Authentication Methods in Internet-of-Things Platform: A Comprehensive Review
محورهای موضوعی : Majlesi Journal of Telecommunication Devices
Golamreza Zargar
1
,
Hamid Barati
2
,
Ali Barati
3
1 - Department of Computer Engineering, Dezful Branch, Islamic Azad University, Dezful, Iran
2 - Department of Computer Engineering, Dezful Branch, Islamic Azad University, Dezful, Iran
3 - Department of Computer Engineering, Dezful Branch, Islamic Azad University, Dezful, Iran
کلید واژه: Authentication, Internet of Things, Security, Privacy Preservation,
چکیده مقاله :
Authentication is a critical aspect of securing Internet-of-Things (IoT) platforms, ensuring only authorized devices and user’s access sensitive data and services. One critical aspect of IoT is ensuring secure and anonymous authentication protocols to safeguard sensitive data. This paper presents a comprehensive review of authentication methods specifically tailored for IoT environments. Through an extensive analysis of existing literature, various authentication techniques in IoT environments are explored. The review covers key aspects such as security mechanisms, privacy preservation techniques, scalability, and usability of these protocols. Furthermore, the paper discusses challenges unique to IoT authentication, such as resource constraints, scalability, and resilience against diverse cyber threats. Various authentication protocols and frameworks applicable to IoT ecosystems are analyzed, highlighting their strengths, weaknesses, and suitability for different IoT use cases. Additionally, the review examines recent advancements in authentication technologies like blockchain in the context of IoT security. Insights from this review aim to provide researchers and practitioners with a deeper understanding of IoT authentication methods and inform the development of robust, efficient, and scalable authentication solutions for IoT platforms.
Authentication is a critical aspect of securing Internet-of-Things (IoT) platforms, ensuring only authorized devices and user’s access sensitive data and services. One critical aspect of IoT is ensuring secure and anonymous authentication protocols to safeguard sensitive data. This paper presents a comprehensive review of authentication methods specifically tailored for IoT environments. Through an extensive analysis of existing literature, various authentication techniques in IoT environments are explored. The review covers key aspects such as security mechanisms, privacy preservation techniques, scalability, and usability of these protocols. Furthermore, the paper discusses challenges unique to IoT authentication, such as resource constraints, scalability, and resilience against diverse cyber threats. Various authentication protocols and frameworks applicable to IoT ecosystems are analyzed, highlighting their strengths, weaknesses, and suitability for different IoT use cases. Additionally, the review examines recent advancements in authentication technologies like blockchain in the context of IoT security. Insights from this review aim to provide researchers and practitioners with a deeper understanding of IoT authentication methods and inform the development of robust, efficient, and scalable authentication solutions for IoT platforms.
[1] Abdul-Qawy, A. S., Pramod, P. J., Magesh, E., & Srinivasulu, T. (2015), “The internet of things (iot): An overview”, International Journal of Engineering Research and Applications, 5(12), 71-82.
[2] Kiamansouri, E., Barati, H., & Barati, A. (2022), “A two-level clustering based on fuzzy logic and content-based routing method in the internet of things, Peer-to-Peer Networking and Applications, 15(4), 2142-2159.
[3] López, T. S., Ranasinghe, D. C., Patkai, B., & McFarlane, D. (2011), “Taxonomy, technology and applications of smart objects”, Information Systems Frontiers, 13, 281-300.
[4] Sharma, N., Shamkuwar, M., & Singh, I. (2019), “The history, present and future with IoT”, Internet of things and big data analytics for smart generation, 27-51.
[5] Akbari, M. R., Barati, H., & Barati, A. (2022), “An overlapping routing approach for sending data from things to the cloud inspired by fog technology in the large-scale IoT ecosystem”, Wireless Networks, 28(2), 521-538.
[6] Akbari, M. R., Barati, H., & Barati, A. (2022), “An efficient gray system theory-based routing protocol for energy consumption management in the Internet of Things using fog and cloud computing”, Computing, 104(6), 1307-1335.
[7] Shojarazavi, T., Barati, H., & Barati, A. (2022), “A wrapper method based on a modified two-step league championship algorithm for detecting botnets in IoT environments”, Computing, 104(8), 1753-1774.
[8] Gubbi, J., Buyya, R., Marusic, S., & Palaniswami, M. (2013), “Internet of Things (IoT): A vision, architectural elements, and future directions”, Future generation computer systems, 29(7), 1645-1660.
[9] Onumanyi, A. J., Abu-Mahfouz, A. M., & Hancke, G. P. (2020), “Low power wide area network, cognitive radio and the Internet of Things: Potentials for integration”, Sensors, 20(23), 6837.
[10] Lee, I., & Lee, K. (2015), “The Internet of Things (IoT): Applications, investments, and challenges for enterprises”, Business horizons, 58(4), 431-440.
[11] Chataut, R., Phoummalayvane, A., & Akl, R. (2023), “Unleashing the power of IoT: A comprehensive review of IoT applications and future prospects in healthcare, agriculture, smart homes, smart cities, and industry 4.0”, Sensors, 23(16), 7194.
[12] Rehman, A., Saba, T., Kashif, M., Fati, S. M., Bahaj, S. A., & Chaudhry, H. (2022), “A revisit of internet of things technologies for monitoring and control strategies in smart agriculture”, Agronomy, 12(1), 127.
[13] Javed, A. R., Shahzad, F., ur Rehman, S., Zikria, Y. B., Razzak, I., Jalil, Z., & Xu, G. (2022), “Future smart cities: Requirements, emerging technologies, applications, challenges, and future aspects”, Cities, 129, 103794.
[14] Sun, P. J. (2019), “Privacy protection and data security in cloud computing: a survey, challenges, and solutions”, Ieee Access, 7, 147420-147452.
[15] Munirathinam, S. (2020), “Industry 4.0: Industrial internet of things (IIOT)” In Advances in computers (Vol. 117, No. 1, pp. 129-164). Elsevier.
[16] Karale, A. (2021), “The challenges of IoT addressing security, ethics, privacy, and laws”, Internet of Things, 15, 100420.
[17] Obaid, O. I., & Salman, S. A. B. (2022), “Security and Privacy in IoT-based Healthcare Systems: A Review”, Mesopotamian Journal of Computer Science, 2022, 29-39.
[18] Chen, J. Q., & Benusa, A. (2017), “HIPAA security compliance challenges: The case for small healthcare providers”, International Journal of Healthcare Management, 10(2), 135-146.
[19] Sun, Y., Lo, F. P. W., & Lo, B. (2019), “Security and privacy for the internet of medical things enabled healthcare systems: A survey”, IEEE Access, 7, 183339-183355.
[20] Hasan, M. K., Ghazal, T. M., Saeed, R. A., Pandey, B., Gohel, H., Eshmawi, A. A., ... & Alkhassawneh, H. M. (2022), “A review on security threats, vulnerabilities, and counter measures of 5G enabled Internet‐of‐Medical‐Things”, IET communications, 16(5), 421-432.
[21] Hamidi, H. (2019), “An approach to develop the smart health using Internet of Things and authentication based on biometric technology”, Future generation computer systems, 91, 434-449.
[22] Newaz, A. I., Sikder, A. K., Rahman, M. A., & Uluagac, A. S. (2021), “A survey on security and privacy issues in modern healthcare systems: Attacks and defenses”, ACM Transactions on Computing for Healthcare, 2(3), 1-44.
[23] Nauman, A., Qadri, Y. A., Amjad, M., Zikria, Y. B., Afzal, M. K., & Kim, S. W. (2020), “Multimedia Internet of Things: A comprehensive survey”, Ieee Access, 8, 8202-8250.
[24] El-Hajj, M., Fadlallah, A., Chamoun, M., & Serhrouchni, A. (2019), “A survey of internet of things (IoT) authentication schemes”, Sensors, 19(5), 1141.
[25] Rajakumari, S., Azhagumeena, S., Devi, A. B., & Ananthi, M. (2017, February), “Upgraded living think-IoT and big data”, In 2017 2nd International Conference on Computing and Communications Technologies (ICCCT) (pp. 181-184). IEEE.
[26] Gupta, B. B., & Quamara, M. (2020), “An overview of Internet of Things (IoT): Architectural aspects, challenges, and protocols”, Concurrency and Computation: Practice and Experience, 32(21), e4946.
[27] Ray, P. P. (2018), “A survey on Internet of Things architectures”, Journal of King Saud University-Computer and Information Sciences, 30(3), 291-319.
[28] Yaqoob, T., Abbas, H., & Atiquzzaman, M. (2019), “Security vulnerabilities, attacks, countermeasures, and regulations of networked medical devices—A review”, IEEE Communications Surveys & Tutorials, 21(4), 3723-3768.
[29] Riggs, H., Tufail, S., Parvez, I., Tariq, M., Khan, M. A., Amir, A., ... & Sarwat, A. I. (2023), “Impact, vulnerabilities, and mitigation strategies for cyber-secure critical infrastructure”, Sensors, 23(8), 4060.
[30] Mohanty, J., Mishra, S., Patra, S., Pati, B., & Panigrahi, C. R. (2021), “IoT security, challenges, and solutions: a review”, Progress in Advanced Computing and Intelligent Engineering: Proceedings of ICACIE 2019, Volume 2, 493-504.
[31] Khattak, H. A., Shah, M. A., Khan, S., Ali, I., & Imran, M. (2019), “Perception layer security in Internet of Things”, Future Generation Computer Systems, 100, 144-164.
[32] Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., & Qiu, D. (2014), “Security of the Internet of Things: perspectives and challenges”, Wireless networks, 20, 2481-2501.
[33] Nastase, L. (2017, May), “Security in the internet of things: A survey on application layer protocols”, In 2017 21st international conference on control systems and computer science (CSCS) (pp. 659-666). IEEE.
[34] Tewari, A., & Gupta, B. B. (2020), “Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework”, Future generation computer systems, 108, 909-920.
[35] Ngu, A. H., Gutierrez, M., Metsis, V., Nepal, S., & Sheng, Q. Z. (2016), “IoT middleware: A survey on issues and enabling technologies”, IEEE Internet of Things Journal, 4(1), 1-20.
[36] Chaqfeh, M. A., & Mohamed, N. (2012, May), “Challenges in middleware solutions for the internet of things”, In 2012 international conference on collaboration technologies and systems (CTS) (pp. 21-26). IEEE.
[37] Nebbione, G., & Calzarossa, M. C. (2020), “Security of IoT application layer protocols: Challenges and findings”, Future Internet, 12(3), 55.
[38] Karagiannis, V., Chatzimisios, P., Vazquez-Gallego, F., & Alonso-Zarate, J. (2015), “A survey on application layer protocols for the internet of things”, Transaction on IoT and Cloud computing, 3(1), 11-17.
[39] Deep, S., Zheng, X., Jolfaei, A., Yu, D., Ostovari, P., & Kashif Bashir, A. (2022), “A survey of security and privacy issues in the Internet of Things from the layered context”, Transactions on Emerging Telecommunications Technologies, 33(6), e3935.
[40] Cresitello-Dittmar, B. (2016), “Application of the blockchain for authentication and verification of identity”, Independent Paper.
[41] Chenchev, I., Aleksieva-Petrova, A., & Petrov, M. (2021), “Authentication Mechanisms and Classification: A Literature Survey”, In Intelligent Computing: Proceedings of the 2021 Computing Conference, Volume 3 (pp. 1051-1070). Springer International Publishing.
[42] Patwary, A. A. N., Naha, R. K., Garg, S., Battula, S. K., Patwary, M. A. K., Aghasian, E., ... & Gong, M. (2021), “Towards secure fog computing: A survey on trust management, privacy, authentication, threats and access control”, Electronics, 10(10), 1171.
[43] Nandy, T., Idris, M. Y. I. B., Noor, R. M., Kiah, L. M., Lun, L. S., Juma’at, N. B. A., ... & Bhattacharyya, S. (2019), “Review on security of internet of things authentication mechanism”, IEEE Access, 7, 151054-151089.
[44] Ferrag, M. A., Maglaras, L. A., Janicke, H., Jiang, J., & Shu, L. (2017), “Authentication protocols for internet of things: a comprehensive survey”, Security and Communication Networks, 2017.
[45] Xu, J., Meng, X., Liang, W., Peng, L., Xu, Z., & Li, K. C. (2020), “A hybrid mutual authentication scheme based on blockchain technology for WBANs”, In Blockchain and Trustworthy Systems: First International Conference, BlockSys 2019, Guangzhou, China, December 7–8, 2019, Proceedings 1 (pp. 350-362). Springer Singapore.
[46] Lee, D. H., & Lee, I. Y. (2020), “A lightweight authentication and key agreement schemes for IoT environments”, Sensors, 20(18), 5350.
[47] Zhang, Y., Li, B., Liu, B., Hu, Y., & Zheng, H. (2021), “A privacy-aware PUFs-based multiserver authentication protocol in cloud-edge IoT systems using blockchain”, IEEE Internet of Things Journal, 8(18), 13958-13974.
[48] Son, S., Lee, J., Kim, M., Yu, S., Das, A. K., & Park, Y. (2020), “Design of secure authentication protocol for cloud-assisted telecare medical information system using blockchain”, IEEE Access, 8, 192177-192191.
[49] Mostafa, A., Lee, S. J., & Peker, Y. K. (2020), “Physical unclonable function and hashing are all you need to mutually authenticate iot devices”, Sensors, 20(16), 4361.
[50] Alzubi, J. A. (2021), “Blockchain-based Lamport Merkle digital signature: authentication tool in IoT healthcare”, Computer Communications, 170, 200-208.
[51] Yang, X., Yang, X., Yi, X., Khalil, I., Zhou, X., He, D., ... & Nepal, S. (2021), “Blockchain-based secure and lightweight authentication for Internet of Things”, IEEE Internet of Things Journal, 9(5), 3321-3332.
[52] Al Ahmed, M. T., Hashim, F., Hashim, S. J., & Abdullah, A. (2022), “Hierarchical blockchain structure for node authentication in IoT networks”, Egyptian Informatics Journal, 23(2), 345-361.
[53] Zhang, Y., Luo, Y., Chen, X., Tong, F., Xu, Y., Tao, J., & Cheng, G. (2022), “A lightweight authentication scheme based on consortium blockchain for cross-domain IoT”, Security and Communication Networks, 2022, 1-15.
[54] Zhao, X., Li, D., & Li, H. (2022), “Practical three-factor authentication protocol based on elliptic curve cryptography for industrial internet of things”, Sensors, 22(19), 7510.
[55] Mirsaraei, A. G., Barati, A., & Barati, H. (2022), “A secure three-factor authentication scheme for IoT environments”, Journal of Parallel and Distributed Computing, 169, 87-105.
[56] Saqib, M., Jasra, B., & Moon, A. H. (2022), “A lightweight three factor authentication framework for IoT based critical applications”, Journal of King Saud University-Computer and Information Sciences, 34(9), 6925-6937.
[57] Lee, J., Oh, J., Kwon, D., Kim, M., Yu, S., Jho, N. S., & Park, Y. (2022), “PUFTAP-IoT: PUF-based three-factor authentication protocol in IoT environment focused on sensing devices”, Sensors, 22(18), 7075.
[58] Singh, A., Chandra, H., Rana, S., & Chhikara, D. (2023), “Blockchain based authentication and access control protocol for IoT”, Multimedia Tools and Applications, 1-23.
[59] Wang, C., Wang, D., Duan, Y., & Tao, X. (2023), “Secure and lightweight user authentication scheme for cloud-assisted internet of things”, IEEE Transactions on Information Forensics and Security.
[60] Lau, C. H., Yeung, K. H., Yan, F., & Chan, S. (2023), “Blockchain‐based authentication and secure communication in IoT networks”, Security and Privacy, 6(6), e319.
[61] Luo, F., Huang, R., & Xie, Y. (2024), “Hybrid blockchain-based many-to-many cross-domain authentication scheme for smart agriculture IoT networks”, Journal of King Saud University-Computer and Information Sciences, 101946.
[62] Long, Y., Peng, C., Tan, W., & Chen, Y. (2024), “Blockchain-Based Anonymous Authentication and Key Management for Internet of Things With Chebyshev Chaotic Maps”, IEEE Transactions on Industrial Informatics.
[63] Benrebbouh, C., Mansouri, H., Cherbal, S., & Pathan, A. S. K. (2024), “Enhanced secure and efficient mutual authentication protocol in IoT-based energy internet using blockchain”, Peer-to-Peer Networking and Applications, 17(1), 68-88.
[64] Zhang, S., & Cao, D. (2024), “A blockchain-based provably secure anonymous authentication for edge computing-enabled IoT”, The Journal of Supercomputing, 80(5), 6778-6808.
[65] Guo, Y., Zhang, Z., Guo, Y., & Xiong, P. (2023), “BSRA: Blockchain-based secure remote authentication scheme for the fog-enabled Internet of Things”, IEEE Internet of Things Journal.
