A study of privacy problem solving using device and user authentication for M2M environments

Kim, Jin-Mook; Jeong, Hwa-Young; Hong, Bong-Hwa

doi:10.1002/sec.695

Cited by 9 publications

(5 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the framework lacks the details of any specific authentication scheme, any specific application and the corresponding attacks. The contribution of [14] focuses mostly on withstanding man-in-themiddle attack. The protocol protects the information privacy of other machines and users that are not the subjects of the communication.…”

Section: Related Workmentioning

confidence: 99%

Design of a Secure Password-Based Authentication Scheme for M2M Networks in IoT Enabled Cyber-Physical Systems

Renuka¹,

Kumari

Zhao³

et al. 2019

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) forms a foundation for cyber-physical systems. We propose an efficient and secure authentication scheme for machine-to-machine (M2M) networks in IoT enabled cyber-physical systems. Smart objects and smart devices over CPS are capable of capturing a variety of multimedia contents; interact with each other and also with the physical world in a fully automatic manner without human interference. The proposed scheme allows any pair of entities in an M2M network to mutually authenticate each other and agree on a session key for communicating data in a secure and efficient way. The authentication process does not incorporate the M2M service provider, and hence eliminates the burden of managing the authentication of massive scale devices at the edge of the network. The burden of the authentication process is offloaded and distributed on the gateways under the authority of this M2M service provider. The proposed scheme requires the mobile user to hold only one secret key provided by the M2M service provider, by which, he can roam randomly in the M2M network and authenticate to any of the gateways in the domain. Then, this authenticated gateway allows the mobile user to authenticate with any sensor node in the domain. In the proposed scheme, the authentication process does not rely on any public key cryptographic operations. Authentication is achieved using very few hash invocations and symmetric key encryptions. Therefore, the scheme is suitable for environmental sensors which are limited in resources (computation, storage, and energy). We analyze the security of the proposed scheme using BAN logic, which is widely accepted as a framework for the assessment of authentication protocols and also using ProVerif. We assess the efficiency of the proposed scheme and compare with some recently proposed schemes.

show abstract

Section: Related Workmentioning

confidence: 99%

Design of a Secure Password-Based Authentication Scheme for M2M Networks in IoT Enabled Cyber-Physical Systems

Renuka¹,

Kumari

Zhao³

et al. 2019

IEEE Access

View full text Add to dashboard Cite

show abstract

“…A privacy problem solving using device and user authentication design has been proposed in . The design could not only support the certification process between the devices and users, which are the communication subjects, but also protect the privacy information of other users or machines that are not the subjects of the communication.…”

Section: Relate Workmentioning

confidence: 99%

“…While the works in only consider at most three types of attacks, the proposed authentication scheme with AIBCwKE mechanism provides a comprehensive protection for M2M communication through which the M2M system could withstand Man‐in‐the‐Middle attacks, impersonation attacks, replay attacks, DoS attacks, and compromised attacks. Furthermore, the proposed scheme provides detailed authentication procedures among multi‐parties, that is, mobile devices, environmental devices, and MSP, while the works in only describe the authentication between two parties and lack a specific description of authentication process. So the authentication protocol designed in the work has shown more significant achievements than the previous works.…”

Section: Relate Workmentioning

confidence: 99%

“…The comparison of computation cost with the previous work is shown in Table . Because the previous works in do not mention which cryptography algorithm is used in their scheme, only the works in are compared. Moreover, because the works in just directly utilize the standardized cryptography algorithms, Table only list their underlay algorithms.…”

Section: Efficiency Analysismentioning

confidence: 99%

See 1 more Smart Citation

An authentication scheme with identity-based cryptography for M2M security in cyber-physical systems

Chen

Luo

2016

Security Comm. Networks

View full text Add to dashboard Cite

The Internet has made the world smaller while there is still a gap between the cyber world and our physical world. In the future cyber‐physical system (CPS), all objects in cyber world and physical world would be connected, and the concepts of cyber world and physical world will no longer exist. The speed of information transmitting and processing will be faster, the abilities of controlling facilities and handling events will be more powerful, and our lives will be better. In the CPS, machine to machine (M2M) communication is in charge of data collecting and transmitting, which utilizes both wireless and wired systems to monitor physical or environmental conditions and exchange the information among different systems without direct human intervention. As a part of CPS, M2M communication is considerably important while being fragile at the same time because M2M communication still faces lots of security threats that are not only from outside but also from inside. In traditional M2M communication, the M2M service provider (MSP) is always assumed to be trusted. However, the MSP could be compromised in real world. In that case, the previous security solutions would fail because the most confidential materials are kept in the MSP by the conventional solutions. How to protect the entire system from the compromised MSP is one important problem the paper intends to solve. In addition, the communication bandwidth and energy resource for the M2M devices are precious. Another issue the paper is addressing is the design of efficient security schemes being able to save both energy and communication bandwidth. In this paper, an authentication scheme applying authenticated identity‐based cryptography without key‐escrow mechanism has been proposed. In the proposed scheme, only partial secrets instead of full secrets are stored in the MSP, which could prevent the compromised MSP from endangering the whole system. The authenticated encryption property of the proposed scheme could leave out the work of signature generation, transmission, and verification so as to save the computation and communication resource of the whole system. The security analysis with Burrows–Abadi–Needham logic (BAN Logic) and Simple Promela Interpreter (SPIN) shows that the proposed scheme is well designed and could withstand Man‐in‐the‐Middle attacks, impersonation attacks, replay attacks, DoS attacks, and compromised attacks. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

“…Jin-Mook Kim et al [31] propose an efficient privacy problem solving using device and user authentication (PSDUA) design. The system can prevent the privacy of the parties from leaking to the communication which they are not involved in.…”

Section: Hyundong Lee and Mokdong Chungmentioning

confidence: 99%

Design of security mechanism for cyber-physical systems

Chen¹

View full text Add to dashboard Cite

My sincere gratitude to my supervisor, Prof. Maode Ma from Nanyang Technological University (NTU), for his constructive guidance, technical discussions and constant encouragement throughout the course of my Master research works. The profound knowledge in network security, fluent writing skills, distinct analytical skills and high research integrity possessed by Prof. Ma have inspired my enthusiasm in research field. Prof. Ma is not only a supervisor to my research work but also a mentor of my life, who always provides me with priceless opinions for career and life. It is quite delightful and lucky to have a chance to work under Prof. Ma's supervision. Great thanks to my other group members (Mr. Cao Jin, Mr. He Tuo and Miss. Qiu Yue) and my close friends (Mr. Yew Kwang sing, Mr. Liu Pan, and Mr. Gu Chenjie) for their all-round support and friendships. I dedicate this dissertation to my parents and sister. Their precious love and support are always the motivation of my life. II

show abstract

A study of privacy problem solving using device and user authentication for M2M environments

Cited by 9 publications

References 7 publications

Design of a Secure Password-Based Authentication Scheme for M2M Networks in IoT Enabled Cyber-Physical Systems

Design of a Secure Password-Based Authentication Scheme for M2M Networks in IoT Enabled Cyber-Physical Systems

An authentication scheme with identity-based cryptography for M2M security in cyber-physical systems

Design of security mechanism for cyber-physical systems

Contact Info

Product

Resources

About