Search results

This paper aims at providing a comparative analysis of the existing protocols that address the security issues in the Future Internet (FI) and also to introduce a Collaborative Mutual Identity Establishment (CMIE) scheme which adopts the elliptical curve cryptography (ECC), to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as denial-of-service (DoS) and replay attack.

This paper provides a comparative analysis of the existing protocols that address the security issues in the FI and also provides a CMIE scheme, by adopting the ECC and digital signature verification mechanism, to address the issues, such as content integrity, mutual authentication, forward secrecy, auditability and resistance to attacks such as DoS and replay attack. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI. Further, the algorithm is evaluated against Automated Validation of Internet Security Protocols and Application (AVISPA) tool to verify the security solutions that the CMIE scheme has claimed to address to have been effectively achieved in reality.

The algorithm is evaluated against AVISPA tool to verify the security solutions that the CMIE scheme has claimed to address and proved to have been effectively achieved in reality. The proposed scheme enables the establishment of secured interactions between devices and entities of the FI.

Considering the Internet of Things (IoT) scenario, another important aspect that is the device-to-location (D2L) aspect has not been considered in this protocol. Major focus of the protocol is centered around the device-to-device (D2D) and device-to-server (D2S) scenarios. Also, IoT basically works upon a confluence of hundreds for protocols that support the achievement of various factors in the IoT, for example Data Distribution Service, Message Queue Telemetry Transport, Extensible Messaging and Presence Protocol, Constrained Application Protocol (CoAP) and so on. Interoperability of the proposed CMIE algorithm with the existing protocols has to be considered to establish a complete model that fits the FI. Further, each request for mutual authentication requires a querying of the database and a computation at each of the participating entities side for verification which could take considerable amount of time. However, for applications that require firm authentication for maintaining and ensuring secure interactions between entities prior to access control and initiation of actual transfer of sensitive information, the negligible difference in computation time can be ignored for the greater benefit that comes with stronger security. Other factors such as quality of service (QoS) (i.e. flexibility of data delivery, resource usage and timing), key management and distribution also need to be considered. However, the user still has the responsibility to choose the required protocol that suits one’s application and serves the purpose.

The originality of the work lies in adopting the ECC and digital signature verification mechanism to develop a new scheme that ensures mutual authentication between participating entities in the FI based upon certain user information such as identities. ECC provides efficiency in terms of key size generated and security against main-in-middle attack. The proposed scheme provides secured interactions between devices/entities in the FI.

Due to the connectivity of the multiple devices and the systems on the same network, rapid development has become possible in Internet of Things (IoTs) for the last decade. But, IoT is mostly affected with severe security challenges due to the potential vulnerabilities happened through the multiple connectivity of sensors, devices and system. In order to handle the security challenges, literature presents a handful of security protocols for IoT. The purpose of this paper is to present a threat profiling and elliptic curve cryptography (ECC)-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and authorization centre (AC) performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks. Finally, DPWSim is utilized for simulation of IoT and verification of proposed protocol to show that the protocol is secure against passive and active attacks.

In this work, the authors have presented a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and AC performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks.

DPWSim is utilized for simulation of IoT and verification of the proposed protocol to show that this protocol is secure against passive and active attacks. Also, attack analysis is carried out to prove the robustness of the proposed protocol against the password guessing attack, impersonation attack, server spoofing attack, stolen verifier attack and reply attack.

This paper presents a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs.

Open service access (OSA) is a flexible and efficient approach for mobile service deployment. In OSA, network functionality offered to application servers (ASs) is defined by a set of service capability features (SCFs). The AS implements services by accessing the service capability through the standardized OSA application programming interface.

The paper shows how the AS provides services by integrating the services supported by the SCFs. Then it uses the OSA mutual authentication and the push to talk over cellular service to illustrate the interaction among the AS modules and how the AS interacts with the framework and the SCFs.

With this environment, the service developers are not required to access the details of the underlying mobile network, and thus the service deployment can be sped up. The purpose of this paper is to propose an AS architecture.

This paper proposed an OSA AS architecture. Based on this architecture, a new application is created by implementing the appLogic module that invokes the SCFs through the appService modules and appService callback modules.

Internet of Things (IoT) is a challenging and promising system concept and requires new types of architectures and protocols compared to traditional networks. Security is an extremely critical issue for IoT that needs to be addressed efficiently. Heterogeneity being an inherent characteristic of IoT gives rise to many security issues that need to be addressed from the perspective of new architectures such as software defined networking, cryptographic algorithms, federated cloud and edge computing.

The paper analyzes the IoT security from three perspectives: three-layer security architecture, security issues at each layer and security countermeasures. The paper reviews the current state of the art, protocols and technologies used at each layer of security architecture. The paper focuses on various types of attacks that occur at each layer and provides the various approaches used to countermeasure such type of attacks.

The data exchanged between the different devices or applications in the IoT environment are quite sensitive; thus, the security aspect plays a key role and needs to be addressed efficiently. This indicates the urgent needs of developing general security policy and standards for IoT products. The efficient security architecture needs to be imposed but not at the cost of efficiency and scalability. The paper provides empirical insights about how the different security threats at each layer can be mitigated.

The paper fulfills the need of having an extensive and elaborated survey in the field of IoT security, along with suggesting the countermeasures to mitigate the threats occurring at each level of IoT protocol stack.

A wireless body area network (WBAN) is a collection of sensing devices attached to a person’s body that is typically used during health care to track their physical state. This paper aims to study the security challenges and various attacks that occurred while transferring a person’s sensitive medical diagnosis information in WBAN.

This technology has significantly gained prominence in the medical field. These wearable sensors are transferring information to doctors, and there are numerous possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. As a result, mutual authentication and session key negotiations are critical security challenges for wearable sensing devices in WBAN. This work proposes an improved mutual authentication and key agreement protocol for wearable sensing devices in WBAN. The existing related schemes require more computational and storage requirements, but the proposed method provides a flexible solution with less complexity.

As sensor devices are resource-constrained, proposed approach only makes use of cryptographic hash-functions and bit-wise XOR operations, hence it is lightweight and flexible. The protocol’s security is validated using the AVISPA tool, and it will withstand various security attacks. The proposed protocol’s simulation and performance analysis are compared to current relevant schemes and show that it produces efficient outcomes.

This technology has significantly gained prominence in the medical sector. These sensing devises transmit information to doctors, and there are possibilities for an intruder to pose as a doctor and obtain information about the patient’s vital information. Hence, this paper proposes a lightweight and flexible protocol for mutual authentication and key agreement for wearable sensing devices in WBAN only makes use of cryptographic hash-functions and bit-wise XOR operations. The proposed protocol is simulated using AVISPA tool and its performance is better compared to the existing methods. This paper proposes a novel improved mutual authentication and key-agreement protocol for wearable sensing devices in WBAN.

The purpose of this paper is to complete the following works: construct RFID integration mechanism in the supply chain; build mutual authentication mechanism; and build the transfer mechanism in supply chain.

In order to transfer RFID tag information to others safely in mobile RFID supply chain circumstances, the authors propose a RFID authentication mechanism which can ensure the identity and make the mutual authentication. Moreover, the authors propose a secure transfer method of ownership for the specific role in different regions under the structure of Mobile RFID.

The task of administrator server is to check the order, store the merchandise information, distribute the authority, certify the security and transfer the ownership. It can make the whole supply chain more mobility, and transfer faster.

The goals of this research are to achieve mainly: using mobile RFID system to design secure mutual authentication mechanism, transfer mechanisms with faster transfer and authority distribution. The authors introduce the security authentication and competence transfer mechanism in supply chain.

The purpose of this paper is to study lightweight security scheme for Internet of Things (IoT) applications using Constrained Application Protocol (CoAP). Resource-constrained characteristics of IoT systems have ushered in compelling requirements for lightweight application protocol and security suites. CoAP has already been established as the candidate protocol for IoT systems. However, low overhead security scheme for CoAP is still an open problem. Existing security solutions like Datagram Transport Layer Security (DTLS) is not suitable, particularly due to its expensive handshaking, public key infrastructure (PKI)-based authentication and lengthy ciphersuite agreement process.

This paper proposes a lightweight security scheme in CoAP using Advanced Encryption Standard (AES) 128 symmetric key algorithm. The paper presents an object security (payload embedded)-based robust authentication mechanism with integrated key management. The paper introduces few unique modifications to CoAP header to optimize security operation and minimize communication cost.

It is resilient to number of security attacks like replay attack, meet-in-the-middle attack and secure under chosen plaintext attack. This scheme is generic in nature, applicable for gamut of IoT applications. The paper proves efficacy of our proposed scheme for vehicle tracking application in emulated laboratory setup. Specifically, it compares with DTLS-enabled CoAP to establish the lightweight feature of our proposed solution.

This paper mainly focuses on implementing in-vehicle tracking systems as an IoT application and used CoAP as the application protocol.

Such a lightweight security scheme would provide immense benefit in IoT systems so that resource constraint-sensing devices and nodes can be made secure. This would impact IoT eco systems to a large extent.

Such kind of security suite that provides both robustness and lightweight feature is hitherto not known to the authors, particularly in CoAP for IoT applications.

Wu et al.'s scheme has a security problem that is related to anonymity: attackers can determine by interception the identity of a legal user. This paper aims to propose a new secure authentication which combines a chaos system with an Arnold cat map. The scheme improves upon that of the Wu et al.'s scheme. The scheme proposed herein provides for full anonymity and improves the security of authentication messages for wireless communications.

A novel scheme that integrates a chaos sequence is used with an Arnold cat map for authentication messages. Authentication messages are shuffled using an Arnold cat map to improve the security of authentication in wireless communications. An analytic approach based on a chaos sequence with an Arnold cat map is developed to secure authentication. The proposed scheme is presented in this study to overcome the inherent drawbacks of existing designs.

The integrated scheme involves two steps. First, a chaos map is used to generate a set of chaos sequences that is added to the authentication messages. Second, the authentication messages are shuffled using an Arnold cat map. The main feature of the proposed design is such that the chaos systems are sensitive to the initial values of conditions. Sensitivity will lead to long-term behavior unpredictability to reflect the non-linear dynamic systems. Furthermore, to increase the complexity of the authentication message, the authors also use an Arnold cat map.

The proposed scheme provides functions that include full anonymity properties, protection of the real identity of the user, one-time password properties, timestamp benefits and sufficient complexity of the password. The analysis shows that the proposed scheme exhibits the advantages of the chaos system and is more secure than previous schemes. Notably, the proposed scheme is effective for wireless communications.

Fifth-generation (5G) networks play a significant role in handover methods. 5G wireless network is open, flexible and highly heterogeneous along with the overlay coverage and small cell deployments. Handover management is one of the main problems in the heterogeneous network. Also, handover satisfies the needs of ultra-reliable communications along with very high reliability and availability in 5G networks. Handover management deals with every active connection of a user’s device, which moves the connection between the user’s device and the counterparty from one network point to another. Thus, the handover decision determines the best access network and also decides whether the handover is performed or not.

The main intention of this survey is to review several existing handover technologies in 5G. Using the categories of analysis, the existing techniques are divided into different techniques such as authentication-based techniques, blockchain-based techniques, software-defined-based techniques and radio access-based techniques. The survey is made by considering the methods such as used software, categorization of methods and used in the research works. Furthermore, the handover rate is considered for performance evaluation for the handover techniques in 5G. The drawbacks present in the existing review papers are elaborated in research gaps and issues division.

Through the detailed analysis and discussion, it can be summarized that the widely concerned evaluation metric for the performance evaluation is the handover rate. It is exploited that the handover rate within the range of 91%–99% is achieved by three research papers.

A survey on the various handover mechanisms in 5G networks is expected in this study. The research papers used in this survey are gathered from different sources such as Google Scholar and IEEE. Also, this survey suggests a further extension for the handover mechanism in 5G networks by considering various research gaps and issues.

Cloud computing plays a significant role in the initialization of secure communication between users. The advanced technology directs to offer several services, such as platform, resources, and accessing the network. Furthermore, cloud computing is a broader technology of communication convergence. In cloud computing architecture, data security and authentication are the main significant concerns.

The purpose of this study is to design and develop authentication and data security model in cloud computing. This method includes six various units, such as cloud server, data owner, cloud user, inspection authority, attribute authority, and central certified authority. The developed privacy preservation method includes several stages, namely setup phase, key generation phase, authentication phase and data sharing phase. Initially, the setup phase is performed through the owner, where the input is security attributes, whereas the system master key and the public parameter are produced in the key generation stage. After that, the authentication process is performed to identify the security controls of the information system. Finally, the data is decrypted in the data sharing phase for sharing data and for achieving data privacy for confidential data. Additionally, dynamic splicing is utilized, and the security functions, such as hashing, Elliptic Curve Cryptography (ECC), Data Encryption Standard-3 (3DES), interpolation, polynomial kernel, and XOR are employed for providing security to sensitive data.

The effectiveness of the developed privacy preservation method is estimated based on other approaches and displayed efficient outcomes with better privacy factor and detection rate of 0.83 and 0.65, and time is highly reduced by 2815ms using the Cleveland dataset.

This paper presents the privacy preservation technique for initiating authenticated encrypted access in clouds, which is designed for mutual authentication of requester and data owner in the system.