Designing Secure User Authentication Protocol for Big Data Collection in IoT-Based Intelligent Transportation System

Abstract

Secure access of the real-time data from the Internet-of-Things (IoT) smart devices (e.g., vehicles) by a legitimate external party (user) is an important security service for big data collection in the IoT-based intelligent transportation system (ITS). To deal with this important issue, we design a new three-factor user authentication scheme, called UAP-BCIoT, which relies on elliptic-curve cryptography (ECC). The mutual authentication between the user and an IoT device happens via the semitrusted cloud-gateway (CG) node in UAP-BCIoT. UAP-BCIoT supports several functionality features needed for IoT-based ITS environment including IoT smart device credential validation and big data analytics. A detailed security analysis is conducted based on the defined threat model to show that UAP-BCIoT is resilient against many known attacks. A thorough comparative study reveals that UAP-BCIoT supports better security, offers various functionality attributes, and also provides similar costs in communication as well computation as compared to other relevant schemes Finally, the practical demonstration of the proposed UAP-BCIoT is also provided to measure its impact on the network performance parameters.