User Authentication Method using FIDO based Password Management for Smart Energy Environment

Abstract

In a smart energy environment, user authentication is an essential process in smart energy. After the authentication process to verify whether the user is registered one, the user can access the smart service such as power consumption prediction, intelligent energy management. The user authentication technology has evolved to various authentication methods using ID/PW, security token and biometric information because of the diversification of the Internet of Things and social structure. Despite there are various authentication technologies, the ID/PW authentication still widely used because of low cost and convenience. However, the user using ID/PW methods should use different passwords for each service, as well as passwords that include special symbols. Moreover, it is difficult for users to remember complicated passwords and it is not easy to change passwords periodically. Therefore, in this paper, we propose the user authentication method using FIDO based password management. Through the password management, the user login the information system by password as well as biometric information using hardware security device. In addition, the method is compatible with legacy PW authentication. The proposed mechanism will enhance the security on ID/PW authentication method currently in use on most service.