IoT Device-to-Cloud Continuous Authentication using Lightweight Key Establishment Mechanism

Abstract

Cloud computing is an important component for the success of the Internet of Things (IoT). IoT devices generate massive amounts of data, and cloud computing provides the necessary infrastructure to store, process, and analyze this data. The IoT environment is heterogeneous and connects billions of devices, making it a high-value target for attackers. Impersonation attacks and denial-of-service attacks (DoS) are two common threats that can compromise the availability and security of IoT devices. Continuous authentication is a technique that can help mitigate the risk of session hijacking and unauthorized access to IoT devices. While many existing continuous authentication schemes focus on cloud-to-device authentication, it is also important to authenticate devices themselves, as a compromised device can put the entire system at risk. This research proposes a solution for a secure cloud-to-device continuous authentication protocol that relies on devices' features (such as token, battery). Continuous authentication has been introduced as a solution to the problems related to static authentication. The protocol considers the software and hardware limitations of smart IoT devices by using hash function lightweight cryptography.