to meet the blockchain performance. Our on-die hardware module design enforces the hardware configuration’s secure execution and uses only 2,844 slices in the Xilinx Zedboard Zynq Evaluation board. The blockchain framework facilitates decentralized IoT, where interacting devices are empowered to execute digital contracts autonomously

Security in Internet of Things: networked smart objects.

Internet of Things (IoT) is an innovative paradigm approaching both industries and humans every-day life. It refers to the networked interconnection of every-day objects, which are equipped with ubiquitous intelligence. It not only aims at increasing the ubiquity of the Internet, but also at leading towards a highly distributed network of devices communicating with human beings as well as with other devices. Thanks to rapid advances in underlying technologies, IoT is opening valuable opportunities for a large number of novel applications, that promise to improve the quality of humans lives, facilitating the exchange of services. In this scenario, security represents a crucial aspect to be addressed, due to the high level of heterogeneity of the involved devices and to the sensibility of the managed information. Moreover, a system architecture should be established, before the IoT is fully operable in an efficient, scalable and interoperable manner. The main goal of this PhD thesis concerns the design and the implementation of a secure and distributed middleware platform tailored to IoT application domains. The effectiveness of the proposed solution is evaluated by means of a prototype and real case studies

Shaping the future of cold chain 4.0 through the lenses of digital transition and sustainability

The digitisation of supply chain management lies at the crux of modern industry and similar trends are noticeable in the cold chain (CC) under the cold chain 4.0 (CC 4.0) concept. However, the extant research lacks a systematic summary of existing findings on CC 4.0. Therefore, this study provides a bibliometric and network analysis of 618 high-quality CC 4.0 publications extracted from the Web of Science (WoS). The study uses performance assessment and science mapping to investigate the impact of digital and sustainable technologies in the CC domain. Four main research streams and 19 research propositions are identified to provide an informative overview of the most recent developments in the emerging and growing domain of CC 4.0 and the interface between information systems and operations management. The study further identifies the critical role and impacts of digital-sustainable transformation and presents an agenda for future research focusing on critical theoretical and managerial areas that remain understudied

Novel Cryptographic Authentication Mechanisms for Supply Chains and OpenStack

In this dissertation, first, we studied the Radio-Frequency Identification (RFID) tag authentication problem in supply chains. RFID tags have been widely used as a low-cost wireless method for detecting counterfeit product injection in supply chains. We open a new direction toward solving this problem by using the Non-Volatile Memory (NVM) of recent RFID tags. We propose a method based on this direction that significantly improves the availability of the system and costs less. In our method, we introduce the notion of Software Unclonability, which is a kind of one-time MAC for authenticating random inputs. Also, we introduce three lightweight constructions that are software unclonable. Second, we focus on OpenStack that is a prestigious open-source cloud platform. OpenStack takes advantage of some tokening mechanisms to establish trust between its modules and users. It turns out that when an adversary captures user tokens by exploiting a bug in a module, he gets extreme power on behalf of users. Here, we propose a novel tokening mechanism that ties commands to tokens and enables OpenStack to support short life tokens while it keeps the performance up

A Level Dependent Authentication for IoT Paradigm

The Internet of Things (IoT) based services are getting a widespread expansion in all the directions and dimensions of the 21st century. The IoT based deployment involves an internet-connected sensor, mobiles, laptops, and other networking and computing de- vices. In most IoT based applications, the sensor collects the data and communicates it to the end-user via gateway device or fog device over a precarious internet channel. The attacker can use this open channel to capture the sensing device or the gateway device to collect the IoT data or control the IoT system. For a long time, numerous researchers are working towards designing the authentication mechanism for the sen- sor network to achieve reliable and computationally feasible security. For the resource constraint environment of the IoT, it is essential to design reliable, ecient, and secure authentication protocol. In this paper, we propose a novel approach of authentication in the IoT paradigm called a Level-Dependent Authentication(LDA). In the LDA protocol, we propose a security reliable and resource ecient key sharing mechanism in which users at level li can communicate with the sensor at level lj if and only if the level of user in the organizational hierarchy is lower or equal to the level of sensor deployment. We pro- vide a security analysis for the proposed LDA protocol using random oracle based games & widely accepted AVISPA tools. We prove mutual authentication for the proposed protocol using BAN logic. In this paper, we also discuss a comparative analysis of the proposed protocol with other existing IoT authentication systems based on communica- tion cost, computation cost, and security index. We provide an implementation for the proposed protocol using a globally adopted IoT protocol called MQTT protocol. Finally, we present the collected data related to the networking parameters like throughput and round trip delay