Lightweight and provable secure cross-domain access control scheme for internet of things (IoT) based wireless body area networks (WBAN)

Abstract

Internet of Things (IoT) not only connects the conventional devices for communication, but also enables low power wireless devices such as sensors, door locks, light switches, mobile phones, refrigerators, thermostats to be connected to the IoT ecosystem. These devices communicate and cooperate with each other to help us achieve our daily life goals in the IoT environment. Normally, these devices are resource-constrained in terms of on-board energy, computing capability and memory. The Wireless Body Area Network (WBAN) is one of the growing technologies, which uses IoT. Wireless body area network (WBAN) is made out of sensors that periodically collect and transmit a human's physiological information to application providers. The communication between IoT devices over the Internet and those on the local networks needs to be secured to gain the trust and acceptance of all stakeholders and to avoid direct physical harm to humans including possible loss of life. By securing the communication, we mainly consider the security features of confidentiality, integrity, authenticity, nonrepudiation, unforgeability, and forward security of the massages exchanged. We designed a lightweight and provable secure cross domain access control scheme for IoT-based WBAN. The new scheme utilizes the concept of certificateless signcryption at the application provider side and identity based signcryption at the WBAN side. The proposed scheme's security hardness and efficiency are based on the hyper elliptic curve, which uses small parameter and key sizes in contrast to bilinear pairing, RSA, and elliptic curve cryptosystems. The results of a comparative analysis with existing counterparts show that the proposed scheme is characterized by least computation cost and communication overhead, these being 1.92 milliseconds and 1296 bits, respectively thereby demonstrating the superiority of the proposed scheme. Additionally, we evaluated the formal security of the proposed scheme by using the security verification and validation tool called AVISPA, which shows that our scheme is safe.