DMUAS-IoT:物联网系统的分散式多因素用户认证方案

Q3 Computer Science

International Journal of Computing Pub Date : 2022-12-31 DOI:10.47839/ijc.21.4.2777

Ikenna Rene Chiadighikaobi, N. Katuk, Baharudin Osman

{"title":"DMUAS-IoT:物联网系统的分散式多因素用户认证方案","authors":"Ikenna Rene Chiadighikaobi, N. Katuk, Baharudin Osman","doi":"10.47839/ijc.21.4.2777","DOIUrl":null,"url":null,"abstract":"The Internet of Things (IoT) has become the fundamental infrastructure of many intelligent applications, such as smart homes. IoT applications store distributes various information, including user authentication information, over a public channel that exposes it to security threats and attacks. Therefore, this study intends to protect authentication data communication through a decentralised multi-factor user authentication scheme for secure IoT applications (DMUAS-IoT). The scheme is secure and enables efficient user registration, login and authentication, and the user profile updating process where legitimate users can access the IoT system resources. DMUAS-IoT adopted PRESENT for face image encryption and elliptic curve cryptography for data exchange. The scheme security was verified using ProVerif and AVISPA, and mutual authentication was checked with BAN-Logic. The results show that the scheme is secure against man-in-the-middle and impersonation attacks, provides mutual authentication and has a low computation cost. Hence, the outcomes of this study could help secure user authentication data from attacks on applications involved with IoT and resource constraint environments.","PeriodicalId":37669,"journal":{"name":"International Journal of Computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-12-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"DMUAS-IoT: A Decentralised Multi-Factor User Authentication Scheme for IoT Systems\",\"authors\":\"Ikenna Rene Chiadighikaobi, N. Katuk, Baharudin Osman\",\"doi\":\"10.47839/ijc.21.4.2777\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The Internet of Things (IoT) has become the fundamental infrastructure of many intelligent applications, such as smart homes. IoT applications store distributes various information, including user authentication information, over a public channel that exposes it to security threats and attacks. Therefore, this study intends to protect authentication data communication through a decentralised multi-factor user authentication scheme for secure IoT applications (DMUAS-IoT). The scheme is secure and enables efficient user registration, login and authentication, and the user profile updating process where legitimate users can access the IoT system resources. DMUAS-IoT adopted PRESENT for face image encryption and elliptic curve cryptography for data exchange. The scheme security was verified using ProVerif and AVISPA, and mutual authentication was checked with BAN-Logic. The results show that the scheme is secure against man-in-the-middle and impersonation attacks, provides mutual authentication and has a low computation cost. Hence, the outcomes of this study could help secure user authentication data from attacks on applications involved with IoT and resource constraint environments.\",\"PeriodicalId\":37669,\"journal\":{\"name\":\"International Journal of Computing\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-12-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.47839/ijc.21.4.2777\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.47839/ijc.21.4.2777","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

摘要

物联网(IoT)已经成为智能家居等许多智能应用的基础设施。物联网应用程序存储通过公共通道分发各种信息，包括用户身份验证信息，这将使其暴露于安全威胁和攻击之下。因此，本研究旨在通过安全物联网应用(DMUAS-IoT)的分散多因素用户身份验证方案来保护身份验证数据通信。该方案具有安全、高效的用户注册、登录、认证和用户配置文件更新过程，使合法用户能够访问物联网系统资源。DMUAS-IoT采用PRESENT进行人脸图像加密，采用椭圆曲线加密进行数据交换。使用ProVerif和AVISPA验证方案的安全性，并使用BAN-Logic检查相互认证。结果表明，该方案具有抵御中间人攻击和模拟攻击的安全性，提供相互认证，且计算成本低。因此，本研究的结果可以帮助保护用户身份验证数据免受涉及物联网和资源约束环境的应用程序的攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

DMUAS-IoT: A Decentralised Multi-Factor User Authentication Scheme for IoT Systems

The Internet of Things (IoT) has become the fundamental infrastructure of many intelligent applications, such as smart homes. IoT applications store distributes various information, including user authentication information, over a public channel that exposes it to security threats and attacks. Therefore, this study intends to protect authentication data communication through a decentralised multi-factor user authentication scheme for secure IoT applications (DMUAS-IoT). The scheme is secure and enables efficient user registration, login and authentication, and the user profile updating process where legitimate users can access the IoT system resources. DMUAS-IoT adopted PRESENT for face image encryption and elliptic curve cryptography for data exchange. The scheme security was verified using ProVerif and AVISPA, and mutual authentication was checked with BAN-Logic. The results show that the scheme is secure against man-in-the-middle and impersonation attacks, provides mutual authentication and has a low computation cost. Hence, the outcomes of this study could help secure user authentication data from attacks on applications involved with IoT and resource constraint environments.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Computing Computer Science-Computer Science (miscellaneous)

CiteScore

2.20

自引率

0.00%

发文量

期刊介绍： The International Journal of Computing Journal was established in 2002 on the base of Branch Research Laboratory for Automated Systems and Networks, since 2005 it’s renamed as Research Institute of Intelligent Computer Systems. A goal of the Journal is to publish papers with the novel results in Computing Science and Computer Engineering and Information Technologies and Software Engineering and Information Systems within the Journal topics. The official language of the Journal is English; also papers abstracts in both Ukrainian and Russian languages are published there. The issues of the Journal are published quarterly. The Editorial Board consists of about 30 recognized worldwide scientists.