A Secure and Reliable Device Access Control Scheme for IoT Based Sensor Cloud Systems

Küçük Resim

Dosyalar

09149883.pdf (5.96 MB)

Tarih

2020

Yazarlar

Dergi Başlığı

Dergi ISSN

Cilt Başlığı

Yayıncı

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141

Erişim Hakkı

info:eu-repo/semantics/openAccess
Attribution-NonCommercial-NoDerivs 3.0 United States

Özet

Among other security concerns, the reliable device to device direct communication is an important research aspect in sensor cloud system application of Internet of things (IoT). The access control mechanism can ensure the reliability through secure communication among two IoT devices without mediation of intermediate agent. Mainly, it requires twofold strategy involving the authentication of each other and session key establishment. Quite recently, in 2019, Das et al. proposed a certificate based lightweight access control and key agreement scheme for IoT devices (LACKA-IoT) to ensure smooth and secure access control and claimed LACKA-IoT to withstand the several attacks. Specifically, it is claimed that LACKA-IoT can resist device impersonation and man in middle attacks. However, the proof in this article refutes their claim and it is shown here, that LACKA-IoT is insecure against both device impersonation and man in middle attacks. An adversary just by using public parameters and by listening the communication channel can impersonate any device. Moreover, the same can also launch successful man in middle attack using public parameters and listened messages from public channel. An improved protocol iLACKA-IoT is then proposed in the paper. The iLACKA-IoT provides resistance against various types of threats and provides the required level of security, for evidence both formal validation through random or real (ROR) model as well as the informal validation through discussion on attack resilience is provided. The iLACKA-IoT is not only better in security but also provides performance efficiency as compared with LACKA-IoT and related schemes.

Açıklama

Anahtar Kelimeler

Device access control, device impersonation, forged message, IoT access, reliability

Kaynak

IEEE Access

WoS Q Değeri

Q2

Scopus Q Değeri

Q1

Cilt

8

Sayı

Künye

Bağlantı

https://hdl.handle.net/11363/5364
 https://doi.org/

Koleksiyon

Web of Science ve Scopus Atıf Dizinlerindeki Yayınlar
Scopus İndeksli Yayınlar Koleksiyonu
WoS İndeksli Yayınlar Koleksiyonu