Analysis of Secure Authentication for IoT using Token-based access control
DOI:
https://doi.org/10.26438/ijsrcse.v13i1.609Keywords:
IoT Security, Token-Based Authentication, , Attribute-Based Access Control, Token Forgery, Scalability, Access Control Policies, IoT NetworksAbstract
Currently, the need for more reliable and accessible security systems has increased due to the mounting number of IoT devices. Secure security systems have required many more authentication mechanisms. In multiple authentication mechanisms, a Token-based attribute is much better as compared to another mechanism. Token-Based Attribute Access Control (TB-AAC) is a secure authentication system that associates token-based authentication and attribute-based access control to increase secure security, efficiency, and flexibility. In this paper, we present the design and implementation of the TB-AAC model. In this paper, we measure performance evaluations with respect to authentication time, scalability, and security, and distinguish it with more conventional methods like Role-Based Access Control (RBAC) and password-based authentication. TB-AAC system provides better results, performance, scalability, and security, specifically when the system works on large-scale IoT environments.
References
Xu M, Fu S, Zhang Q, Jia N, “A verifiable and dynamic multi-keyword ranked search scheme over encrypted cloud data with accuracy improvement”, Social Informatics and Telecommunications Engineering, vol. 254, pp. 588–604, 2018
Susilo W, Chen X., Shen J, Huang X, “An efficient public auditing protocol with the novel dynamic structure for cloud data”. IEEE Transactions on Information Forensics and Security, vol. 12, pp. 2402–2415, 2017.
Wang H, Mia X., Liu L, HanG., Jiang J., Peng Y. “A dynamic multipath scheme for protecting source location privacy using multiple sinks in WSNs intended for IIoT.” IEEE Transactions on Industrial Informatics, vol. 16, pp. 5527–5538, 2020.
Bayat M, Far H.AN, Das A.K, Pournaghi S.M., Fotouhi M., Doostari M.A., “lightweight anonymous privacy preserving three factor authentication scheme for WSN based IIoT.” Wireless Networks, vol. 27, pp. 1389–1412, 2021.
Alturjman S, Al Turjman F. “Context-sensitive access in the industrial Internet of things healthcare applications.” IEEE Transactions on Industrial Informatics, vol. 14, pp. 2736–2744, 2018.
Jain R., Shrivastava A, Verma D, “Performance analysis of cryptographic algorithms RSA & ECC in wireless sensor networks.” IUP Journal of Telecommunications, vol. 7, no. 3, pp. 15, 2017.
Alam S.W, Ahmed M H, Baig I, Qureshi N, “Security for WSN based on elliptic curve cryptography.” 1st International Conference on Computer Networks & Information Technology-Abbottabad, pp. 75-79, 2011.
Tang S, Chan S, He D, Guizani M, “Secure data discovery & dissemination based on the hash tree for wireless sensor-networks.” IEEE Transactions on Wireless Communications, vol. 12, no. 9, pp. 4638–4646, 2013.
Mansoor K, Baig A.F, Jawad K, Naseem A, Ghani A, “An improved three-factor anonymous authentication protocol for WSN based IoT system using symmetric cryptography.” International Conference on Communication Technologies (ComTech), pp. 53–59, 2019.
Lakhlef H, Kandi M.A, Challal Y, Bouabdallah A, “An efficient multi-group key management protocol for the IoT.” 26th International Conference on Software, Telecommunications & Computer Networks (SoftCoM), pp. 438–443, 2018.
Zhou G.-D, Yi T.H, “Recent developments in wireless sensor networks technology for bridge health monitoring.” Mathematical Problems in Engineering, vol. 09, pp. 443-456, 2013.
Warda A, Bhawiyuga A, Data M “Architectural design of token-based authentication of MQTT protocol in constrained IoT device.” 11th International Conference on Telecommunication Systems Services & Applications (TSSA), pp. 1–4, 2017.
Messous M.A, Dammak M, Senouci S.M, Boudia O.R.M, Gransart C “Token-based light-weight authentication to secure IoT networks.” 16th IEEE Annual Consumer Communications & Networking Conference (CCNC), pp. 825-865, 2019.
Bhuiyan M.Z.A, Li X, Niu J, Karuppiah M, Wu F, Kumari S, “A robust ECC based provable secure authentication protocol with privacy-preserving for IIoT”. IEEE Transactions on Industrial Informatics, vol. 14, no. 8, pp. 3599–3609, 2018.
Dammak M, Boudia O.R.M, Messous M.A, Senouci S.M, Gransart C, “Token-based lightweight authentication to secure IoT networks” 16th IEEE Annual Consumer Communications and Networking Conference (CCNC). P. 8651825, 2019.
Bhawiyuga A, Data M, Warda A “Architectural design of token based authentication of MQTT protocol in constrained IoT device” 11th International Conference on Telecommunication Systems Services and Applications (TSSA). P. 1–4, 2017.
K. Sonar and H. Upadhyay, “An Approach to Secure Internet of Things Against DDoS.” Singapore: Springer Singapore, pp. 367–376,2016.
E. Marin, D. Singelée, B. Yang, I. Verbauwhede, and B. Preneel, “On the feasibility of cryptography for a wireless insulin pump system,” in Proceedings of the 6th ACM Conference on Data and Application Security and Privacy, ser. CODASPY ’16, pp. 113–120, 2016.
S. Sicari, A. Rizzardi, L. Grieco, and A. Coen-Porisini, “Security, privacy and trust in internet of things: The road ahead,” Computer Networks, vol. 76, pp. 146 – 164, 2015.
J. Radcliffe, “Hacking medical devices for fun and insulin: Breaking the human scada system,” in Black Hat USA, 2011.
J. Granjal, E. Monteiro, and J. S. Silva, “A secure interconnection model for ipv6 enabled wireless sensor networks,” in 2010 IFIP Wireless Days, pp. 1–6, 2010.
S. Cirani, M. Picone, P. Gonizzi, L. Veltri, and G. Ferrari, “Iot-oas: An oauth-based authorization service architecture for secure services in Iot scenarios,” IEEE Sensors Journal, vol. 15, no. 2, pp. 1224–1234, 2015
Jony AI, Arnob AK. “Securing the Internet of Things: Evaluating Machine Learning Algorithms for Detecting IoT Cyberattacks Using CIC-IoT2023 Dataset.” International Journal of Information Technology and Computer Science. 2024.
Nag A, Hassan MM, Das A, Sinha A, Chand N, Kar A, Sharma V, Alkhayyat A. “Exploring the applications and security threats of Internet of Thing in the cloud computing paradigm: A comprehensive study on the cloud of things.” Transactions on Emerging Telecommunications Technologies. 2024.
R. Harkanson and Y. Kim, “Applications of elliptic curve cryptography: A light introduction to elliptic curves and a survey of their applications,” in Proceedings of the 12th Annual Conference on Cyber and Information Security Research, p. 6, 2017.
N. A. Gunathilake, W. J. Buchanan, and R. Asif, “Next generation lightweight cryptography for smart IoT devices: implementation, challenges and applications,” IEEE 5th World Forum on Internet of Things (WF-IoT), pp. 707–710, 2019.
M. Ambrosin, M. Conti, T. Dargahi, "On the feasibility of attribute-based encryption on smartphone devices", IoT-Sys 2015.
B. S. Adiga, P. Balamuralidhar, M. A. Rajan, R. Shastry, and V. L.Shivraj, “An Identity Based Encryption Using Elliptic Curve Cryptography for Secure M2M Communication,” in Proceedings of the 1st International Conference on Security of Internet of Things, ser. SecurIT’12. ACM, pp. 68–74, 2012.
S. Arrag, A. Hamdoun, A. B. Tragha, and S. E. Khamlich, “Implementation of Stronger AES by using Dynamic S-Box Dependent of Master key,” Journal of Theoretical and Applied Information Technology, vol. 53, no. 2, 2013
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
