Abstract

With an exponential increase in the popularity of Internet, the real-time data collected by various smart sensing devices can be analyzed remotely by a remote user (e.g., a manager) in the Industrial Internet of Things (IIoT). However, in the IIoT environment, the gathered real-time data is transmitted over the public channel, which raises the issues of security and privacy in this environment. Therefore, to protect illegal access by an adversary, user authentication mechanism is one of the promising security solutions in the IIoT environment. To achieve this goal, we propose a new user authenticated key agreement scheme in which only authorized users can access the services from the designated IoT sensing devices installed in the IIoT environment. In the proposed scheme, fuzzy extractor technique is used for biometric verification. Moreover, three factors, namely smart card, password and personal biometrics of a legal registered user are applied in the proposed scheme to increase the level of security in the system. The proposed scheme supports new devices addition after initial deployment of the devices, password/biometric change phase and also smart card revocation phase in case the smart card is lost or stolen by an adversary. In addition, the proposed scheme is lightweight in nature. We carry out the formal security analysis using the broadly accepted Real-Or-Random (ROR) model and also the non-mathematical (informal) security analysis on the proposed scheme. Furthermore, the formal security verification using the popularly-used AVISPA (Automated Validation of Internet Security Protocols and Applications) tool is carried out on the proposed scheme. The detailed security analysis assures that the proposed scheme can withstand several well-known attacks in the IIoT environment. A practical demonstration using the NS2 simulation study is also performed for the proposed scheme and other related existing schemes. Also, a detailed comparative study shows that the proposed scheme is efficient, and provides superior security in comparison to the other schemes.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.