A Full Lifecycle Authentication Scheme for Large-scale Smart IoT Applications

Thumbnail Image

Access rights

openAccess
acceptedVersion

URL

Journal Title

Journal ISSN

Volume Title

A1 Alkuperäisartikkeli tieteellisessä aikakauslehdessä
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
View/Open full text file from the Research portal (opens in new window)

Authors

Date

2022-05-26

Department

Department of Computer Science

Major/Subject

Mcode

Degree programme

Language

en

Pages

17

Series

IEEE Transactions on Dependable and Secure Computing, Volume 20, issue 3, pp. 2221-2237

Abstract

The rapid development of IoT (Internet of Things) brings great convenience to people through the utilization of IoT applications, but also brings huge security challenges. Existing IoT security breaches show that many IoT devices have authentication flaws. Although many IoT authentication schemes were proposed, they are not fit for recent smart IoT applications covering IoT device, back-end sever, and user-end mobile applications. To build the first line of defense for smart IoT systems, this paper proposes a new authentication scheme. The proposed scheme first models the entire lifecycle of the IoT device authentication for real-world scenarios of smart IoT systems that contains factory manufacturing, daily usage, and system resetting. For each stage in the lifecycle, the proposed scheme employs efficient symmetric key mechanisms to achieve the authentication between IoT device, back-end server, and mobile application. The proposed scheme supports both server-free local area network communication and sever-involved remote public area communication. Formal security verification shows that the proposed scheme resists existing attacks. The open-source experimental evaluations also show that the proposed scheme is efficient and promising for practical usage.

Description

Keywords

Other note

DOI

10.1109/TDSC.2022.3178115

Citation

Chen, F, Xiao, Z, Xiang, T, Fan, J & Truong, L 2022, ' A Full Lifecycle Authentication Scheme for Large-scale Smart IoT Applications ', IEEE Transactions on Dependable and Secure Computing, vol. 20, no. 3, pp. 2221-2237 . https://doi.org/10.1109/TDSC.2022.3178115

Permanent link to this item

https://urn.fi/URN:NBN:fi:aalto-202210196031

Collections

[article-cris] Perustieteiden korkeakoulu / SCI