A dual-factor access authentication scheme for IoT terminal in 5G environments with network slice selection

Abstract

5G and Internet of Things (IoT) are closely related and promote each other. Network Slice (NS) technology based on Software Defined Network (SDN) and Network Function Virtualization (NFV) have changed the traditional network architecture. Subsequently, the secure access authentication of IoT terminals for 5G networks and the selection of network slice services have become important issues for the deep integration of 5G and IoT. In this paper, we propose a dual-factor access authentication scheme for IoT terminal in 5G environments with network slice selection. To be specific, IoT terminals first use Physical Unclonable Function (PUF) to ensure their own security, then use secure one-way hash function, XOR calculation, and pseudo-identities to achieve anonymous authentication, and finally establish a secure connection with the 5G core network as well as the Management Architecture and Network Orchestration (MANO) to access customized network slices. The proposed protocol can eventually realize session key negotiation between IoT terminals, 5G core network elements and MANO entities to ensure data transmission security. We verify the security of the protocol through simulation and security analysis, and demonstrate the efficiency of the protocol by comparing it with state-of-the-art schemes.