Biometric-based Secure Authentication for IoT-enabled Devices and Applications

Abstract

Smart connected consumer devices employing IoT as the backbone are becoming a part of our day-to-day life. These products are fascinating to everyone but bear a dark side of becoming a threat to consumers and vendors. Users and smart devices manufacturers are losing finances as well as confidential data to the adversary, mainly due to employing insecure authentication methods. There are several reported incidences of such security breaches in IoT-enabled systems. The IoT industry finds it difficult to catch up with fast developments and innovations in lightweight protocols, hardware devices, and authentication mechanisms proposed explicitly for IoT-based products. Furthermore, they are reluctant to embed the evolutions, fearing that consumers may not find the new product budget-friendly. Smart cities, smart homes, smart cars and smart grids are gaining attention from various sections of society with no knowledge of the vulnerabilities of these revolutionary systems. The chapter considers IoT systems from the perspectives of a consumer, a vendor, and a researcher to figure out the present scenario, and give future directions to the authentication-related security issues in IoT subsystems. The device-to-user authentication while accessing connected consumer devices is the area in IoT systems that needs serious attention from academia, the biometric community, and the biometric industry. Also, automated payment systems implemented in smart consumer products are at risk of threats from malicious attackers. Even though there are alliances to brainstorm the specific problem and standardization of protocols for IoT infrastructure, there is slow growth in incorporating the most secure and cost-effective solution to security issues in IoT. We must understand the vulnerabilities and loopholes in IoT infrastructure and correctly design mitigation techniques to build a robust system. The chapter provides a precise investigation of the current scenario to integrate biometric authentication in IoT applications and systems along with the required techniques to mitigate software and hardware-level vulnerabilities in these systems. The study classifies IoT systems and applications into seven categories. The chapter reviews the current research outcomes in this direction and pinpoints their pros and cons while implementing them into future IoT products. It is also required to decide the best biometric modality and implementation mechanisms that are convenient and pocket friendly to the consumers. In addition, the chapter also discusses various biometric traits from the IoT perspective and suggests the best modalities for such systems.