一种用于物联网的多设备用户认证机制

IF 1.3 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS
IET Networks Pub Date : 2023-06-20 DOI:10.1049/ntw2.12088
Raihan Dewon Eman, Mosarrat Jahan, Upama Kabir
{"title":"一种用于物联网的多设备用户认证机制","authors":"Raihan Dewon Eman,&nbsp;Mosarrat Jahan,&nbsp;Upama Kabir","doi":"10.1049/ntw2.12088","DOIUrl":null,"url":null,"abstract":"<p>The advent of the Internet of Things (IoT) enables different customized services to ease the day-to-day life activities of users by utilizing information attained through the internet connectivity of low-powered sensing devices. Due to device diversity and resource constraints of participating devices, IoT is vulnerable to security attacks. Consequently, authentication is the fundamental measure for using IoT services in the context of network security. IoT devices’ resource captivity makes designing robust and secure authentication mechanisms challenging. Besides, existing user authentication mechanisms are designed assuming a user always accesses an IoT environment using a particular device. However, nowadays, most users employ multiple devices to access the internet; subsequently, it needs an authentication mechanism to handle this diversity. This paper addresses this limitation and proposes a new One-Time Password (OTP)-based user authentication scheme supporting user access from multiple devices in an IoT environment. We verify the proposed scheme using widely used BAN logic, AVISPA tool, and informal security analysis, guaranteeing that our scheme preserves the necessary security features. Comparative performance analysis shows that our scheme achieves comparable computation, storage, and communication costs concerning existing works. Moreover, simulation results demonstrate that the proposed method also sustains satisfactory network performance.</p>","PeriodicalId":46240,"journal":{"name":"IET Networks","volume":null,"pages":null},"PeriodicalIF":1.3000,"publicationDate":"2023-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ntw2.12088","citationCount":"0","resultStr":"{\"title\":\"A multi-device user authentication mechanism for Internet of Things\",\"authors\":\"Raihan Dewon Eman,&nbsp;Mosarrat Jahan,&nbsp;Upama Kabir\",\"doi\":\"10.1049/ntw2.12088\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The advent of the Internet of Things (IoT) enables different customized services to ease the day-to-day life activities of users by utilizing information attained through the internet connectivity of low-powered sensing devices. Due to device diversity and resource constraints of participating devices, IoT is vulnerable to security attacks. Consequently, authentication is the fundamental measure for using IoT services in the context of network security. IoT devices’ resource captivity makes designing robust and secure authentication mechanisms challenging. Besides, existing user authentication mechanisms are designed assuming a user always accesses an IoT environment using a particular device. However, nowadays, most users employ multiple devices to access the internet; subsequently, it needs an authentication mechanism to handle this diversity. This paper addresses this limitation and proposes a new One-Time Password (OTP)-based user authentication scheme supporting user access from multiple devices in an IoT environment. We verify the proposed scheme using widely used BAN logic, AVISPA tool, and informal security analysis, guaranteeing that our scheme preserves the necessary security features. Comparative performance analysis shows that our scheme achieves comparable computation, storage, and communication costs concerning existing works. Moreover, simulation results demonstrate that the proposed method also sustains satisfactory network performance.</p>\",\"PeriodicalId\":46240,\"journal\":{\"name\":\"IET Networks\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.3000,\"publicationDate\":\"2023-06-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ntw2.12088\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/ntw2.12088\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Networks","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/ntw2.12088","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

物联网(IoT)的出现使不同的定制服务能够通过利用低功耗传感设备的互联网连接获得的信息来缓解用户的日常生活活动。由于设备的多样性和参与设备的资源限制,物联网很容易受到安全攻击。因此,身份验证是在网络安全背景下使用物联网服务的基本措施。物联网设备的资源占用使得设计健壮和安全的身份验证机制具有挑战性。此外,现有的用户身份验证机制是在假设用户总是使用特定设备访问物联网环境的情况下设计的。然而,如今,大多数用户使用多个设备来访问互联网;随后,它需要一个身份验证机制来处理这种多样性。本文解决了这一限制,并提出了一种新的基于一次性密码(OTP)的用户身份验证方案,支持在物联网环境中从多个设备访问用户。我们使用广泛使用的BAN逻辑、AVISPA工具和非正式安全分析来验证所提出的方案,确保我们的方案保留了必要的安全特性。比较性能分析表明,我们的方案实现了与现有工作相当的计算、存储和通信成本。此外,仿真结果表明,该方法也保持了令人满意的网络性能。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

A multi-device user authentication mechanism for Internet of Things

A multi-device user authentication mechanism for Internet of Things

The advent of the Internet of Things (IoT) enables different customized services to ease the day-to-day life activities of users by utilizing information attained through the internet connectivity of low-powered sensing devices. Due to device diversity and resource constraints of participating devices, IoT is vulnerable to security attacks. Consequently, authentication is the fundamental measure for using IoT services in the context of network security. IoT devices’ resource captivity makes designing robust and secure authentication mechanisms challenging. Besides, existing user authentication mechanisms are designed assuming a user always accesses an IoT environment using a particular device. However, nowadays, most users employ multiple devices to access the internet; subsequently, it needs an authentication mechanism to handle this diversity. This paper addresses this limitation and proposes a new One-Time Password (OTP)-based user authentication scheme supporting user access from multiple devices in an IoT environment. We verify the proposed scheme using widely used BAN logic, AVISPA tool, and informal security analysis, guaranteeing that our scheme preserves the necessary security features. Comparative performance analysis shows that our scheme achieves comparable computation, storage, and communication costs concerning existing works. Moreover, simulation results demonstrate that the proposed method also sustains satisfactory network performance.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
IET Networks
IET Networks COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
5.00
自引率
0.00%
发文量
41
审稿时长
33 weeks
期刊介绍: IET Networks covers the fundamental developments and advancing methodologies to achieve higher performance, optimized and dependable future networks. IET Networks is particularly interested in new ideas and superior solutions to the known and arising technological development bottlenecks at all levels of networking such as topologies, protocols, routing, relaying and resource-allocation for more efficient and more reliable provision of network services. Topics include, but are not limited to: Network Architecture, Design and Planning, Network Protocol, Software, Analysis, Simulation and Experiment, Network Technologies, Applications and Services, Network Security, Operation and Management.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信