SUACC-IoT: secure unified authentication and access control system based on capability for IoT
Sivaselvan, N., Bhattacharyya, K., Rajarajan, M. ORCID: 0000-0001-5814-9922 , Das, A. & Rodrigues, J. (2022). SUACC-IoT: secure unified authentication and access control system based on capability for IoT. Cluster Computing, 26(4), pp. 2409-2428. doi: 10.1007/s10586-022-03733-w
Abstract
With the widespread use of Internet of Things (IoT) in various applications and several security vulnerabilities reported in them, the security requirements have become an integral part of an IoT system. Authentication and access control are the two principal security requirements for ensuring authorized and restricted accesses to limited and essential resources in IoT. The built-in authentication mechanism in IoT devices is not reliable, because several security vulnerabilities are revealed in the firmware implementation of authentication protocols in IoT. On the other hand, the current authentication approaches for IoT that are not firmware are vulnerable to some security attacks prevalent in IoT. Moreover, the recent access control approaches for IoT have limitations in context-awareness, scalability, interoperability, and security. To mitigate these limitations, there is a need for a robust authentication and access control system to safeguard the rapidly growing number of IoT devices. Consequently, in this paper, we propose a new secure unified authentication and access control system for IoT, called SUACC-IoT. The proposed system is based around the notion of capability, where a capability is considered as a token containing the access rights for authorized entities in the network. In the proposed system, the capability token is used to ensure authorized and controlled access to limited resources in IoT. The system uses only lightweight Elliptic Curve Diffie-Hellman Ephemeral (ECDHE), symmetric key encryption/decryption, message authentication code and cryptographic hash primitives. SUACC-IoT is proved to be secure against probabilistic polynomial-time adversaries and various attacks prevalent in IoT. The experimental results demonstrate that the proposed protocol’s maximum CPU usage is 29.35%, maximum memory usage is 2.79% and computational overhead is 744.5 ms which are quite acceptable. Additionally, in SUACC-IoT, a reasonable communication cost of 872 bits is incurred for the longest message exchanged.
Publication Type: | Article |
---|---|
Additional Information: | This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/. |
Publisher Keywords: | Internet of Things (IoT), Authentication, Access control, Capability, Security |
Subjects: | H Social Sciences > HN Social history and conditions. Social problems. Social reform Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
Departments: | School of Science & Technology > Engineering |
SWORD Depositor: |
Available under License Creative Commons: Attribution International Public License 4.0.
Download (1MB) | Preview
Export
Downloads
Downloads per month over past year