Abstract
Internet of Things is a ubiquitous concept where physical objects are connected over the internet and are provided with unique identifiers to enable their self-identification to other devices and the ability to continuously generate data and transmit it over a network. Hence, the security of the network, data and sensor devices is a paramount concern in the IoT network as it grows very fast in terms of exchanged data and interconnected sensor nodes. This paper analyses the authentication and access control method using in the Internet of Things presented by Jing et al (Authentication and Access Control in the Internet of Things. In Proceedings of the 2012 32nd International Conference on Distributed Computing Systems Workshops, Macau, China, 18–21 June 2012, pp. 588–592). According to our analysis, Jing et al.'s protocol is costly in the message exchange and the security assessment is not strong enough for such a protocol. Therefore, we propose improvements to the protocol to fill the discovered weakness gaps. The protocol enhancements facilitate many services to the users such as user anonymity, mutual authentication, and secure session key establishment. Finally, the performance and security analysis show that the improved protocol possesses many advantages against popular attacks, and achieves better efficiency at low communication cost.
Highlights
Today, there is a multitude of envisioned and implemented use cases using smart devices and sensing nodes forming an emerging global and Internet-based information service platform called the Internet of Things (IoT) [1]
The evolution of the IoT has its origin in the convergence of wireless technologies, advancements of microelectromechanical systems (MEMS) and digital electronics where has been as a result miniature devices with the ability to sense and compute and communicate wirelessly
To meet the mutual authentication security service requirements, the RA after checking the received message, does not send a reply message to the user. In this analysis we found that their protocol is vulnerable to compromised device attacks and replay attacks, especially in Step 2
Summary
There is a multitude of envisioned and implemented use cases using smart devices and sensing nodes forming an emerging global and Internet-based information service platform called the Internet of Things (IoT) [1]. Authentication and access control technologies [11,12,13,14,15,16,17,18,19] are known as the central elements to address security and privacy problems in computer networks [20,21,22,23,24,25,26,27,28,29,30,31,32,33]. Their paper mainly analyzes existing authentication and access control methods; they design a feasible protocol for the Internet of Things. According to their scheme, in the authentication protocol they focused on simple and efficient secure key establishment based on ECC.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
