The researchers have designed a new certificate-based device access control scheme in IoT environment which is not only secure against known attacks, but it also preserves anonymity property.
Authors
Jangirala Srinivas, Associate Professor, Jindal Global Business School, O. P. Jindal Global University, Haryana, India.
Saurav Malani, Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, Hyderabad, India.
Ashok Kumar Das, Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, Hyderabad, India.
Kannan Srinathan, Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, Hyderabad, India.
Minho Jo, Department of Computer Convergence Software, Korea University, Sejong City, South Korea
Summary
As the “Internet communications infrastructure” develops to encircle smart devices, it is very much essential for designing suitable methods for secure communications with these smart devices, in the future Internet of Things (IoT) applications context. Due to wireless communication among the IoT smart devices and the gateway node (GWN), several security threats may arise in the IoT environment, including replay, man-in-the-middle, impersonation, malicious devices deployment, and physical devices capture attacks.
In this article, to mitigate such security threats, we design a new certificate-based device access control scheme in IoT environment which is not only secure against mentioned attacks, but it also preserves anonymity property. A detailed security analysis using the widely accepted real-or-random (ROR) model-based formal security analysis, informal security analysis, and also formal security verification based on the broadly accepted automated validation of Internet security protocols and applications (AVISPAs) tool has been performed on the proposed scheme to show that it is secure against various known attacks.
In addition, a comprehensive comparative analysis among the proposed scheme and other relevant schemes shows that a better tradeoff among the security and functionality attributes, communication, and computational costs is achieved for the proposed scheme as compared to other schemes.
Published in: IEEE Internet of Things Journal
To read the full article, please click here.