Towards NFC payments using a lightweight architecture for the Web of Things

The Web (and Internet) of Things has seen the rapid emergence of new protocols and standards, which provide for innovative models of interaction for applications. One such model fostered by the Web of Things (WoT) ecosystem is that of contactless interaction between devices. Near Field Communication (NFC) technology is one such enabler of contactless interactions. Contactless technology for the WoT requires all parties to agree one common definition and implementation and, in this paper, we propose a new lightweight architecture for the WoT, based on RESTful approaches. We show how the proposed architecture supports the concept of a mobile wallet, enabling users to make secure payments employing NFC technology with their mobile devices. In so doing, we argue that the vision of the WoT is brought a step closer to fruition

The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach

Wireless sensor networks consist of a large number of distributed sensor nodes so that potential risks are becoming more and more unpredictable. The new entrants pose the potential risks when they move into the secure zone. To build a door wall that provides safe and secured for the system, many recent research works applied the initial authentication process. However, the majority of the previous articles only focused on the Central Authority (CA) since this leads to an increase in the computation cost and energy consumption for the specific cases on the Internet of Things (IoT). Hence, in this article, we will lessen the importance of these third parties through proposing an enhanced authentication mechanism that includes key management and evaluation based on the past interactions to assist the objects joining a secured area without any nearby CA. We refer to a mobility dataset from CRAWDAD collected at the University Politehnica of Bucharest and rebuild into a new random dataset larger than the old one. The new one is an input for a simulated authenticating algorithm to observe the communication cost and resource usage of devices. Our proposal helps the authenticating flexible, being strict with unknown devices into the secured zone. The threshold of maximum friends can modify based on the optimization of the symmetric-key algorithm to diminish communication costs (our experimental results compare to previous schemes less than 2000 bits) and raise flexibility in resource-constrained environments.Comment: 27 page

Biometrics for internet‐of‐things security: A review

The large number of Internet‐of‐Things (IoT) devices that need interaction between smart devices and consumers makes security critical to an IoT environment. Biometrics offers an interesting window of opportunity to improve the usability and security of IoT and can play a significant role in securing a wide range of emerging IoT devices to address security challenges. The purpose of this review is to provide a comprehensive survey on the current biometrics research in IoT security, especially focusing on two important aspects, authentication and encryption. Regarding authentication, contemporary biometric‐based authentication systems for IoT are discussed and classified based on different biometric traits and the number of biometric traits employed in the system. As for encryption, biometric‐cryptographic systems, which integrate biometrics with cryptography and take advantage of both to provide enhanced security for IoT, are thoroughly reviewed and discussed. Moreover, challenges arising from applying biometrics to IoT and potential solutions are identified and analyzed. With an insight into the state‐of‐the‐art research in biometrics for IoT security, this review paper helps advance the study in the field and assists researchers in gaining a good understanding of forward‐looking issues and future research directions

Biometric identity-based cryptography for e-Government environment

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols

Modelling and simulation of a biometric identity-based cryptography

Government information is a vital asset that must be kept in a trusted environment and efficiently managed by authorised parties. Even though e-Government provides a number of advantages, it also introduces a range of new security risks. Sharing confidential and top-secret information in a secure manner among government sectors tend to be the main element that government agencies look for. Thus, developing an effective methodology is essential and it is a key factor for e-Government success. The proposed e-Government scheme in this paper is a combination of identity-based encryption and biometric technology. This new scheme can effectively improve the security in authentication systems, which provides a reliable identity with a high degree of assurance. In addition, this paper demonstrates the feasibility of using Finite-state machines as a formal method to analyse the proposed protocols

IPTV Service Framework Based on Secure Authentication and Lightweight Content Encryption for Screen-Migration in Cloud Computing

These days, the advancing of smart devices (e.g. smart phones, tablets, PC, etc.) capabilities and the increase of internet bandwidth enables IPTV service provider to extend their services to smart mobile devices. User can just receive their IPTV service using any smart devices by accessing the internet via wireless network from anywhere anytime in the world which is convenience for users. However, wireless network communication has well a known critical security threats and vulnerabilities to user smart devices and IPTV service such as user identity theft, reply attack, MIM attack, and so forth. A secure authentication for user devices and multimedia protection mechanism is necessary to protect both user devices and IPTV services. As result, we proposed framework of IPTV service based on secure authentication mechanism and lightweight content encryption method for screen-migration in Cloud computing. We used cryptographic nonce combined with user ID and password to authenticate user device in any mobile terminal they passes by. In addition we used Lightweight content encryption to protect and reduce the content decode overload at mobile terminals. Our proposed authentication mechanism reduces the computational processing by 30% comparing to other authentication mechanism and our lightweight content encryption reduces encryption delay to 0.259 second

An authentic-based privacy preservation protocol for smart e-healthcare systems in iot

© 2013 IEEE. Emerging technologies rapidly change the essential qualities of modern societies in terms of smart environments. To utilize the surrounding environment data, tiny sensing devices and smart gateways are highly involved. It has been used to collect and analyze the real-time data remotely in all Industrial Internet of Things (IIoT). Since the IIoT environment gathers and transmits the data over insecure public networks, a promising solution known as authentication and key agreement (AKA) is preferred to prevent illegal access. In the medical industry, the Internet of Medical Things (IoM) has become an expert application system. It is used to gather and analyze the physiological parameters of patients. To practically examine the medical sensor-nodes, which are imbedded in the patient\u27s body. It would in turn sense the patient medical information using smart portable devices. Since the patient information is so sensitive to reveal other than a medical professional, the security protection and privacy of medical data are becoming a challenging issue of the IoM. Thus, an anonymity-based user authentication protocol is preferred to resolve the privacy preservation issues in the IoM. In this paper, a Secure and Anonymous Biometric Based User Authentication Scheme (SAB-UAS) is proposed to ensure secure communication in healthcare applications. This paper also proves that an adversary cannot impersonate as a legitimate user to illegally access or revoke the smart handheld card. A formal analysis based on the random-oracle model and resource analysis is provided to show security and resource efficiencies in medical application systems. In addition, the proposed scheme takes a part of the performance analysis to show that it has high-security features to build smart healthcare application systems in the IoM. To this end, experimental analysis has been conducted for the analysis of network parameters using NS3 simulator. The collected results have shown superiority in terms of the packet delivery ratio, end-to-end delay, throughput rates, and routing overhead for the proposed SAB-UAS in comparison to other existing protocols