Yazar "Bin Zikria, Yousaf" seçeneğine göre listele

Listeleniyor 1 - 10 / 10
  • Küçük Resim
    Öğe
    An anonymous device to device access control based on secure certificate for internet of medical things systems
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Chaudhry, Shehzad Ashraf; Irshad, Azeem; Nebhen, Jamel; Bashir, Ali Kashif; Moustafa, Nour; Al-Otaibi, Yasser D.; Bin Zikria, Yousaf
    The Internet of Medical Things (IoMT) is structured upon both the sensing and communication infrastructure and computation facilities. The IoMT provides the convenient and cheapest ways for healthcare by aiding the remote access to the patients’ physiological data and using machine learning techniques for help in diagnosis. The communication delays in IoMT can be very harmful to healthcare. Device to device (D2D) secure communication is a vital area that can reduce communication delays; otherwise, caused due to the mediation of a third party. To substantiate a secure D2D communication framework, some schemes were recently proposed to secure D2D based communication infrastructure suitable for IoMT-based environments. However, the insecurities of some schemes against device physical capture attack and non-provision of anonymity along with related attacks are evident from the literature. This calls for a D2D secure access control system for realizing sustainable smart healthcare. In this article, using elliptic curve cryptography, a certificate based D2D access control scheme for IoMT systems (D2DAC-IoMT) is proposed. The security of the proposed D2DAC-IoMT is substantiated through formal and informal methods. Moreover, the performance analysis affirms that the proposed scheme provides a good trade-off between security and efficiency compared with some recent schemes.
  • Küçük Resim
    Öğe
    A clogging resistant secure authentication scheme for fog computing services
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Ali, Zeeshan; Chaudhry, Shehzad Ashraf; Mahmood, Khalid; Garg, Sahil; Lv, Zhihan; Bin Zikria, Yousaf
    Fog computing (FC) is an infrastructure consisting of decentralized computing, where computing resources such as storage, applications, and data are scattered among the cloud and data source. Fog computing inherits similar privacy and security concerns present in cloud computing, such as authentication and key management issues. Recently, Wazid et al. presented a scheme of authentication key exchange for fog computing called SAKA-FC to address these issues. We analyzed and identified that the SAKA-FC suffers from some severe vulnerabilities. Furthermore, we presented an improved scheme to mitigate these problems while retaining its strengths. The formal security analysis of the proposed scheme is validated through BAN logic. At the same time, the AVISPA tool is employed for automated formal security verification. Informal security analysis is conducted to attest that the proposal can confront the known attacks. Using computation and communication costs as the metrics, the proposed scheme is also compared with some state-of-the-art schemes. The proposed scheme achieves the same communication cost as of SAKA-FC, whereas the difference in computation cost is 24%. This increase in computation cost is justifiable as the proposal is resistant to clogging attacks and provides better security than the prior schemes.
  • Küçük Resim
    Öğe
    Efficient Neighbour Feedback Based Trusted Multi Authenticated Node Routing Model for Secure Data Transmission
    (MDPI, ST ALBAN-ANLAGE 66, CH-4052 BASEL, SWITZERLAND, 2021) Bondada, Praveen; Samanta, Debabrata; Chaudhry, Shehzad Ashraf; Bin Zikria, Yousaf; Ishmanov, Farruh
    The Mobile Ad Hoc Network (MANET) is a network that does not have a fixed infrastructure. Migratory routes and related hosts that are connected via wireless networks self-configure it. Routers and hosts are free to wander, and nodes can change the topology fast and unexpectedly. In emergencies, such as natural/human disasters, armed conflicts, and emergencies, the lowest configuration will ensure ad hoc network applicability. Due to the rapidly rising cellular service requirements and deployment demands, mobile ad-hoc networks have been established in numerous places in recent decades. These applications include topics such as environmental surveillance and others. The underlying routing protocol in a given context has a significant impact on the ad hoc network deployment power. To satisfy the needs of the service level and efficiently meet the deployment requirements, developing a practical and secure MANET routing protocol is a critical task. However, owing to the intrinsic characteristics of ad hoc networks, such as frequent topology changes, open wireless media and limited resources, developing a safe routing protocol is difficult. Therefore, it is vital to develop stable and dependable routing protocols for MANET to provide a better packet delivery relationship, fewer delays, and lower overheads. Because the stability of nodes along this trail is variable, the route discovered cannot be trusted. This paper proposes an efficient Neighbour Feedback-based Trusted Multi Authenticated Node (NFbTMAN) Routing Model. The proposed model is compared to traditional models, and the findings reveal that the proposed model is superior in terms of data security.
  • Küçük Resim
    Öğe
    GCACS-IoD: A certificate based generic access control scheme for Internet of drones
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Chaudhry, Shehzad Ashraf; Yahya, Khalid O. Moh.; Karuppiah, Marimuthu; Kharel, Rupak; Bashir, Ali Kashif; Bin Zikria, Yousaf
    Internet of drones (IoD) has gained significant importance in recent times due to its applications in several critical domains ranging from commercial to defense and rescue operations. With several drones flying in different zones to carry out specified tasks, the IoD can be beneficial to gather the real time data for interpretation by the users. However, the data access is carried out through an open channel and battery operated drones. Therefore, the drones’ security and privacy are crucial for accomplishing mission-critical, safety-critical, or surveillance operations. In 2020, Bera et al. presented a certificate based access control scheme for securing the IoD access and argued the scheme’s security through formal and informal methods. However, the analysis presented in this paper shows that the scheme of Bera et al. does not provide anonymity and is insecure against multiple threats, including drone impersonation, the man in the middle, and replay attacks. We then designed a generic certificate based access control scheme to provide inter-drone and drone to ground station access control/authentication in the IoD domain (GCACS-IoD). The GCACS-IoD is provably secure against the known attacks and provides anonymity. GCACS-IoD extends security while preserving computation and communication efficiencies.
  • Küçük Resim
    Öğe
    An Improved Authentication Scheme for Digital Rights Management System
    (WILEY-HINDAWI, ADAM HOUSE, 3RD FL, 1 FITZROY SQ, LONDON WIT 5HE, ENGLAND, 2022) Hussain, Sajid; Bin Zikria, Yousaf; Mallah, Ghulam Ali; Chen, Chien-Ming; Alshehri, Mohammad Dahman; Ishmanov, Farruh; Chaudhry, Shehzad Ashraf
    With the increasing number and popularity of digital content, the management of digital access rights has become an utmost important field. Through digital rights management systems (DRM-S), access to digital contents can be defined and for this, an efficient and secure authentication scheme is required. The DRM authentication schemes can be used to give access or restrict access to digital content. Very recently in 2020, Yu et al. proposed a symmetric hash and xor-based DRM and termed their system to achieve both security and performance efficiency. Contrarily, in this study, we argue that their scheme has several issues including nonresistance to privileged insider and impersonation attacks. Moreover, it is also to show in this study that their scheme has an incorrect authentication phase and due to this incorrectness, the scheme of Yu et al. lacks user scalability. An improved scheme is then proposed to counter the insecurities and incorrectness of the scheme of Yu et al. We prove the security of the proposed scheme using BAN logic. For a clear picture of the security properties, we also provide a textual discussion on the robustness of the proposed scheme. Moreover, due to the usage of symmetric key-based hash functions, the proposed scheme has a comparable performance efficiency.
  • Küçük Resim
    Öğe
    REAS-TMIS: Resource-Efficient Authentication Scheme for Telecare Medical Information System
    (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141, 2022) Tanveer, Muhammad; Khan, Abd Ullah; Alkhayyat, Ahmed; Chaudhry, Shehzad Ashraf; Bin Zikria, Yousaf; Kim, Sung Won
    The phenomenal growth of smartphones and wearable devices has begun crowd-sourcing applications for the Internet of Things (IoT). E-healthcare is considered the essential service for crowd-sourcing IoT applications that help remote access or storage medical server (MS) data to the authorized doctors, patients, nurses, etc., via the public Internet. As the public Internet is exposed to various security attacks, remote user authenticated key exchange (AKE) has become a pressing need for the secure and reliable use of these services. This paper proposes a new resource-efficient AKE scheme for telecare medical information systems, called REAS-TMIS. It uses authenticated encryption with associative data (AEAD) and a hash function. AEAD schemes are devised specifically for encrypted communication among resource-constricted IoT devices. These features of AEAD make REAS-TMIS resource-efficient. Moreover, REAS-TMIS dispenses with the elliptic curve point multiplication and chaotic map that are computationally expensive operations. In addition, REAS-TMIS renders the functionality of session key (SK) establishment for future encrypted communication between MS and users after validating the authenticity of the user. The security of SK is corroborated employing the well establish random oracle model. Moreover, Scyther-based security corroboration is implemented to show that REAS-TMIS is secure, and informal security analysis is executed to show the resiliency of REAS-TMIS against various security attacks. Besides, a thorough analysis shows that REAS-TMIS, while accomplishing the authentication phase, requires less computational, communication, and storage resources than the related authentication protocol.
  • Küçük Resim Yok
    Öğe
    Rotating behind Privacy: An Improved Lightweight Authentication Scheme for Cloud-based IoT Environment
    (Assoc Computing Machinery, 2021) Chaudhry, Shehzad Ashraf; Irshad, Azeem; Yahya, Khalid; Kumar, Neeraj; Alazab, Mamoun; Bin Zikria, Yousaf
    The advancements in the internet of things (IoT) require specialized security protocols to provide unbreakable security along with computation and communication efficiencies. Moreover, user privacy and anonymity has emerged as an integral part, along with other security requirements. Unfortunately, many recent authentication schemes to secure IoT-based systems were either proved as vulnerable to different attacks or prey of inefficiencies. Some of these schemes suffer from a faulty design that happened mainly owing to undue emphasis on privacy and anonymity alongside performance efficiency. This article aims to show the design faults by analyzing a very recent hash functions-based authentication scheme for cloud-based IoT systems with misunderstood privacy cum efficiency tradeoff owing to an unadorned design flaw, which is also present in many other such schemes. Precisely, it is proved in this article that the scheme of Wazid et al. cannot provide mutual authentication and key agreement between a user and a sensor node when there exists more than one registered user. We then proposed an improved scheme and proved its security through formal and informal methods. The proposed scheme completes the authentication cycle with a minor increase in computation cost but provides all security goals along with privacy.
  • Küçük Resim
    Öğe
    A secure and lightweight authentication scheme for next generation IoT infrastructure
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Rana, Minahil; Shafiq, Akasha; Altaf, Izwa; Alazab, Mamoun; Mahmood, Khalid; Chaudhry, Shehzad Ashraf; Bin Zikria, Yousaf
    While the 6G/IoT transition is on the cards, the real advantage of this transition can be realized only if the user privacy and security are guaranteed. The smartcard and password based authentication protocols can help the transition in a rapid way. However, due to insecurities and/or heavy computation, many such protocols cannot cope with the dynamic requirements of future generation networks. Recently, Kaul and Awasthi presented a robust and secure user authentication protocol based on resource friendly symmetric cryptography primitives. They declared that their introduced protocol is convenient, efficient, and secure for the applications in realworld. In contrast, this article describes that protocol of Kaul and Awasthi is not secure because an attacker can easily find the identity of a legal user that is being sent on the public channel. Further, by using the identity of a legitimate user, an attacker can impersonate himself as a legitimate user of the system and can enjoy the services given by the server. So, their protocol is susceptible to user impersonation attacks, and their claim of being secure is proven to be wrong. Therefore, we have extended their work and presented an upgraded scheme by ensuring secure communication over the entire channel. Moreover, our proposed scheme is safe not solely against user impersonation attack but also major security attacks with reasonable communication, computation, and storage costs and is a better candidate for deployment in 6G/IoT networks.
  • Küçük Resim
    Öğe
    A Secure and Lightweight Drones-Access Protocol for Smart City Surveillance
    (IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ, 2022) Akram, Muhammad Wahid; Bashir, Ali Kashif; Shamshad, Salman; Saleem, Muhammad Asad; AlZubi, Ahmad Ali; Chaudhry, Shehzad Ashraf; Alzahrani, Bander A.; Bin Zikria, Yousaf
    The rising popularity of ICT and the Internet has enabled Unmanned Aerial Vehicle (UAV) to offer advantageous assistance to Vehicular Ad-hoc Network (VANET), realizing a relay node’s role among the disconnected segments in the road. In this scenario, the communication is done between Vehicles to UAVs (V2U), subsequently transforming into a UAV-assisted VANET. UAV-assisted VANET allows users to access real-time data, especially the monitoring data in smart cities using current mobile networks. Nevertheless, due to the open nature of communication infrastructure, the high mobility of vehicles along with the security and privacy constraints are the significant concerns of UAV-assisted VANET. In these scenarios, Deep Learning Algorithms (DLA) could play an effective role in the security, privacy, and routing issues of UAV-assisted VANET. Keeping this in mind, we have devised a DLA-based key-exchange protocol for UAV-assisted VANET. The proposed protocol extends the scalability and uses secure bitwise XOR operations, one-way hash functions, including user’s biometric verification when users and drones are mutually authenticated. The proposed protocol can resist many well-known security attacks and provides formal and informal security under the Random Oracle Model (ROM). The security comparison shows that the proposed protocol outperforms the security performance in terms of running time cost and communication cost and has effective security features compared to other related protocols.
  • Küçük Resim
    Öğe
    A secure demand response management authentication scheme for smart grid
    (ELSEVIER, RADARWEG 29, 1043 NX AMSTERDAM, NETHERLANDS, 2021) Irshad, Azeem; Chaudhry, Shehzad Ashraf; Alazab, Mamoun; Kanwal, Ambrina; Zia, M. Sultan; Bin Zikria, Yousaf
    The electricity demands are floated through smart grid (SG) devices to a remote power management system and utility center (UC) for utilizing energy-based services, while the UCs manage the distribution of power. Nevertheless, in smart grid systems, the communication messages are susceptible to various threats, since the information related to power consumption is communicated over an unsafe public channel. Therefore, a secure authenticated key agreement scheme is crucial for dispensing energy-based services to legal subscribers. In this regard, Yu et al. designed a secure authentication scheme for smart grid-based demand response management. Nevertheless, we discover that Yu et al.’s protocol is prone to replay attack, denial-of-service attack, and many technical defects in the protocol. Thus, we propose an anonymous and lightweight authenticated key agreement protocol for smart grid-based demand response management countering the limitations in Yu et al.’s scheme. Our scheme may withstand known security attacks, and also supports privacy as well as mutual authentication. We evaluate the security properties of contributed protocol employing informal security analysis and proved the security of session key between the utility center and smart grid using Burrows Abadi Needham (BAN) logic analysis and ProVerif automated simulation. The achieved results sufficiently advocate the practical implementation of the scheme.