Next Article in Journal
Experimental Study on Whole Wind Power Structure with Innovative Open-Ended Pile Foundation under Long-Term Horizontal Loading
Next Article in Special Issue
Countering DDoS Attacks in SIP Based VoIP Networks Using Recurrent Neural Networks
Previous Article in Journal
Generation of Vortex Optical Beams Based on Chiral Fiber-Optic Periodic Structures
Previous Article in Special Issue
Data Improvement Model Based on ECG Biometric for User Authentication and Identification
Open AccessArticle
Peer-Review Record

A Lightweight Authentication and Key Agreement Schemes for IoT Environments

Sensors 2020, 20(18), 5350; https://doi.org/10.3390/s20185350
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Reviewer 3: Anonymous
Sensors 2020, 20(18), 5350; https://doi.org/10.3390/s20185350
Received: 10 August 2020 / Revised: 16 September 2020 / Accepted: 16 September 2020 / Published: 18 September 2020
(This article belongs to the Special Issue Intelligent and Adaptive Security in Internet of Things)

Round 1

Reviewer 1 Report

The contributions seem well presented along with reference scenario, security requirements elicitation, proposed conceptual scheme, experiment setup and analysis of results. However, the related works are not well covered.

-       The authentication and access control (i.e., authorization) mechanisms are two interrelated issues. The security policies can be used as an authentication mechanism. The author can have a look existing/relevant dynamic access control mechanisms, ref.: the dynamic CAAC (context-aware access control) models from this survey - A survey of context-aware  access  control  mechanisms  for  cloud and fog networks:  Taxonomy and open research issues: Sensors 2020, and write a future research direction here.

-       The authors also can have a look at the direction of ‘accessing data from multiple IoT sources’ and ‘providing a secure authentication mechanism’ in such direction'. The author at least can provide a future research direction focusing multiple IoT sources/environments. The last section can be named as 'Conclusion and Future Research'. Ref: IoT Streaming Data Integration from Multiple Sources, Computing journal, 2020.

-       How to bring data from multiple IoT sources and protect them from unauthorized users and cyber attackers/criminals? – this can be explained and included in the related work section. In the literature, the ''dynamic access control study'' has been appeared that are relevant to this work: A secure lightweight three-factor authentication scheme for IoT in cloud computing environment, Sensors, 2019. The authors also can explore access control models/protocols; and how the access control protocols can be incorporated as cybersecurity mechanism. The secure data access/authorization concept should be incorporated along with secure Authentication challenges.

-       The authors should explore the authorization-related works from the literature. The authors should cover a good literature survey in this direction and provide a comparative assessment table, covering both authentication and authorization domains – highlighting the contributions in this paper comparing with other works. Recently, scholars are trying to introduce dynamic access control approaches/frameworks when data are coming from distributed/multiple cloud environments – here both authentication and authorization need to be considered as security mechanism. There is also a very recent domain of fog computing and edge-oriented security to safeguard IoT data at the edge of the network. 

Author Response

Dear Reviewer,

Please see the attachment.

 

Sincerely,

Dae-Hwi Lee.

Author Response File: Author Response.pdf

Reviewer 2 Report

The authors in this paper are trying to propose a lightweight authentication scheme as well as key agreement model for IoT environments. IoT is weak devices when it comes to computation and calculation! The proposed scheme suppose to improve the authentication process. The authors must handle the following: - The smart factory environments is not explained in the results section? - The topology of the system is missing. Adding figure will help. - Simulation environment table with full details? - Comparison with other similar models also missing! Fig. 6 is not enough. - Why page 11 is half empty! - Enrich your paper and include more studies from recent years with consideration to blockchain. I recommend: A Blockchain-Based Decentralized Composition Solution for IoT Services, Trustworthy and Sustainable Smart City Services at the Edge, Efficient and Robust Top-k Algorithms for Big Data IoT, Empowering reinforcement learning on big sensed data for intrusion detection. - Proofread the whole paper.

Author Response

Dear Reviewer,

Please see the attachment.

 

Sincerely,

Dae-Hwi Lee.

Author Response File: Author Response.pdf

Reviewer 3 Report

I think overall the content is there the writing however is weak. English quality should be significantly improved in the revision.

References and related work should be strengthened

The following key references are missing

Vajda I, Buttyán L. Lightweight authentication protocols for low-cost RFID tags. InSecond Workshop on Security in Ubiquitous Computing–Ubicomp 2003 Oct 12 (Vol. 2003). Gilbert H, Robshaw M, Sibert H. Active attack against HB/sup+: a provably secure lightweight authentication protocol. Electronics Letters. 2005 Oct 24;41(21):1169-70. Malina L, et al.. A secure publish/subscribe protocol for internet of things. InProceedings of the 14th International Conference on Availability, Reliability and Security 2019 Aug 26 (pp. 1-10).   Kamal M, et al. Blockchain-Based Lightweight and Secured V2V Communication in the Internet of Vehicles. IEEE Transactions on Intelligent Transportation Systems. 2020 Jun 24.   More emphasis should be given on the Results section    

Author Response

Dear Reviewer,

Please see the attachment.

 

Sincerely,

Dae-Hwi Lee.

Author Response File: Author Response.pdf

Round 2

Reviewer 2 Report

The author answered are minimal effort. They are advised to revise and spend more effort convincing the reader and the reviewer as the current version does not constitute enough contributions.

Author Response

Dear Reviewer,

 

Thank you for your careful reading.

Please see the attachment.

 

Sincerely,

Dae-Hwi Lee.

Author Response File: Author Response.pdf

Reviewer 3 Report

The authors have handled all of my revision requests from the first round. Paper should undergo a thorough spelling and grammar check prior to final publication

Author Response

Dear Reviewer,

 

Thank you for your careful reading.

Please see the attachment.

 

Sincerely,

Dae-Hwi Lee.

Author Response File: Author Response.pdf

Back to TopTop