Search Results (4)

Internet of Things (IoT) technology is evolving over the peak of smart infrastructure with the participation of IoT devices in a wide range of applications. Traditional IoT authentication methods are vulnerable to threats due to wireless data transmission. However, IoT devices are resource- and energy-constrained, so building lightweight security that provides stronger authentication is essential. This paper proposes a novel, two-layered multi-factor authentication (2L-MFA) framework using blockchain to enhance IoT devices and user security. The first level of authentication is for IoT devices, one that considers secret keys, geographical location, and physically unclonable function (PUF). Proof-of-authentication (PoAh) and elliptic curve Diffie–Hellman are followed for lightweight and low latency support. Second-level authentication for IoT users, which are sub-categorized into four levels, each defined by specific factors such as identity, password, and biometrics. The first level involves a matrix-based password; the second level utilizes the elliptic curve digital signature algorithm (ECDSA); and levels 3 and 4 are secured with iris and finger vein, providing comprehensive and robust authentication. We deployed fuzzy logic to validate the authentication and make the system more robust. The 2L-MFA model significantly improves performance, reducing registration, login, and authentication times by up to 25%, 50%, and 25%, respectively, facilitating quicker cloud access post-authentication and enhancing overall efficiency. Full article

The Internet of Things (IoT) is an integrated environment as it merges physical smart objects to the Internet via wireless technologies to share data. The global connectivity of IoT devices brings the needs to ensure security and privacy for data owners and data users. In this paper, an attribute-based access control scheme for IoT (AAC-IoT) using Hyperledger Fabric (HLF) blockchain is proposed to address the security challenges. In the AAC-IoT scheme, data owners are registered and authenticated using identities, certificates and signatures. Data users, however, are registered with identities, certificates, signatures and physical unclonable function (PUF); then a credence score is computed for users to predict the originality during authentication. For access control, attribute-based access control (ABAC) is used, and the number of attributes is selected based on the sensitivity of the data. In accordance with the attributes count, the access control policies are generated. The novel concept of attribute count is determined from a fuzzy logic method using data type and preference. Hyperledger Fabric (HLB) blockchain is presented to manage meta-data and security credentials from data owners and data users, respectively, using a lightweight hashing algorithm. The AAC-IoT model using HLF blockchain is developed with Java programming language and iFogSim simulator. The performance metrics are measured based on latency, throughput and storage overhead, and the results show better outcome than the previous research work. Full article

Blockchain technology has been commonly used in the last years in numerous fields, such as transactions documenting and monitoring real assets (house, cash) or intangible assets (copyright, intellectual property). The internet of things (IoT) technology, on the other hand, has become the main driver of the fourth industrial revolution, and is currently utilized in diverse fields of industry. New approaches have been established through improving the authentication methods in the blockchain to address the constraints of scalability and protection in IoT operating environments of distributed blockchain technology by control of a private key. However, these authentication mechanisms do not consider security when applying IoT to the network, as the nature of IoT communication with numerous entities all the time in various locations increases security risks resulting in extreme asset damage. This posed many difficulties in finding harmony between security and scalability. To address this gap, the work suggested in this paper adapts multimodal biometrics to strengthen network security by extracting a private key with high entropy. Additionally, via a whitelist, the suggested scheme evaluates the security score for the IoT system with a blockchain smart contract to guarantee that highly secured applications authenticate easily and restrict compromised devices. Experimental results indicate that our system is existentially unforgeable to an efficient message attack, and therefore, decreases the expansion of infected devices to the network by up to 49 percent relative to traditional schemes. Full article

The modern encryption methods are reliable if strong keys (passwords) are used, but the human factor issue cannot be solved by cryptographic methods. The best variant is binding all authenticators (passwords, encryption keys, and others) to the identities. When a user is authenticated by biometrical characteristics, the problem of protecting a biometrical template stored on a remote server becomes a concern. The paper proposes several methods of generating keys (passwords) by means of the fuzzy extractors method based on signature parameters without storing templates in an open way. Full article