SELAMAT: A New Secure and Lightweight Multi-Factor Authentication Scheme for Cross-Platform Industrial IoT Systems.

Haqi Khalid,Fazirulhisyam Hashim,Shaiful Jahari Hashim,Muhammad Akmal Chaudhary,Sharifah Mumtazah Syed Ahmad

doi:10.3390/s21041428

Haqi Khalid, Fazirulhisyam Hashim + Show 3 more

Open Access

https://doi.org/10.3390/s21041428

Copy DOI

Abstract

The development of the industrial Internet of Things (IIoT) promotes the integration of the cross-platform systems in fog computing, which enable users to obtain access to multiple application located in different geographical locations. Fog users at the network’s edge communicate with many fog servers in different fogs and newly joined servers that they had never contacted before. This communication complexity brings enormous security challenges and potential vulnerability to malicious threats. The attacker may replace the edge device with a fake one and authenticate it as a legitimate device. Therefore, to prevent unauthorized users from accessing fog servers, we propose a new secure and lightweight multi-factor authentication scheme for cross-platform IoT systems (SELAMAT). The proposed scheme extends the Kerberos workflow and utilizes the AES-ECC algorithm for efficient encryption keys management and secure communication between the edge nodes and fog node servers to establish secure mutual authentication. The scheme was tested for its security analysis using the formal security verification under the widely accepted AVISPA tool. We proved our scheme using Burrows Abdi Needham’s logic (BAN logic) to prove secure mutual authentication. The results show that the SELAMAT scheme provides better security, functionality, communication, and computation cost than the existing schemes.

Highlights

The Internet of things (IoT) has gained tremendous popularity in the last decade with the advent of many powerful, low-cost devices such as sensors, RFIDs, etc., coupled with various communication media
This paper proposes a lightweight multi-factor authentication scheme for crossplatform industrial IoT systems, SELAMAT
In SELAMAT, we use the AES-elliptic cryptosystem (ECC) algorithm for efficient and secure key management encryption mechanisms in the cloud provider server that acts as a trusted authority

Summary

Introduction

The Internet of things (IoT) has gained tremendous popularity in the last decade with the advent of many powerful, low-cost devices such as sensors, RFIDs, etc., coupled with various communication media. The integration combines industrial devices equipped with communication, sensors, and Internet-connected actuator modules [1]. Interoperability between devices and machines using different protocols with different architectures and the security of such protocols and data generated with these devices is the primary concern for IIoT [2,3,4]. The attacker can intercept and alter this transmitted data These attacks threaten confidentiality in the information collected and transmitted, leading to less trust in the entire system [5]. Constrained devices, are the primary security considerations for IoT and IIoT applications

Methods

Results

Discussion

Conclusion