A lightweight authentication mechanism for M2M communications in industrial IoT environment

In the emerging Industrial IoT era, Machine-to-Machine (M2M) communication technology is considered as a key underlying technology for building Industrial IoT environments where devices (e.g., sensors, actuators, gateways) are enabled to exchange information with each other in an autonomous way without human intervention. However, most of the existing M2M protocols that can be also used in the Industrial IoT domain provide security mechanisms based on asymmetric cryptography resulting in high computational cost. As a consequence, the resource-constrained IoT devices are not able to support them appropriately and thus, many security issues arise for the Industrial IoT environment. Therefore, lightweight security mechanisms are required for M2M communications in Industrial IoT in order to reach its full potential. As a step towards this direction, in this paper, we propose a lightweight authentication mechanism, based only on hash and XOR operations, for M2M communications in Industrial IoT environment. The proposed mechanism is characterized by low computational cost, communication and storage overhead, while achieving mutual authentication, session key agreement, device’s identity confidentiality, and resistance against the following attacks: replay attack, man-in-the-middle attack, impersonation attack, and modification attack

Security of IoT in 5G Cellular Networks: A Review of Current Status, Challenges and Future Directions

The Internet of Things (IoT) refers to a global network that integrates real life physical objects with the virtual world through the Internet for making intelligent decisions. In a pervasive computing environment, thousands of smart devices, that are constrained in storage, battery backup and computational capability, are connected with each other. In such an environment, cellular networks that are evolving from 4G to 5G, are set to play a crucial role. Distinctive features like high bandwidth, wider coverage, easy connectivity, in-built billing mechanism, interface for M2M communication, etc., makes 5G cellular network a perfect candidate to be adopted as a backbone network for the future IoT. However, due to resource constrained nature of the IoT devices, researchers have anticipated several security and privacy issues in IoT deployments over 5G cellular network. Off late, several schemes and protocols have been proposed to handle these issues. This paper performs a comprehensive review of such schemes and protocols proposed in recent times. Different open security issues, challenges and future research direction are also summarized in this review paper

Lightweight mutual authentication and privacy preservation schemes for IOT systems.

Internet of Things (IoT) presents a holistic and transformative approach for providing services in different domains. IoT creates an atmosphere of interaction between humans and the surrounding physical world through various technologies such as sensors, actuators, and the cloud. Theoretically, when everything is connected, everything is at risk. The rapid growth of IoT with the heterogeneous devices that are connected to the Internet generates new challenges in protecting and preserving user’s privacy and ensuring the security of our lives. IoT systems face considerable challenges in deploying robust authentication protocols because some of the IoT devices are resource-constrained with limited computation and storage capabilities to implement the currently available authentication mechanism that employs computationally expensive functions. The limited capabilities of IoT devices raise significant security and privacy concerns, such as ensuring personal information confidentiality and integrity and establishing end-to-end authentication and secret key generation between the communicating device to guarantee secure communication among the communicating devices. The ubiquity nature of the IoT device provides adversaries more attack surfaces which can lead to tragic consequences that can negatively impact our everyday connected lives. According to [1], authentication and privacy protection are essential security requirements. Therefore, there is a critical need to address these rising security and privacy concerns to ensure IoT systems\u27 safety. This dissertation identifies gaps in the literature and presents new mutual authentication and privacy preservation schemes that fit the needs of resource-constrained devices to improve IoT security and privacy against common attacks. This research enhances IoT security and privacy by introducing lightweight mutual authentication and privacy preservation schemes for IoT based on hardware biometrics using PUF, Chained hash PUF, dynamic identities, and user’s static and continuous biometrics. The communicating parties can anonymously communicate and mutually authenticate each other and locally establish a session key using dynamic identities to ensure the user’s unlinkability and untraceability. Furthermore, virtual domain segregation is implemented to apply security policies between nodes. The chained-hash PUF mechanism technique is implemented as a way to verify the sender’s identity. At first, this dissertation presents a framework called “A Lightweight Mutual Authentication and Privacy-Preservation framework for IoT Systems” and this framework is considered the foundation of all presented schemes. The proposed framework integrates software and hardware-based security approaches that satisfy the NIST IoT security requirements for data protection and device identification. Also, this dissertation presents an architecture called “PUF Hierarchal Distributed Architecture” (PHDA), which is used to perform the device name resolution. Based on the proposed framework and PUF architecture, three lightweight privacy-preserving and mutual authentication schemes are presented. The Three different schemes are introduced to accommodate both stationary and mobile IoT devices as well as local and distributed nodes. The first scheme is designed for the smart homes domain, where the IoT devices are stationary, and the controller node is local. In this scheme, there is direct communication between the IoT nodes and the controller node. Establishing mutual authentication does not require the cloud service\u27s involvement to reduce the system latency and offload the cloud traffic. The second scheme is designed for the industrial IoT domain and used smart poultry farms as a use case of the Industrial IoT (IIoT) domain. In the second scheme, the IoT devices are stationary, and the controller nodes are hierarchical and distributed, supported by machine-to-machine (M2M) communication. The third scheme is designed for smart cities and used IoV fleet vehicles as a use case of the smart cities domain. During the roaming service, the mutual authentication process between a vehicle and the distributed controller nodes represented by the Roadside Units (RSUs) is completed through the cloud service that stores all vehicle\u27s security credentials. After that, when a vehicle moves to the proximity of a new RSU under the same administrative authority of the most recently visited RSU, the two RSUs can cooperate to verify the vehicle\u27s legitimacy. Also, the third scheme supports driver static and continuous authentication as a driver monitoring system for the sake of both road and driver safety. The security of the proposed schemes is evaluated and simulated using two different methods: security analysis and performance analysis. The security analysis is implemented through formal security analysis and informal security analysis. The formal analysis uses the Burrows–Abadi–Needham logic (BAN) and model-checking using the automated validation of Internet security protocols and applications (AVISPA) toolkit. The informal security analysis is completed by: (1) investigating the robustness of the proposed schemes against the well-known security attacks and analyze its satisfaction with the main security properties; and (2) comparing the proposed schemes with the other existing authentication schemes considering their resistance to the well-known attacks and their satisfaction with the main security requirements. Both the formal and informal security analyses complement each other. The performance evaluation is conducted by analyzing and comparing the overhead and efficiency of the proposed schemes with other related schemes from the literature. The results showed that the proposed schemes achieve all security goals and, simultaneously, efficiently and satisfy the needs of the resource-constrained IoT devices

Authentication Solutions in Industrial Internet of Things: A Survey

With the rapid growth of industry 4.0, the Industrial Internet of Things (IIoT) is considered to be a promising solution for converting normal operations to ‘smart’ operations in industrial sectors and systems. The well-known characteristics of IIoT has greatly improved the productivity and quality of many industrial sectors. IIoT allows the connectivity of many industrial smart devices such as, sensors, actuators and gateways. The connectivity feature makes this critical environment vulnerable to various cybersecurity attacks. Subsequently, maintaining the security of IIoT sys-tems remains a challenge to ensure their success. In particular, authenticating the connected IIoT devices is a must to ensure that they can be trusted and prevent any malicious attempts. Hence, the objective of this survey is to overview, discuss and analyze the different solutions related to de-vice authentication in the domain of IIoT. Also, we analyze the IIoT environment in terms of characteristics, architecture and security requirements. Similarly, we highlight the role of (machine-to-machine) M2M communication in IIoT. We further contribute to this survey by outlining several open issues that must be considered when designing authentication schemes for IIoT. Fi-nally, we highlight a number of research directions and open challenges

Authentication Protocols for Internet of Things: A Comprehensive Survey

In this paper, a comprehensive survey of authentication protocols for Internet of Things (IoT) is presented. Specifically more than forty authentication protocols developed for or applied in the context of the IoT are selected and examined in detail. These protocols are categorized based on the target environment: (1) Machine to Machine Communications (M2M), (2) Internet of Vehicles (IoV), (3) Internet of Energy (IoE), and (4) Internet of Sensors (IoS). Threat models, countermeasures, and formal security verification techniques used in authentication protocols for the IoT are presented. In addition a taxonomy and comparison of authentication protocols that are developed for the IoT in terms of network model, specific security goals, main processes, computation complexity, and communication overhead are provided. Based on the current survey, open issues are identified and future research directions are proposed