Yazar "Al-Turjman, Fadi" seçeneğine göre listele

Listeleniyor 1 - 7 / 7
  • Küçük Resim
    Öğe
    Correcting design flaws: An improved and cloud assisted key agreement scheme in cyber physical systems
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2020) Chaudhry, Shehzad Ashraf; Shon, Taeshik; Al-Turjman, Fadi; Alsharif, Mohammed H.
    The on demand availability of resources in Cyber physical system (CPS) has emerged as a viable service providing platform to improve the resource usability and reducing the infrastructure costs. Nevertheless, the development recompenses can only be realized after avoiding security and privacy issues. A secure and reliable CPS can offer improved efficiency, usability and reliability along with autonomy. To secure such systems, in 2018 Challa a al. (2018) proposed a security system to extend an authenticated key agreement between a user and a cloud server via trusted authority; as an application, they also customized their system to work with autonomous smart meter and cloud server. Challa a al. then claimed the security of their proposed scheme through formal, informal and automated validations. However, this paper unveils the weaknesses of their scheme and shows that their scheme cannot facilitate in forming a session key between the user/smart meter and the cloud server. Precisely, in the presence of more than one registered users/smart meters, the latter in their scheme may never receive a response message because of a critical design error. Moreover, their scheme lacks the untraceable anonymity and the lack of request verification on cloud server side may also lead to replay and/or denial of services attack. The article then introduces an improved and secure authentication system free of correctness issues, to facilitate a key agreement between user and cloud server via trusted authority. As an application, the proposed system also works for smart meter and cloud server to reach a key agreement. Based on the hardness assumption of Elliptic Curve Decisional Diffi-Hellman Problem (ECDDHP), the formal Random oracle model proves the security of the proposed scheme. Moreover, the robustness of the scheme is explained through informal analysis. The proposed system while providing all known security features has slightly increased the computation and communication costs as compared with the scheme of Challa a al. The proposed scheme completes a cycle of authentication by exchanging 2080 bits in just 13.4066 ms.
  • Küçük Resim Yok
    Öğe
    On the Security of an Authentication Scheme for Smart Metering Infrastructure
    (Institute of Electrical and Electronics Engineers Inc., 2020) Yahya, Khalid; Chaudhry, Shehzad Ashraf; Al-Turjman, Fadi
    Recently, in 2019, Kumar et al. (IEEE Transactions on Smart Grid 10.4 (2018): 4349-4359) proposed an ECC based lightweight authentication and Key agreement scheme (LAKA) to secure the communication among a smart meter (SM) and a neighbourhood area network (NAN) gateway. The LAKA scheme was proved as secure and efficient as per the comparisons performed by Kumar et al. Specifically, it was argued through security analysis that LAKA provides anonymity and resistance to related attacks. However, the specific analysis in this paper contradicts their claim and it is shown here that in addition to ephemeral secret leakage attack and lack of untraceability, the LAKA is also vulnerable to stolen verifier attack. © 2020 IEEE.
  • Küçük Resim
    Öğe
    A Privacy Enhanced Authentication Scheme for Securing Smart Grid Infrastructure
    (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2022) Chaudhry, Shehzad Ashraf; Nebhan, Jamel; Yahya, Khalid O. Moh.; Al-Turjman, Fadi
    The rapid advancements in smart grid (SG) technology extend a large number of applications including vehicle charging, smart buildings, and smart cities through the efficient use of advanced communication architecture. However, the underlying public channel leads these services to be vulnerable to many threats. Recently, some security schemes were proposed to counter these threats. However, the insecurities of some of these schemes against key compromise impersonation (KCI) and related attacks or compromise on efficiency calls for a secure and efficient authentication scheme for SG infrastructure. A new scheme to secure SG communication is presented in this article to provide a direct device-to-device authentication among smart meter and neighborhood area network gateway. Designed specifically to resists KCI and related attacks, the proposed scheme is more secure and completes the authentication procedure by using the least communication cost as compared with related schemes, which is evident through security and efficiency comparisons.
  • Küçük Resim Yok
    Öğe
    RapidAuth: Fast Authentication for Sustainable IoT
    (Springer Science and Business Media Deutschland GmbH, 2021) Aman, Muhammad Naveed; Chaudhry, Shehzad Ashraf; Al-Turjman, Fadi
    The exponential growth in the number of Internet of Things (IoT) devices, the sensitive nature of data they produce, and the simple nature of these devices makes IoT systems vulnerable to a wide range cyber-threats. Physical attacks are one of the major concerns for IoT device security. Security solutions for the IoT have to be accurate and quick since many real time applications depend on the data generated by these devices. In this article, we undertake the IoT authentication problem by proposing a fast protocol RapidAuth, which also restricts physical attacks. The proposed protocol uses Physical Unclonable Functions to achieve the security goals and requires the exchange of only two messages between the server and an IoT device. The analysis of RapidAuth proves its’ robustness against various types of attacks as well as its’ efficiency in terms of computation, communication, memory overheads and energy consumption. © 2021, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
  • Küçük Resim
    Öğe
    A Secure and Reliable Device Access Control Scheme for IoT Based Sensor Cloud Systems
    (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2020) Chaudhry, Shehzad Ashraf; Yahya, Khalid O. Moh.; Al-Turjman, Fadi; Yang, Ming-Hour
    Among other security concerns, the reliable device to device direct communication is an important research aspect in sensor cloud system application of Internet of things (IoT). The access control mechanism can ensure the reliability through secure communication among two IoT devices without mediation of intermediate agent. Mainly, it requires twofold strategy involving the authentication of each other and session key establishment. Quite recently, in 2019, Das et al. proposed a certificate based lightweight access control and key agreement scheme for IoT devices (LACKA-IoT) to ensure smooth and secure access control and claimed LACKA-IoT to withstand the several attacks. Specifically, it is claimed that LACKA-IoT can resist device impersonation and man in middle attacks. However, the proof in this article refutes their claim and it is shown here, that LACKA-IoT is insecure against both device impersonation and man in middle attacks. An adversary just by using public parameters and by listening the communication channel can impersonate any device. Moreover, the same can also launch successful man in middle attack using public parameters and listened messages from public channel. An improved protocol iLACKA-IoT is then proposed in the paper. The iLACKA-IoT provides resistance against various types of threats and provides the required level of security, for evidence both formal validation through random or real (ROR) model as well as the informal validation through discussion on attack resilience is provided. The iLACKA-IoT is not only better in security but also provides performance efficiency as compared with LACKA-IoT and related schemes.
  • Küçük Resim
    Öğe
    Securing Demand Response Management: A Certificate-Based Access Control in Smart Grid Edge Computing Infrastructure
    (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141 USA, 2020) Chaudhry, Shehzad Ashraf; Alhakami, Hosam; Baz, Abdullah; Al-Turjman, Fadi
    The edge computing infrastructure has enabled a massive amount of data in the smart grid environment by a large number of connected automated devices to be processed at the edge of the network in proximity to the data generation source. The demand response management is a fundamental requirement for an efficient and reliable smart grid environment, which can be accomplished by the transfer of data between smart devices and the utility center (UC) in a smart city, very frequently. However, this frequent data transfer is subject to multiple threats including the tempering. Several authentication schemes were proposed to secure smart grid environment. However, many such schemes are either insecure or lack the required efficiency. To counter the threats and to provide efficiency, a new authentication scheme for demand response management (DRMAS) is proposed in this paper. DRMAS provides all necessary security requirements and resists known attacks. The proposed DRMAS is provably secure under formal analysis supplemented by a brief discussion on attack resilience. Moreover, the DRMAS completes the authentication procedure in just 20.11 ms by exchanging only 2 messages.
  • Küçük Resim
    Öğe
    Securing Smart City Surveillance: A Lightweight Authentication Mechanism for Unmanned Vehicles
    (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141 USA, 2020) Ali, Zeeshan; Chaudhry, Shehzad Ashraf; Ramzan, Muhammad Sher; Al-Turjman, Fadi
    The significance of the Internet of Drones (IoD) is increasing steadily and now IoD is being practiced in many military and civilian-based applications. IoD facilitates real-time data access to the users especially the surveillance data in smart cities using the current cellular networks. However, due to the openness of communication channel and battery operations, the drones and the sensitive data collected through drones are subject to many security threats. To cope the security challenges, recently, Srinivas et al. proposed a temporal credential based anonymous lightweight authentication scheme (TCALAS) for IoD networks. Contrary to the IoD monitoring framework proposed by Srinivas et al., their own scheme can work only when there is one and only one cluster/fiying zone and is not scalable. Moreover, despite their claim of robustness, the investigation in this paper reveals that Srinivas et al.'s scheme cannot resist traceability and stolen verifier attacks. Using the lightweight symmetric key primitives and temporal credentials, an improved scheme (iTCALAS) is then proposed. The proposed scheme while maintaining the lightweightness provides security against many known attacks including traceability and stolen verifier. The proposed iTCALAS extends scalability and can work when there are several fiying zone/clusters in the IoD environment. The formal security proof along with automated verification using ProVerif show robustness of proposed iTCALAS. Moreover, the security discussion and performance comparisons show that the iTCALAS provides the known security features and completes authentication in just 2:295 ms