Francesco Buccafurri,Vincenzo De Angelis,Roberto Nardone

DOI: https://doi.org/10.3390/s20072002

IF: 3.9

2020-04-03

Sensors

Abstract:The Internet of Things is constantly capturing interest from modern applications, changing our everyday life and empowering industrial applications. Interaction and the collaboration among smart devices offer new challenges to security since they conflict with economic and energy consumption requirement constraints. On the other hand, the lack of security measures could negatively impact the concrete adoption of this paradigm. This paper focuses on the Message Queuing Telemetry Transport (MQTT) protocol, widely adopted in the Internet of Things. This protocol does not implement natively secure authentication mechanisms, which are demanded to developers. Hence, this paper proposes a novel OTP (one-time password)-authentication schema for MQTT, which uses the Ethereum blockchain to implement a second-factor out-of-band channel. The proposal enables the authentication of both local and remote devices preserving user privacy and guaranteeing trust and accountability via Ethereum smart contracts.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Charlotte McCabe,Althaff Irfan Cader Mohideen,Raman Singh

DOI: https://doi.org/10.3390/s24175830

IF: 3.9

2024-09-08

Sensors

Abstract:Passwords are the first line of defence against preventing unauthorised access to systems and potential leakage of sensitive data. However, the traditional reliance on username and password combinations is not enough protection and has prompted the implementation of technologies such as two-factor authentication (2FA). While 2FA enhances security by adding a layer of verification, these techniques are not impervious to threats. Even with the implementation of 2FA, the relentless efforts of cybercriminals present formidable obstacles in securing digital spaces. The objective of this work is to implement blockchain technology as a form of 2FA. The findings of this work suggest that blockchain-based 2FA methods could strengthen digital security compared to conventional 2FA methods.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jozef Drga,Ivan Homoliak,Juraj Vančo,Martin Perešíni,Petr Hanáček

DOI: https://doi.org/10.48550/arXiv.2211.03490

2022-11-07

Abstract:This work focuses on the problem of detection and prevention of stolen and misused secrets (such as private keys) for authentication toward centralized services. We propose a solution for such a problem based on the blockchain-based two-factor authentication scheme SmartOTPs, which we modify for our purposes and utilize in the setting of two and half-factor authentication against a centralized service provider. Our proposed solution consists of four entities that interact together to ensure authentication: (1) the user, (2) the authenticator, (3) the service provider, and (4) the smart contract. Out of two and a half factors of our solution, the first factor stands for the private key, and the second and a half factor stands for one-time passwords (OTPs) and their precursors, where OTPs are obtained from the precursors (a.k.a., pre-images) by cryptographically secure hashing. We describe the protocol for bootstrapping our approach as well as the authentication procedure. We make the security analysis of our solution, where on top of the main attacker model that steals secrets from the client, we analyze man-in-the-middle attacks and malware tampering with the client. In the case of stolen credentials, we show that our solution enables the user to immediately detect the attack occurrence and proceed to re-initialization with fresh credentials.

Cryptography and Security

Mwrwan Abubakar,Zakwan Jaroucheh,Ahmed Al Dubai,Xiaodong Liu

DOI: https://doi.org/10.1109/smarttech54121.2022.00032

2022-01-01

Abstract:Two-factor authentication (2FA) is commonly used in Internet of Things (IoT) authentication to provide multi-layer protection. Tokens, often known as One-Time Passwords (OTP), are used to offer additional information. While this technique provides flexible verification and an additional layer of security, it still has a number of security issues. This is because it relies on third-party services to produce tokens or OTPs, which leads to serious information leakage issues. Additionally, relying on a third party to provide authentication tokens significantly increases the risk of exposure and attacks, as tokens can be stolen via Man-In-The-Middle (MITM) attacks. In trying to rectify this issue, in this paper, we propose and develop a blockchain-based two-factor authentication method for web-based access to sensor data. The proposed method provides a lightweight and user-centric authentication that makes use of Ethereum blockchain and smart contracts technologies. Then we provided performance and security analysis of our system. Based on the evaluation results, our method has proven to be effective and has the ability to facilitate reliable authentication.

Victor R. Kebande,Feras M. Awaysheh,Richard A. Ikuesan,Sadi A. Alawadi,Mohammad Dahman Alshehri

DOI: https://doi.org/10.3390/s21186018

IF: 3.9

2021-09-08

Sensors

Abstract:Continuous and emerging advances in Information and Communication Technology (ICT) have enabled Internet-of-Things (IoT)-to-Cloud applications to be induced by data pipelines and Edge Intelligence-based architectures. Advanced vehicular networks greatly benefit from these architectures due to the implicit functionalities that are focused on realizing the Internet of Vehicle (IoV) vision. However, IoV is susceptible to attacks, where adversaries can easily exploit existing vulnerabilities. Several attacks may succeed due to inadequate or ineffective authentication techniques. Hence, there is a timely need for hardening the authentication process through cutting-edge access control mechanisms. This paper proposes a Blockchain-based Multi-Factor authentication model that uses an embedded Digital Signature (MFBC_eDS) for vehicular clouds and Cloud-enabled IoV. Our proposed MFBC_eDS model consists of a scheme that integrates the Security Assertion Mark-up Language (SAML) to the Single Sign-On (SSO) capabilities for a connected edge to cloud ecosystem. MFBC_eDS draws an essential comparison with the baseline authentication scheme suggested by Karla and Sood. Based on the foundations of Karla and Sood’s scheme, an embedded Probabilistic Polynomial-Time Algorithm (ePPTA) and an additional Hash function for the Pi generated during Karla and Sood’s authentication were proposed and discussed. The preliminary analysis of the proposition shows that the approach is more suitable to counter major adversarial attacks in an IoV-centered environment based on the Dolev–Yao adversarial model while satisfying aspects of the Confidentiality, Integrity, and Availability (CIA) triad.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Saeed Bamashmos,Naveen Chilamkurti,Ahmad Salehi Shahraki

DOI: https://doi.org/10.3390/s24113575

IF: 3.9

2024-06-02

Sensors

Abstract:Internet of Things (IoT) technology is evolving over the peak of smart infrastructure with the participation of IoT devices in a wide range of applications. Traditional IoT authentication methods are vulnerable to threats due to wireless data transmission. However, IoT devices are resource- and energy-constrained, so building lightweight security that provides stronger authentication is essential. This paper proposes a novel, two-layered multi-factor authentication (2L-MFA) framework using blockchain to enhance IoT devices and user security. The first level of authentication is for IoT devices, one that considers secret keys, geographical location, and physically unclonable function (PUF). Proof-of-authentication (PoAh) and elliptic curve Diffie–Hellman are followed for lightweight and low latency support. Second-level authentication for IoT users, which are sub-categorized into four levels, each defined by specific factors such as identity, password, and biometrics. The first level involves a matrix-based password; the second level utilizes the elliptic curve digital signature algorithm (ECDSA); and levels 3 and 4 are secured with iris and finger vein, providing comprehensive and robust authentication. We deployed fuzzy logic to validate the authentication and make the system more robust. The 2L-MFA model significantly improves performance, reducing registration, login, and authentication times by up to 25%, 50%, and 25%, respectively, facilitating quicker cloud access post-authentication and enhancing overall efficiency.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Lin Zhang,Hong Li,Limin Sun,Zhiqiang Shi,Yunhua He

DOI: https://doi.org/10.1109/pac.2017.28

2017-01-01

Abstract:User authentication in computer systems has been a cornerstone of computer security for decades. However, the existing user authentication schemes either require human cognitive ability to remember numerous complex id and password, or rely on a trusted third party which could fail due to technical failure or denial-of-service attacks. In this paper, we design a fully distributed user authentication framework with the blockchain technology. In our scheme, a user stores her identity in the blockchain, stores her encrypted personal information in a off-blockchain storage, and attaches a smart contract which grants different permissions to each website/application. When a user logs in a website/application, the service provider employs a challenge-response protocol to verify the identity of the user, and then retrieve the user's personal information from the off-blockchain storage.

Mwrwan Abdelrazig Abubakar,Zakwan Jaroucheh,Ahmed Al-Dubai,Xiaodong Liu

DOI: https://doi.org/10.1145/3460537.3460549

2021-01-01

Abstract:The publish and subscribe messaging model has proven itself as a dominant messaging paradigm for IoT systems. An example of such is the commonly used Message Queuing Telemetry Transport (MQTT) protocol. However, the security concerns with this protocol have presented vital security challenges in most IoT applications. For example, the MQTT protocol does not have secure authentication mechanisms implemented and leaves that task to the developer as all the included native security services are fragile. This paper will present a well-thought approach involving a lightweight authentication and authorization scheme together with a decentralized identity system to manage the users' identities. This mechanism helps in facilitating the authentication for both subscribers and publishers by utilizing a smart contract in Ethereum blockchain to guarantee trust, accountability and preserve user privacy. We provided a proof-of-concept implementation to prove our work, which involves a decentralized MQTT platform and dashboard using our approach. The usability of this approach was further analyzed, particularly concerning CPU and memory utilization. Our analysis proved that our approach satisfies IoT applications' requirements since it reduces the consumption of resources and that smart contracts help in the automation of data management processes.

Mariano Luis T. Uymatiao,William Emmanuel S. Yu

DOI: https://doi.org/10.1109/icist.2014.6920371

2014-04-01

Abstract:The main objective of this research is to build upon existing cryptographic standards and web protocols to design an alternative multi-factor authentication cryptosystem for the web. It involves seed exchange to a software-based token through a login-protected Transport Layer Security (TLS/SSL) tunnel, encrypted local storage through a password-protected keystore (BC UBER) with a strong key derivation function (PBEWithSHAANDTwofish-CBC), and offline generation of one-time passwords through the TOTP algorithm (IETF RFC 6239). Authentication occurs through the use of a shared secret (the seed) to verify the correctness of the one-time password used to authenticate. With the traditional use of username and password no longer wholly adequate for protecting online accounts, and with regulators worldwide toughening up security requirements (i.e. BSP 808, FFIEC), this research hopes to increase research effort on further development of cryptosystems involving multi-factor authentication.

Ivan Homoliak,Dominik Breitenbacher,Ondrej Hujnak,Pieter Hartel,Alexander Binder,Pawel Szalachowski

DOI: https://doi.org/10.1145/3419614.3423257

2023-12-01

Abstract:With the recent rise of cryptocurrencies' popularity, the security and management of crypto-tokens have become critical. We have witnessed many attacks on users and providers, which have resulted in significant financial losses. To remedy these issues, several wallet solutions have been proposed. However, these solutions often lack either essential security features, usability, or do not allow users to customize their spending rules. In this paper, we propose SmartOTPs, a smart-contract wallet framework that gives a flexible, usable, and secure way of managing crypto-tokens in a self-sovereign fashion. The proposed framework consists of four components (i.e., an authenticator, a client, a hardware wallet, and a smart contract), and it provides 2-factor authentication (2FA) performed in two stages of interaction with the blockchain. To the best of our knowledge, our framework is the first one that utilizes one-time passwords (OTPs) in the setting of the public blockchain. In SmartOTPs, the OTPs are aggregated by a Merkle tree and hash chains whereby for each authentication only a short OTP (e.g., 16B-long) is transferred from the authenticator to the client. Such a novel setting enables us to make a fully air-gapped authenticator by utilizing small QR codes or a few mnemonic words, while additionally offering resilience against quantum cryptanalysis. We have made a proof-of-concept based on the Ethereum platform. Our cost analysis shows that the average cost of a transfer operation is comparable to existing 2FA solutions using smart contracts with multi-signatures.

Cryptography and Security

Fengqi Li,Hui Xu,Qingqing Song,Lupeng Zhang,Xuefeng Du,Ning Tong,Deguang Wang

DOI: https://doi.org/10.1109/jiot.2023.3308725

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Although combining the Internet of Things (IoT) and industrial scenarios has brought about a technological revolution, it has also caused equipment security issues. Due to the characteristics of Industrial Internet of Things (IIoT) devices with a wide distribution, complex application scenarios, considerable differences in node performance, and device heterogeneity, spoofing attacks and third-party attacks are common. Identity authentication for IIoT devices can solve this dilemma. However, most existing authentication technologies involve a trade-off between traditional centralised certificate issuance and sacrificing device storage resources, resulting in lower efficiency of IIoT device authentication, and the process is complicated. Therefore, ensuring the security and trustworthiness of device identities in the IIoT is imminent. In this paper, we propose an IIoT device authentication scheme based on an editable blockchain, that can solve the problem of the device’s low energy while satisfying the useage needs of large-scale scenarios. In particular, we created a suite of secure, efficient, and innovative technical solutions for this protocol. Firstly, to solve the problem of the authentication difficulty between industrial devices, we propose a lightweight identity authentication protocol called BLMA. Moreover, we propose the vPBFT algorithm and introduce the online and offline signature algorithm to reduce communication overhead and resource consumption between devices. Finally, considering the top security and dynamics of the IIoT environment, we use the chameleon hash function to build a hash chain of authentication results. Extensive simulation and experimental results demonstrate the reliability of our protocol.

computer science, information systems,telecommunications,engineering, electrical & electronic

Nibras Abo Alzahab,Giulia Rafaiani,Massimo Battaglioni,Franco Chiaraluce,Marco Baldi

2024-09-17

Abstract:Blockchain technology, which was introduced for supporting cryptocurrencies, today provides a decentralized infrastructure for general information storage and execution of algorithms, thus enabling the conversion of many applications and services from a centralized and intermediated model to a decentralized and disintermediated one. In this paper we focus on biometric authentication, which is classically performed using centralized systems, and could hence benefit from decentralization. For such a purpose, however, an inherent contradiction between biometric applications and blockchain technology must be overcome, as the former require keeping biometric features private, while blockchain is a public infrastructure. We propose a blockchain-based biometric authentication protocol that enables decentralization and resilience while protecting the privacy, personal data, and, in particular, biometric features of users. The protocol we propose leverages fuzzy commitment schemes to allow biometric authentication to be performed without disclosing biometric data. We also analyze the security of the protocol we propose by considering some relevant attacks.

Cryptography and Security

Ao Zhang,Xiaoying Bai

DOI: https://doi.org/10.1007/978-981-15-2777-7_22

2019-01-01

Abstract:With the development of digital society, the number of Internet platforms increases rapidly and a huge amount of personal information is stored online. It is convenient for users to log in to all platforms with a common account. Third-party authorization protocols like OAuth 2.0 allow the delegation of access control to dedicated service providers. However, OAuth protocol follows the centralized approach to manage authorization and authentication information, which relies on a centralized party and makes it a target under attack. In practice, it is vulnerable to attacks like replay attack, cross-site request forgery (CSRF) attack, and so on. Also, the centralized party cannot provide customized access control for other platforms. To solve these problems, the paper proposes a consortium blockchain architecture and designs protocols for account management and distributed consensus. The paper discusses the potentials of the proposed approach to effectively address certain vulnerabilities in current OAuth-like authorization and authentication services with tolerable performance.

Linsheng Yu,Mingxing He,Hongbin Liang,Ling Xiong,Yang Liu

DOI: https://doi.org/10.3390/s23031264

2023-01-22

Abstract:Authentication and authorization constitute the essential security component, access control, for preventing unauthorized access to cloud services in mobile cloud computing (MCC) environments. Traditional centralized access control models relying on third party trust face a critical challenge due to a high trust cost and single point of failure. Blockchain can achieve the distributed trust for access control designs in a mutual untrustworthy scenario, but it also leads to expensive storage overhead. Considering the above issues, this work constructed an authentication and authorization scheme based on blockchain that can provide a dynamic update of access permissions by utilizing the smart contract. Compared with the conventional authentication scheme, the proposed scheme integrates an extra authorization function without additional computation and communication costs in the authentication phase. To improve the storage efficiency and system scalability, only one transaction is required to be stored in blockchain to record a user's access privileges on different service providers (SPs). In addition, mobile users in the proposed scheme are able to register with an arbitrary SP once and then utilize the same credential to access different SPs with different access levels. The security analysis indicates that the proposed scheme is secure under the random oracle model. The performance analysis clearly shows that the proposed scheme possesses superior computation and communication efficiencies and requires a low blockchain storage capacity for accomplishing user registration and updates.

Taewoong Kang,Naryun Woo,Jihyeon Ryu

DOI: https://doi.org/10.1109/access.2024.3373879

IF: 3.9

2024-03-12

IEEE Access

Abstract:In the rapidly evolving environment of wireless medical sensor networks (WMSN) and the internet of medical things (IoMT), remote medical support has seen unprecedented advancements. It is essential that the data relayed from the sensors must be trustworthy and unaltered, and that the sensors themselves are genuine. Wireless networks, however, have inherent vulnerabilities. In addition, since WMSN is directly linked to patients' lives, its continuous availability is crucial. Considerable efforts have been made to maintain the integrity and authenticity of such data. However, many studies have failed to address the problem of a single point of failure (SPOF). This issue has been particularly detrimental to patients who require ongoing management. To address this issue and ensure the protection of the authenticity and integrity of patient data, we suggest the implementation of an authentication scheme based on blockchain technology. In 2022, Yu et al. introduced a blockchain-integrated authentication and key generation scheme for WMSN using Physical Unclonable Functions (PUFs), effectively addressing the SPOF problem by conducting mutual authentication through smart contracts without relying on centralized servers. Our research found that this scheme inadvertently shared critical parameters, including challenge-response pairs and important private keys, with the blockchain network, making it vulnerable to various breaches. We present an enhanced protocol designed to mitigate these security challenges. By limiting the data interaction with smart contracts and ensuring only relevant parties access crucial parameters, our approach reduces the risk of public information disclosure on the blockchain. This not only mitigates the SPOF issue but also efficiently helps in prevention of physical attacks. We prove that our proposed system prevents known security vulnerabilities through informal and formal analysis using the Scyther, Proverif, and BAN logic. Furthermore, the proposed scheme offers 67.37% reduction in computation costs and 3.67% in communication costs, presenting an efficient and secure solution for WMSN in the IoMT landscape.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sungjin Yu,Youngho Park

DOI: https://doi.org/10.1109/jiot.2022.3171791

IF: 10.6

2022-10-08

IEEE Internet of Things Journal

Abstract:Wireless medical sensor networks (WMSNs)-based medical systems are an emerging paradigm of the Internet of Medical Things (IoMT) in which the patients and doctors can access various healthcare services via wireless communication technology without visiting the hospital in person. However, an adversary attempts a variety of security attacks because the sensitive information in various fields is exchanged via an insecure channel. Thus, robust and lightweight authentication protocols are essential for providing dependable healthcare services in WMSN-based medical systems. Recently, Wang et al. (IEEE Internet of Things Journal, doi: 10.1109/JIOT.2021.3117762) proposed blockchain and physically unclonable functions (PUFs)-based lightweight authentication protocol for WMSN. They claimed that their protocol is resistant to cyber and physical security threats and also does provide necessary security requirements. However, we prove that their protocol is vulnerable to various security attacks, such as man-in-the-middle and session key disclosure attacks and also lacks mutual authentication. As a result, we propose a robust authentication protocol for WMSN using blockchain and PUF to address the security problems raised by Wang et al.'s scheme. we assess the security of the proposed scheme by using informal and formal security analyses, such as AVISPA simulation and the ROR oracle model. Furthermore, we present the testbed experiments using Raspberry PI 4 based on MIRACL Crypto SDK. Then, we show the performance of the enhanced scheme compared with related schemes based on testbed experiments. Consequently, our scheme is better suited for practical WMSN-based medical systems because it provides greater security and efficiency than competing schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Prof. Prakash Kshirsagar,Nikita Dhakad,Himanshu Jagtap,Vedant Bhosale

DOI: https://doi.org/10.55041/ijsrem18165

2023-03-16

INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT

Abstract:There are always potential hazards from hackers, adware, malware, and viruses. Many big international corporations have experienced hacking and security breaches in the previous few years. In certain instances, this has resulted in the leakage of private and confidential information, such as bank account information, addresses, and transactions, but there are security measures in place that can block these things before they get too close to the company's private data. This is crucial for both secrecy and to avoid paying the steep fines levied on businesses that fail to adequately safeguard customer information. The project is a verification mechanism that only allows users with the proper input credentials to access the system. The project involves modules or user certificates. Security credentials come in a variety of forms. Thus, we incorporate a unique blockchain for banking security and user authentication in this proposed methodology. This degree of authentication reduces the possibility of hacking and the loss of sensitive data. Also, in the current environment, safer bank transactions are necessary due to advancements in security technologies. They have also made advances into industries, healthcare, telecommunications, and home automation, among others. A distributed ledger is basically what a blockchain is. It can keep information about who owns a certain piece of property or, for example, a bond. A permanent record of ownership can be maintained using technology, which also makes it possible for parties with a low level of trust to exchange the asset. Key Words: Custom Blockchain, Distributed Ledger, Authentications, Confidentiality, Transactions, Security System, Credentials, Banking Security, etc.

Yan Zhang,Bing Li,Bo Liu,Yuanyuan Hu,Haipeng Zheng

DOI: https://doi.org/10.1109/jiot.2021.3068410

IF: 10.6

2021-09-15

IEEE Internet of Things Journal

Abstract:The combination of the Internet of Things (IoT) and cloud-edge (CE) paradigm promises to be an efficient system to aggregate and further process huge volumes of data from IoT nodes. Physical unclonable functions (PUFs) emerge as a prospective primitive to provide IoT nodes with lightweight physical identities for authentication. However, when integrating PUFs into multiserver authentication protocols to improve security, the following problems occur: 1) the challenge–response pairs (CRPs) of PUFs generated by devices need to be explicitly stored by each edge server. This will cause the privacy leakage of CRPs; 2) the reliability is reduced resulting from the single point failure; and 3) existing PUFs-based authentication protocols would need to put great efforts into synchronizing CRPs, to ensure consistency in multiserver systems. To overcome these problems, in this article, we propose a privacy-aware authentication protocol for the multiserver CE-IoT systems by combining PUFs and the blockchain technique. The real correlations of CRPs are double encoded into mapping correlations (MCs) by a one-time physical identity and the keyed-hash function. The blockchain is leveraged to store MCs, synchronize them efficiently, and incorporate the multireceiver encryption to share the physical identity securely. The security of our protocol is formally proved by a random oracle model, and security features are discussed to show that our protocol resists various attacks. Moreover, a prototype was implemented to prove the efficiency of the protocol, and the comparison results present that our protocol accommodates CE-IoT systems. Finally, the simulation of the smart contract evaluates the scalability of our protocol.

computer science, information systems,telecommunications,engineering, electrical & electronic

Priya, J. Chandra,Praveen, R.,Nivitha, K.,Sudhakar, T.

DOI: https://doi.org/10.1007/s12083-024-01716-9

IF: 3.488

2024-05-14

Peer-to-Peer Networking and Applications

Abstract:In the field of e-healthcare, smart medical sensors are responsible for consistently collecting, transmitting, and communicating real-time data to support immediate decision-making, both within and between healthcare organizations. Privacy-preserving authentication is required, even when the sensors roam between different networks. Existing authentication protocols rely on centralized authentication servers and pose a number of challenges, including a single point of failure, performance bottlenecks, scalability challenges, and privacy concerns. Hence, a secure mutual authentication mechanism using Blockchain is essential in preventing attacks. In this paper, an Improved Chain Code Blockchain-based Key Agreement Authentication Mechanism (CCBKAAM) using the merits of SM9-based Secure Threshold Ring Signature (SM9-STRS) is proposed for achieving privacy and security. This proposed mechanism uses multiple key generation-based cipher identification algorithms for parameter maintenance. The integrated threshold ring signature prevents the limitations of the single key generation scheme. It uses Chain Codes over the Ethereum network for constructing the blocks during the process of mutual user authentication with trust equity score-based Improved PBFT Voting protocol for reaching consensus during authentication. This authentication protocol adopted blockchain for the objective of storing the identities and associated parameters to support the entities under communication during the process of authentication. The formal and informal verification of the proposed CCBKAAM confirmed its potentiality in resisting most of the possible attacks the IoMT is vulnerable to. The communication and computation overhead during the implementation are determined to be significantly lowered by 32.19% and 28.94%, better than the compared baseline blockchain-based mutual authentication. The performance analysis proved that this proposed CCBKAAM scheme is also potent in minimizing the storage overhead up to maximized level of 35.42%.

computer science, information systems,telecommunications

Avishaek Deep,Adolfo Perrusquía,Lamees Aljaburi,Saba Al-Rubaye,Weisi Guo

DOI: https://doi.org/10.1109/access.2024.3349955

IF: 3.9

2024-01-01

IEEE Access

Abstract:Internet of Things (IoT) is currently playing a major role in how intelligent devices are interconnected and deployed to automate services in transport and smart living sectors. However, IoT is facing challenges in terms of data protection and authentication due to the heterogeneous nature of IoT devices that do not exhibit a central authority. It is crucial to provide secure and trustworthy solutions for the increasing demands of decentralized IoT environments. To this end, this research proposes a novel integration of blockchain-technologies in IoT services to enhance security, data integrity, users privacy, system scalability and interoperability of devices. This is done by leveraging smart contracts to enforce authentication, access control and data exchange mechanisms for IoT devices. The proposed approach is verified by the construction and deployment of a smart contract over the Polygon blockchain network in a simulated real-world IoT scenario. The obtained results show that the proposed approach ensures fast and secure authentication in IoT networks by decreasing the risk of unauthorized access and data tampering.

computer science, information systems,telecommunications,engineering, electrical & electronic