LMAAS-IoT: Lightweight multi-factor authentication and authorization scheme for real-time data access in IoT cloud-based environment

Abstract

Internet of Things (IoT) is a network of interconnected smart devices which provides tremendous benefits and can be applied in various fields including, but not limited to, healthcare, monitoring, and transportation. Since late of 2019, the world faces coronavirus (COVID-19) which has harmful consequences in humans’ life and economy. Reducing human interaction is the most important health measure to avoid the spread of the infection. In this context, leveraging IoT and cloud-based technology help to remedy COVID-19 consequences by means of enabling individuals to manage their essential activities remotely with minimum engagement. However, sharing and gathering sensitive information over public insecure channel brings enormous security risks. To avoid these risks, we present a new practical lightweight multi-factor authentication and authorization scheme for real-time data access in IoT cloud-based environment, called LMAAS-IoT. Our scheme is suitable for, but not limited to, managing large scale systems such as health infrastructures. LMAAS-IoT is secure, efficient and strengthens user anonymity using dynamic index. Our design supports high scalability systems with efficient user registration process in which the legitimate user can access current as well as newly added system entities without further processes. We employed “one-way cryptographic hash functions” along with “bitwise XOR operations”. In addition, a fuzzy extractor algorithm is used at user side to verify user’s biometric information. LMAAS-IoT is analyzed for security with the help of the widely used “Real-Or-Random (ROR)” model; proof of correctness using BAN-logic; formal security verification using the broadly accepted “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool as well as the informal security analysis. LMAAS-IoT is also implemented using NS-3.31 simulator to demonstrate the practicability of our design. Finally, LMAAS-IoT provides more desired attributes and achieves mutual authentication with low computation and communication cost compared with other existing schemes.