Pankaj Kumar,Lokesh Chouhan

DOI: https://doi.org/10.1007/s12083-020-00973-8

2020-08-01

Abstract:The edge-based Internet of Things (IoT) computing provides a new value for the consumer where the smart devices, objects, and appliances connected over the internet. The data generated from the smart IoT devices need to be securely processed. With the increasing rate of smart IoT devices, the existing addressing schemes and security protocols do not guaranty to perform well in all situations. This paper proposed a smart card based secure addressing and authentication (SCSAA) scheme by modifying the standard IPv6 protocol to mitigate the security threats in the IoT network. The proposed scheme has two folds; firstly, this scheme provides a unique way of addressing by assigning unique 64-bit interface identifier (IID) to smart devices/appliances and uniquely authenticates them in IoT network. Secondly, this scheme uses the secret session key to prevent the network from unauthorized access. Additionally, this work also evaluates the informal security analysis, formal security analysis using ROR model and AVISPA tool. The overall security analysis proves that proposed scheme protect the smart home IoT network from various vulnerabilities and attacks.

computer science, information systems,telecommunications

Arif Raza,Salabat Khan,Shivanshu Shrivastava,M. Wasim Abbas Ashraf,Ting Wang,Kaishun Wu,Wang Lu

DOI: https://doi.org/10.1016/j.comnet.2024.110537

IF: 5.493

2024-05-26

Computer Networks

Abstract:With the increasing adoption rate of Internet of Things (IoT) devices in smart home applications, it is vital to safeguard the privacy and security of information, communications among IoT devices, and the underlying infrastructure. In open communication scenarios, an adversary can easily tamper with data transmitted by IoT communication devices. This paper proposes a softwarized lightweight authentication key agreement scheme for smart home applications in Software-Defined IoT (SDIoT) environment. The proposed scheme comprises registration, authentication, and key selection phases. Devices are registered in the registration phase after the successful completion of validation checks, while sessions' keys are granted to the registered devices in the authentication phase. In the final phase, controllers classify IoT devices based on pre-defined parameters and impose class-specific access control based on classification. The security of the proposed scheme is validated using the widely accepted AVISPAs verification tool against a strong adversary. Simulation results demonstrate that our proposed scheme outperforms existing schemes in terms of running time, computation complexity, and energy consumption. It is found that the proposed scheme has significant cost-effectiveness.

computer science, information systems,telecommunications,engineering, electrical & electronic, hardware & architecture

Jianhua Li,Jiong Jin,Lingjuan Lyu,Dong Yuan,Yingying Yang,Longxiang Gao,Chao Shen

DOI: https://doi.org/10.48550/arXiv.2011.06325

2020-11-12

Abstract:Numerous resource-limited smart objects (SOs) such as sensors and actuators have been widely deployed in smart environments, opening new attack surfaces to intruders. The severe security flaw discourages the adoption of the Internet of things in smart living. In this paper, we leverage fog computing and microservice to push certificate authority (CA) functions to the proximity of data sources. Through which, we can minimize attack surfaces and authentication latency, and result in a fast and scalable scheme in authenticating a large volume of resource-limited devices. Then, we design lightweight protocols to implement the scheme, where both a high level of security and low computation workloads on SO (no bilinear pairing requirement on the client-side) is accomplished. Evaluations demonstrate the efficiency and effectiveness of our scheme in handling authentication and registration for a large number of nodes, meanwhile protecting them against various threats to smart living. Finally, we showcase the success of computing intelligence movement towards data sources in handling complicated services.

Cryptography and Security,Networking and Internet Architecture

K. Swapna Sudha,N. Jeyanthi,Celestine Iwendi

2024-02-01

Abstract:The Smart home possesses the capability of facilitating home services to their users with the systematic advance in The Internet of Things (IoT) and information and communication technologies (ICT) in recent decades. The home service offered by the smart devices helps the users in utilize maximized level of comfort for the objective of improving life quality. As the user and smart devices communicate through an insecure channel, the smart home environment is prone to security and privacy problems. A secure authentication protocol needs to be established between the smart devices and the user, such that a situation for device authentication can be made feasible in smart home environments. Most of the existing smart home authentication protocols were identified to fail in facilitating a secure mutual authentication and increases the possibility of lunching the attacks of session key disclosure, impersonation and stolen smart device. In this paper, Secure Supervised Learning-based Smart Home Authentication Framework (SSL-SHAF) is proposed as are liable mutual authentication that can be contextually imposed for better security. The formal analysis of the proposed SSL-SHAF confirmed better resistance against session key disclosure, impersonation and stolen smart device attacks. The results of SSL-SHAF confirmed minimized computational costs and security compared to the baseline protocols considered for investigation.

Cryptography and Security,Machine Learning

Akash Gupta,Gaurav S. Kasbekar

DOI: https://doi.org/10.48550/arXiv.2105.09687

2021-07-27

Abstract:Home automation Internet of Things (IoT) systems have recently become a target for several types of attacks. In this paper, we present an authentication and key agreement protocol for a home automation network based on the ZigBee standard, which connects together a central controller and several end devices. Our scheme performs mutual authentication between end devices and the controller, which is followed by device-to-device communication. The scheme achieves confidentiality, message integrity, anonymity, unlinkability, forward and backward secrecy, and availability. Our scheme uses only simple hash and XOR computations and symmetric key encryption, and hence is resource-efficient. We show using a detailed security analysis and numerical results that our proposed scheme provides better security and anonymity, and is more efficient in terms of computation time, communication cost, and storage cost than schemes proposed in prior works.

Cryptography and Security,Networking and Internet Architecture

Sangjukta Das,Suyel Namasudra

DOI: https://doi.org/10.1002/ett.4716

IF: 3.6

2023-01-04

Transactions on Emerging Telecommunications Technologies

Abstract:The proposed scheme consists of three entities, namely IoT device (IoTD), gateway, and central administrator (CA). An IoTD is a resource‐constrained device associated with a patient's body. It collects patients' real‐time healthcare data and sends them to the intended entity via a gateway device. The gateway acts as an intermediate entity between the IoTD and user. The CA is the central entity of the proposed scheme. In recent years, Internet of Things (IoT) technology has been adopted in numerous application areas, such as healthcare, agriculture, industrial automation, and many more. The use of IoT and other technologies like cloud computing and machine learning has made the modern healthcare system to be smart, automated, and efficient. However, the continuous proliferation of cyber‐attacks on IoT devices has increased IoT challenges like data security, privacy protection, authentication, and so forth. In smart healthcare systems, due to the lack of authentication protocols, attackers can undermine the availability, confidentiality, and integrity of both smart healthcare devices and data, which can be life‐threatening in some situations. In this article, a privacy‐preserving mutual authentication scheme for IoT‐enabled healthcare systems is proposed to achieve lightweight and effective authentication of network devices. To support the processing capabilities of the IoT devices, this proposed authentication scheme is designed using lightweight cryptographic primitives, namely XOR, concatenation, and hash operation. The proposed scheme can establish a secure session between an authorized device and a gateway, and prevent unauthorized devices from getting access to healthcare systems. The security analysis and performance analysis assess the proposed authentication technique's effectiveness over existing well‐known schemes.

telecommunications

Shehzad Ashraf Chaudhry,Khalid Yahya,Fadi Al-Turjman,Ming-Hour Yang

DOI: https://doi.org/10.1109/access.2020.3012121

IF: 3.9

2020-01-01

IEEE Access

Abstract:Among other security concerns, the reliable device to device direct communication is an important research aspect in sensor cloud system application of Internet of things (IoT). The access control mechanism can ensure the reliability through secure communication among two IoT devices without mediation of intermediate agent. Mainly, it requires twofold strategy involving the authentication of each other and session key establishment. Quite recently, in 2019, Das et al. proposed a certificate based lightweight access control and key agreement scheme for IoT devices (LACKA-IoT) to ensure smooth and secure access control and claimed LACKA-IoT to withstand the several attacks. Specifically, it is claimed that LACKA-IoT can resist device impersonation and man in middle attacks. However, the proof in this article refutes their claim and it is shown here, that LACKA-IoT is insecure against both device impersonation and man in middle attacks. An adversary just by using public parameters and by listening the communication channel can impersonate any device. Moreover, the same can also launch successful man in middle attack using public parameters and listened messages from public channel. An improved protocol iLACKA-IoT is then proposed in the paper. The iLACKA-IoT provides resistance against various types of threats and provides the required level of security, for evidence both formal validation through random or real (ROR) model as well as the informal validation through discussion on attack resilience is provided. The iLACKA-IoT is not only better in security but also provides performance efficiency as compared with LACKA-IoT and related schemes.

Dongfeng Fang,Yi Qian,Rose Qingyang Hu

DOI: https://doi.org/10.1109/jiot.2020.2970974

IF: 10.6

2020-04-01

IEEE Internet of Things Journal

Abstract:Internet-of-Things (IoT) applications have been rapidly deployed into pervasive environment, where both challenges and opportunities abound. On the one hand, a large number of IoT devices and their rich functions contribute significant volumes of data, which has brought tremendous convenience to the daily lives of end users. On the other hand, the heterogeneous IoT devices and a large amount of private information transmitted through networks also bring serious security and privacy issues. It is a big challenge to model IoT systems and trust relationships between different entities with a large number of heterogeneous IoT devices. In this article, we study a general IoT system architecture with consideration of heterogeneous IoT devices. Different trust models are proposed and analyzed based on the trust relationships between different entities in the IoT system. We propose a flexible and efficient authentication scheme with a consideration of heterogeneous IoT devices based on the least trust-required model. The proposed scheme provides security and privacy to resource-limited IoT devices flexibly and efficiently by utilizing IoT devices with better storage and computational ability. Moreover, secure data transmission is presented with contextual privacy and data integrity services. The proposed scheme achieves not only the mutual authentication, initial session key agreement, and data integrity but also anonymity, contextual privacy, forward security, end-to-end security, and key escrow resilience. Security analysis is presented to provide verification of the proposed protocol and security objectives. Moreover, performance evaluation is presented with comparison to the other schemes in terms of security features, computational overhead, and communication overhead. The performance comparisons show that our proposed scheme provides flexible and efficient security by consideration of heterogeneous IoT devices. With the higher proportion of resource-limited IoT devic-s, our proposed scheme outperforms other similar schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mikail Mohammed Salim,Jungho Kang,Yi Pan,Jong Hyuk Park

DOI: https://doi.org/10.3934/mbe.2022546

2022-01-01

Mathematical Biosciences and Engineering

Abstract:Internet of Things (IoT) devices supporting intelligent cloud applications such as healthcare for hospitals rely on connecting with local base stations and access points to provide rich data analysis and real-time services to users. Devices authenticate with local base stations and perform handover operations to connect with access points with higher signal strength. Attackers disguise as valid base stations and access points using publicly accessible SSID information connect with local IoT devices during the handover process and give rise to data integrity and privacy concerns. This paper proposes a lightweight authentication scheme for private blockchain-based networks for securing devices from rogue base stations during the handover process. An authentication certificate is designed for base stations and machines in local clusters using SHA256 and modulo operations for enabling quick handover operations. The keys assigned to each device and base station joining the network are hashed, and their sizes are reduced using modulo operations. Furthermore, the compressed key size forms a certificate, which is used by the machines and the base stations to authenticate mutually. In comparison with existing studies, the performance analysis of the proposed scheme is based on the transmission of three messages required for completing the authentication process. Evaluation based on the Communication Overhead demonstrates a minimum improvement of 99.30% fewer bytes exchanged during the handover process and 89.58% reduced Storage Overhead compared with existing studies.

Kaiping Xue,Wei Meng,Shaohua Li,David S. L. Wei,Huancheng Zhou,Nenghai Yu

DOI: https://doi.org/10.1109/jiot.2019.2902907

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Space information network (SIN) makes it possible for any object to be connected to the Internet anywhere, even in the areas with extreme conditions, where a cellular network is not easy to deploy. Access authentication is the key to secure users' access control in SIN, mainly to prevent illegal adversaries from getting access to SIN services. However, the highly complicated communication environment of SIN (e.g., exposed links, higher signal delay, etc.) poses a challenging issue in the design of a secure and efficient authentication scheme. Although some authentication schemes have been proposed for SIN, they are unsuitable for Internet of Things (IoT) in SIN due to the high signaling overhead and insufficient security properties. Therefore, in this paper, we design a provably secure and efficient authentication protocol, along with an efficient handover mechanism, for IoT in SIN. In our design, we introduce a new authentication system model, where the satellites are given the ability to authenticate users to avoid the online involvement of the network control center (NCC) when authenticating users, thereby reducing long authentication delay and avoiding a single point of bottleneck in NCC. Furthermore, the support of batch verification in our design can significantly enhance handover efficiency when a group of users switch to another satellite. Our further analysis shows that our scheme is secure against various attacks and can meet a variety of security requirements. In addition, performance evaluation shows the superiority of our scheme on both delay and handover efficiency compared with existing schemes.

Ajay Chaudhary,Sateesh K Peddoju,Vikas Chouhan

DOI: https://doi.org/10.1007/s10723-023-09672-z

2023-06-28

Journal of Grid Computing

Abstract:The Internet of Things (IoT) devices are used in almost every aspect of life to automate routine or critical tasks with great precision. The IoT nodes, users, edge nodes, cloud resources, and the connected network are critical components of IoT-Edge-Cloud integration. Any unauthorized access to these resources may halt or bring down the whole IoT infrastructure leading to a severe impact. Hence, authenticating and authorizing these components is essential. Thus, this paper proposes an authentication scheme to securely integrates users, IoT nodes, Edge node, and the cloud infrastructure. We also proposed a reliable cloud data storage and retrieval mechanism using an Erasure Coding strategy in order to store the data generated by IoT infrastructure. We validate the proposed authentication protocols using the well-known and widely used AVISPA simulator tool. The results demonstrate that the proposed authentication protocols are secure against a wide range of security attacks. Further, a comprehensive security analysis was carried out to demonstrate that our protocols are secure against possible attacks and include essential security features. The proposed scheme provides mutual authentication, accessibility, confidentiality, scalability, secure storage, and a secure communication mechanism in the integrated IoT-Edge-Cloud infrastructure with reliable cloud storage.

computer science, information systems, theory & methods

Chintan Patel

DOI: https://doi.org/10.48550/arXiv.2207.10353

2022-07-21

Abstract:The Internet of Things (IoT) is giving a boost to a plethora of new opportunities for the robust and sustainable deployment of cyber physical systems. The cornerstone of any IoT system is the sensing devices. These sensing devices have considerable resource constraints, including insufficient battery capacity, CPU capability, and physical security. Because of such resource constraints, designing lightweight cryptographic protocols is an opportunity. Remote User Authentication ensures that two parties establish a secure and durable session key. This study presents a lightweight and safe authentication strategy for the user-gateway (U GW) IoT network model. The proposed system is designed leveraging Elliptic Curve Cryptography (ECC). We undertake a formal security analysis with both the Automated Validation of Internet Security Protocols (AVISPA) and Burrows Abadi Needham (BAN) logic tools and an information security assessment with the Delev Yao channel. We use publish subscribe based Message Queuing Telemetry Transport (MQTT) protocol for communication. Additionally, the performance analysis and comparison of security features show that the proposed scheme is resilient to well known cryptographic threats.

Cryptography and Security

Hsiao-Ling Wu,Chin-Chen Chang,Yao-Zhu Zheng,Long-Sheng Chen,Chih-Cheng Chen

DOI: https://doi.org/10.3390/s20195604

IF: 3.9

2020-09-30

Sensors

Abstract:The Internet of Things (IoT) is currently the most popular field in communication and information techniques. However, designing a secure and reliable authentication scheme for IoT-based architectures is still a challenge. In 2019, Zhou et al. showed that schemes pro-posed by Amin et al. and Maitra et al. are vulnerable to off-line guessing attacks, user tracking attacks, etc. On this basis, a lightweight authentication scheme based on IoT is proposed, and an authentication scheme based on IoT is proposed, which can resist various types of attacks and realize key security features such as user audit, mutual authentication, and session security. However, we found weaknesses in the scheme upon evaluation. Hence, we proposed an enhanced scheme based on their mechanism, thus achieving the security requirements and resisting well-known attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Saud Khan,Chandra Thapa,Salman Durrani,Seyit Camtepe

DOI: https://doi.org/10.1109/JIOT.2023.3331362

2023-11-07

Abstract:Physical-layer authentication is a popular alternative to the conventional key-based authentication for internet of things (IoT) devices due to their limited computational capacity and battery power. However, this approach has limitations due to poor robustness under channel fluctuations, reconciliation overhead, and no clear safeguard distance to ensure the secrecy of the generated authentication keys. In this regard, we propose a novel, secure, and lightweight continuous authentication scheme for IoT device authentication. Our scheme utilizes the inherent properties of the IoT devices' transmission model as its source for seed generation and device authentication. Specifically, our proposed scheme provides continuous authentication by checking the access time slots and spreading sequences of the IoT devices instead of repeatedly generating and verifying shared keys. Due to this, access to a coherent key is not required in our proposed scheme, resulting in the concealment of the seed information from attackers. Our proposed authentication scheme for IoT devices demonstrates improved performance compared to the benchmark schemes relying on physical channels. Our empirical results find a near threefold decrease in the misdetection rate of illegitimate devices and close to zero false alarm rate in various system settings with varied numbers of active devices up to 200 and signal-to-noise ratio from 0 dB to 25 dB. Our proposed authentication scheme also has a lower computational complexity of at least half the computational cost of the benchmark schemes based on support vector machine and binary hypothesis testing in our studies. This further corroborates the practicality of our scheme for IoT deployments.

Cryptography and Security,Networking and Internet Architecture,Signal Processing

Junhui Zhao,Fanwei Huang,Huanhuan Hu,Longxia Liao,Dongming Wang,Lisheng Fan

DOI: https://doi.org/10.1016/j.adhoc.2024.103427

IF: 4.816

2024-01-31

Ad Hoc Networks

Abstract:5G technology has been applied and popularized, leading to the widespread usage of the Internet of Things (IoT) in various areas such as intelligent transportation, home security, fire protection, industrial monitoring, healthcare, and data collection intelligence. Data sharing is one of the key factors for successful application in these fields. However, real-time data sharing through open channels may result in transmitted messages being illegally accessed by attackers, leading to privacy breaches. At present, most existing authentication schemes focus on single gateway authentication models. In order to overcome issues such as elevated communication overhead, reduced network performance, and inefficient cross-domain access in the single gateway model with larger network sizes, we introduce a multi-gateway lightweight authentication scheme as a solution. Firstly, our scheme is based on a three-factor authentication scheme of Chebyshev chaotic mapping, hash function, and XOR operation. This scheme achieves secure authentication between sensor nodes and users, establishes session keys, and also supports user key updates. Secondly, through security analysis, we demonstrate that the proposed scheme resists internal disguise attacks, sensor capture attacks, temporary secret leakage attacks, and achieves forward security of session keys. We additionally provide a demonstration of the semantic security of session keys by utilizing a Random Oracle Model (ROM). Finally, compared to other schemes, the results show that our proposed scheme has lower communication overhead and computational resource requirements, and is more in line with the requirements of lightweight device security authentication in the IoT.

computer science, information systems,telecommunications

R. Shanmugapriya,Santhosh Kumar SVN

DOI: https://doi.org/10.1007/s12083-024-01670-6

IF: 3.488

2024-04-05

Peer-to-Peer Networking and Applications

Abstract:Internet of Things (IoT) is the collection of physical objects which consists of integrated technologies to sense, interact and collaborate with other smart objects to collect the data from the deployed environment and send it to the base station. Data dissemination is a network management service which is provided to devices of IoT, by the base station to monitor and manage the device related configuration parameter in the network. In data dissemination, it is very much essential to identify the legitimate nodes which are required for reprogramming and reconfiguring for device configuration during data transmission in order to ensure the security and reliability of the network. Since a greater number of devices are being reprogrammed to exchange data and commands autonomously in IoT, providing security to the disseminated configuration parameters is very essential. Therefore, efficient security authentication mechanism is required to prevent the various types of attacks which occurs during data dissemination. In this paper, an energy efficient Swan Intelligent based Clustering Technique (SICT) has been proposed to provide efficient clustering of nodes in the network. Moreover, trust based secured lightweight authentication protocol is proposed to provide better authentication and secure data dissemination to the devices of IoT. Additionally, the proposed protocol employs fuzzy logic to discover optimal route by selecting only trusted nodes during routing process. The advantages of the proposed system are it improves the security during data dissemination and optimizes the energy by identifying the relevant devices which are required for configuration parameters during data dissemination. The proposed system is implemented in NS3 simulation with realistic simulation parameters namely energy efficiency, network lifetime, throughput, computational cost, communication cost, average signing time, average verification time, packet delivery ratio and network delay. The simulation results justifies that the proposed protocol improves average energy consumption by 34%, computational cost by 41.85%, communication cost by 36.83%, network delay by 31.66%, signing time by 26.25% and verification time by 33.46%. Moreover, the proposed system improves packet delivery ratio by 30% and provides efficient authentication to mitigate various types of attacks during data dissemination when it is compared with other existing protocols in IoT environment.

computer science, information systems,telecommunications

Waseem Iqbal,Haider Abbas,Pan Deng,Jiafu Wan,Bilal Rauf,Yawar Abbas,Imran Rashid

DOI: https://doi.org/10.1109/jiot.2020.3024058

IF: 10.6

2021-06-15

IEEE Internet of Things Journal

Abstract:The smart connected devices are the first choice of cybercriminals for spreading spy wares and different security attacks. The current security standards and protocols for Internet of Things (IoT) have failed in providing security to these devices. In addition, IoT market giants are producing nonsecure smart products in order to grab the open market. Furthermore, low resources of IoT devices, limits the traditional host-based protection solutions like anti-virus, IDS, IPS, etc. To overcome the resource constraintness and security barriers of smart devices, a network-level security architecture based on lightweight cryptographic parameters is required. Software-defined networking (SDN) is a new networking paradigm to overcome the control, management, and security issues in traditional networking. The SDN controller handles all the computation and complexities at the network level, rather than smart devices. In this research, we first present a new privacy-preserving security architecture for SDN-based smart homes. Subsequently, an anonymous lightweight authentication mechanism (ALAM) is designed based on the proposed security architecture core foundations. Furthermore, the security characteristics of the proposed protocol are formally analyzed using Burrows–Abadi–Needham (BAN) logic and ProVerif, followed by informal security analysis. Finally, performance evaluation and comparative analysis of the scheme is carried out.

computer science, information systems,telecommunications,engineering, electrical & electronic

Shivansh Walia,Tejas Iyer,Shubham Tripathi,Akshith Vanaparthy

2023-04-24

Abstract:This project presents an implementation and designing of safe, secure and smart home with enhanced levels of security features which uses IoT-based technology. We got our motivation for this project after learning about movement of west towards smart homes and designs. This galvanized us to engage in this work as we wanted for homeowners to have a greater control over their in-house environment while also promising more safety and security features for the denizen. This contrivance of smart-home archetype has been intended to assimilate many kinds of sensors, boards along with advanced IoT devices and programming languages all of which in conjunction validate control and monitoring prowess over discrete electronic items present in home.

Cryptography and Security,Networking and Internet Architecture

R. Venkatesan,Maya P. Shelke,L. Sharmila,R. Aishwarya,G. Umadevi,M. V. Ishwarya

DOI: https://doi.org/10.1007/s11277-024-11231-y

IF: 2.017

2024-05-30

Wireless Personal Communications

Abstract:IoT is one of the most promising frontier technologies for the future, according to recent academic studies and industry circles. IoT security, on the other hand, has obvious flaws for which there is currently no viable fix. As new technologies emerge, cloud robotics' potential uses continue to grow. IoT security flaws and threats are consequently constantly being discovered. IoT gadgets normally convey information across different wired and remote organizations. IoT security issues have grown to be a big problem that needs to be fixed if these technologies are to advance. A chain of functional robotics devices (RD) makes use of an Authentication Based Remote Device System to maintain a distributed key whose data records cannot be altered or falsified. Biometrics techniques use the body of a person as a key; therefore, it is unnecessary to purchase a passport, smart card, ID card, or key. Each body part has a unique identity to achieve personal identification. However, biometrics requires numerous data to be stored for a person, and these types of systems are not always reliable because humans change over time. In the meantime, cloud robotics and the Internet of Things naturally share a number of distinct capabilities. The highlight point network is what the Personality Based Distant Gadget Validation technique utilizes. IoT applications can use cloud technologies appropriately to achieve various network security features like device privacy protection, information authentication, access control, and data encryption due to similarities between the two.

telecommunications

Kiran Dewangan,Mina Mishra,Naveen Kumar Dewangan

DOI: https://doi.org/10.1007/s11845-020-02425-x

Abstract:Internet of Things is a fast growing technology and a network of devices in which everything (smart objects or smart devices) are associated to the internet for effective exchange of information between these connected objects. Internet of Things (IoT) serves as a method for healthcare and acts as an essential part in broad range of real-time healthcare monitoring applications. Previous work shows networked sensor devices, either equipped on the body or embedded inside living being or a camera, make possible in gathering real-time information to evaluate physical and mental health state of the patient by collecting body temperature, blood pressure, patient's image, etc. Communicating this collected real-time data to the doctor, making accurate assessment on the data gathered and notifying the patient is challenging task in the IoT. The architechture of Internet of Things comprises of three layers, and it is the network of devices embedded with sensor, software, and electronics, enabling this device to communicate with each other and exchange data over a computer network. The IoT-based real-time healthcare systems are highly vulnerable to cyber-attacks as the numbers of sensors are deployed in an unprotected network. These may even introduce the attacks, which cannot be monitored and controlled. This paper attempts to review the previous work done and a new scheme has been proposed, the new lightweight authentication protocol for smart real-time healthcare. The proposed scheme requires implementation with the authentication protocol. It is important to satisfy the major parameters of security: confidentiality, integrity, authentication, and access control. In this paper our focus is on the authentication of devices.