Abstract
The development of information and communication technology (ICT) has opened the era of the Internet of Things (IoT), in which many devices can connect to the Internet to communicate. Recently, various technologies, such as smart grids, connected cars, and smart farms, have emerged based on IoT, and there is also the smart home, which is the fastest growing market. The smart home is where devices installed for various purposes connect to each other through the Internet so that users can use the service anytime and anywhere. However, while the smart home provides convenience to users, recently the smart home has been exposed to various security threats, such as vulnerability of session/cookies and the use of vulnerable OAuth. In addition, attacks on smart homes by hackers using these vulnerabilities are also increasing. Therefore, in this paper, we propose a user authentication method using the JSON Web Token (JWT) and International Mobile Equipment Identity (IMEI) in the smart home, and solved the problem of unauthorized smart home device registration of hackers by the application of IMEI and JWT technology.
Highlights
The development of the Internet has developed communication between people and things, and recently, the Internet of Things (IoT), which provides convenience to people by enabling communication between various devices, has emerged
A company that develops and sells smart home items, conducted a survey of 3000 US and Canadian consumers in 2014 and 2015, and in response to the question, “Why purchase smart home technology?” 90% of smart device buyers cited home security as a reason to avoid accidents that could happen in the home due to theft or carelessness, and 70% said it was for cost saving, including remote control of heating and commissioning of gas valves during commuting
ProposeTdheSpchroepmoseed protocol is divided into a protocol in which a user authenticates itself where a JSON Web Token (JWT) is issued from a home gateway, a protocol in which a new smart home device is registered only
Summary
The development of the Internet has developed communication between people and things, and recently, the Internet of Things (IoT), which provides convenience to people by enabling communication between various devices, has emerged. Since registered users can access the smart home via a remote device both inside and outside the smart home, in order to use smart home services securely, user authentication processes, such as session/cookie techniques or OAuth, is performed. These techniques are increasingly vulnerable to session hijacking attacks, and the exploitation of user information due to the detection of application programming interface (API) vulnerabilities is increasing [2,3,4].
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
