An ultra light weight and secure RFID batch authentication scheme for IoMT

With the widespread use of Internet of Things (IoT) in various applications and several security vulnerabilities reported in them, the security requirements have become an integral part of an IoT system. Authentication and access control are the two principal security requirements for ensuring authorized and restricted accesses to limited and essential resources in IoT. The built-in authentication mechanism in IoT devices is not reliable, because several security vulnerabilities are revealed in the firmware implementation of authentication protocols in IoT. On the other hand, the current authentication approaches for IoT that are not firmware are vulnerable to some security attacks prevalent in IoT. Moreover, the recent access control approaches for IoT have limitations in context-awareness, scalability, interoperability, and security. To mitigate these limitations, there is a need for a robust authentication and access control system to safeguard the rapidly growing number of IoT devices. Consequently, in this paper, we propose a new secure unified authentication and access control system for IoT, called SUACC-IoT. The proposed system is based around the notion of capability, where a capability is considered as a token containing the access rights for authorized entities in the network. In the proposed system, the capability token is used to ensure authorized and controlled access to limited resources in IoT. The system uses only lightweight Elliptic Curve Diffie-Hellman Ephemeral (ECDHE), symmetric key encryption/decryption, message authentication code and cryptographic hash primitives. SUACC-IoT is proved to be secure against probabilistic polynomial-time adversaries and various attacks prevalent in IoT. The experimental results demonstrate that the proposed protocol's maximum CPU usage is 29.35%, maximum memory usage is 2.79% and computational overhead is 744.5 ms which are quite acceptable. Additionally, in SUACC-IoT, a reasonable communication cost of 872 bits is incurred for the longest message exchanged.

show abstract

“…The scheme's security is formally analyzed. Other authentication schemes in IoT-related environments have been also suggested in [27,28].…”

Section: Related Workmentioning

confidence: 99%

SUACC-IoT: secure unified authentication and access control system based on capability for IoT

Sivaselvan

Rajarajan

et al. 2022

Cluster Comput

View full text Add to dashboard Cite

show abstract

“…It was observed that radio frequency identification authentication is utilized on many occasions for the IoMT to identify end nodes and users. In order to avoid tag collisions of RFIDs, a scheme is proposed by [ 105 ] using aloha. The scheme uses the dynamic framed slotted aloha, which is an anticollision protocol [ 106 ].…”

Section: Literature Reviewmentioning

confidence: 99%

A Survey of Authentication in Internet of Things-Enabled Healthcare Systems

Khan

Din

Majali

et al. 2022

Sensors

View full text Add to dashboard Cite

The Internet of medical things (IoMT) provides an ecosystem in which to connect humans, devices, sensors, and systems and improve healthcare services through modern technologies. The IoMT has been around for quite some time, and many architectures/systems have been proposed to exploit its true potential. Healthcare through the Internet of things (IoT) is envisioned to be efficient, accessible, and secure in all possible ways. Even though the personalized health service through IoT is not limited to time or location, many associated challenges have emerged at an exponential pace. With the rapid shift toward IoT-enabled healthcare systems, there is an extensive need to examine possible threats and propose countermeasures. Authentication is one of the key processes in a system’s security, where an individual, device, or another system is validated for its identity. This survey explores authentication techniques proposed for IoT-enabled healthcare systems. The exploration of the literature is categorized with respect to the technology deployment region, as in cloud, fog, and edge. A taxonomy of attacks, comprehensive analysis, and comparison of existing authentication techniques opens up possible future directions and paves the road ahead.

show abstract

“…Figure 9 shows the authentication architectures for IoMT systems. Many researchers proposed robust, centralized authentication schemes by authentication servers in cloud-based IoMT systems [25,[44][45][46]. They adopted a flat, centralized architecture where all nodes are authenticated through cloud-based authentication servers.…”

Section: Authentication Architecturesmentioning

confidence: 99%

“…Possession credentials refer to the information possessed by the entity, such as a smart card or passport for user authentication, and radio waves for device authentication. The researchers in [25,[44][45][46] used Radio-Frequency Identification (RFID) technology as a possession credential to identify devices anonymously and perform the authentication process. Other device authentication schemes used Physically Unclonable Function (PUF) to identify IoMT devices [49,52].…”

Section: Authentication Credentialsmentioning

confidence: 99%

Authentication in the Internet of Medical Things: Taxonomy, Review, and Open Issues

Alsaeed

Nadeem

2022

Applied Sciences

View full text Add to dashboard Cite

The Internet of Medical Things (IoMT) has revolutionized the world of healthcare by remotely connecting patients to healthcare providers through medical devices connected over the Internet. IoMT devices collect patients’ medical data and share them with healthcare providers, who analyze it for early control of diseases. The security of patients’ data is of prime importance in IoMT. Authentication of users and devices is the first layer of security in IoMT. However, because of diverse and resource-constrained devices, authentication in IoMT is a challenging task. Several authentication schemes for IoMT have been proposed in the literature. However, each of them has its own pros and cons. To identify, evaluate and summarize the current literature on authentication in IoMT, we conducted a systematic review of 118 articles published between 2016 and 2021. We also established a taxonomy of authentication schemes in IoMT from seven different perspectives. We observed that most of the authentication schemes use a distributed architecture and public key infrastructure. It was also observed that hybrid cryptography approaches have become popular to overcome the shortcomings of single cryptographic approaches. Authentication schemes in IoMT need to support end-to-end, cross-layer, and cross-domain authentication. Finally, we discuss some open issues and future directions.

show abstract

An ultra light weight and secure RFID batch authentication scheme for IoMT

Cited by 27 publications

References 19 publications

SUACC-IoT: secure unified authentication and access control system based on capability for IoT

SUACC-IoT: secure unified authentication and access control system based on capability for IoT

A Survey of Authentication in Internet of Things-Enabled Healthcare Systems

Authentication in the Internet of Medical Things: Taxonomy, Review, and Open Issues

Contact Info

Product

Resources

About