Abstract
IoT has started to penetrate in all walks of life starting from home to industrial applications. The number of internet connected devices is increasing every day. Data breaches against a huge amount of data evolving in it also in rise which makes security imperative. Message Queuing Telemetry Transport Protocol (MQTT) is one of the most widely used lightweight communication protocol for the Internet of Things (IoT) services. In this work, two-way communication using socket was adopted between node and gateway, and publish/subscribe-based communication was used between node and user. In order to ensure overall authorized access of the data from the devices, the proposed work provides three-factor authentication mechanism including perpetual and one-way hashing. Further, computational and storage analysis was performed, which proves that this scheme is suitable for resource-constrained devices and used to minimize the computational complexity, space, and bandwidth.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Noor MBM, Hassan WH (2018) Current research on Internet of Things (IoT) security: a survey. Comput Netw
Karagiannis V, Chatzimisios P, Vazquez-gallego F, Alonso-zarate J (2015) Application layer protocols for the internet of things research motivation, pp 1–10
Prada MA, Reguera P, Alonso S, Morán A, Fuertes JJ, DomÃnguez M (2016) Communication with resource-constrained devices through MQTT for control education. IFAC-PapersOnLine. 49:150–155
Hammer-Lahav E (2011) The OAuth 1.0 Protocol. OAuth 1.0 Protoc
The OAuth 2.0 Authorization Framework. OAuth 2.0 Auth. Framew
Fremantle P, Aziz B, Kopecky J, Scott P (2014) Federated identity and access management for the internet of things. In: 2014 proceedings of international workshop on the security of the internet of things SIoT 2014, pp 10–17
Niruntasukrat A, Issariyapat C, Pongpaibool P, Meesublak K, Aiumsupucgul P, Panya A (2016) Authorization mechanism for MQTT-based internet of things. In: 2016 IEEE International conference on communications work ICC 2016, vol 6, pp 290–295
Chung JH (2016) Adaptive energy-efficient SSL/TLS method using fuzzy logic for the MQTT-Based internet of things. Int J Eng Comput Sci 5:19296–19303
Bogdanov A, Knežević M, Leander G, Toz D, Varici K, Verbauwhede I (2013) SPONGENT: The design space of lightweight cryptographic hashing. IEEE Trans Comput 62:2041–2053
Hammad BT, Jamil N, Rusli ME, Z`aba MR (2017) A survey of lightweight cryptographic hash function. Int J Sci Eng Res 8:806–814
Wu W, Wu S, Zhang L, Zou J, Dong L (2014) LHash: a lightweight hash function. Lect Notes Comput Sci (including Subser Lect Notes Artif Intell Lect Notes Bioinf) 8567:291–308
Li X, Peng J, Kumari S, Wu F, Karuppiah M, Raymond Choo KK (2017) An enhanced 1-round authentication protocol for wireless body area networks with user anonymity. Comput Electr Eng 61:238–249
Wu F, Xu L, Kumari S, Li X (2017) An improved and anonymous two-factor authentication protocol for health-care applications with wireless medical sensor networks. Multimed Syst 23:195–205
Wu F, Li X, Sangaiah AK, Xu L, Kumari S, Wu L, Shen J (2018) A lightweight and robust two-factor authentication scheme for personalized healthcare systems using wireless medical sensor networks. Futur Gener Comput Syst 82:727–737
Jiang Q, Zeadally S, Ma J, He D (2017) Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks. IEEE Access. 5:3376–3392
Li X, Niu J, Kumari S, Wu F, Sangaiah AK, Choo KKR (2018) A three-factor anonymous authentication scheme for wireless sensor networks in internet of things environments. J Netw Comput Appl 103:194–204
Dhillon PK, Kalra S (2017) Journal of information security and applications a lightweight biometrics based remote user authentication scheme for IoT services. J Inf Secur Appl 34:255–270
Al-ani MS, Al-Aloosi WM (2013) Biometrics fingerprint recognition using discrete cosine transform (DCT). Int J Comput Appl 69:975–8887
Lee JK, Ryu SR, Yoo KY (2002) Fingerprint-based remote user authentication scheme using smart cards. Electron Lett 38:554–555
Garcia-Alfaro J, Lioudakis G, Cuppens-Boulahia N, Foley S, Fitzgerald WM (eds) (2013) Data privacy management and autonomous spontaneous security. In: Workshop I
Acknowledgements
The authors are grateful to the Department of Science and Technology, New Delhi, India (SR/FST/ETI-371/2014), and the second author wishes to express sincere thanks to the INSPIRE fellowship (DST/INSPIRE Fellowship/2015/IF150629) for their financial support. They also wish to acknowledge SASTRA University, Thanjavur, for extending infrastructural support to carry out the work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Annashree Nivethitha, S., Baskar, C., Doraipandian, M. (2020). Mutual Authentication Scheme for the Management of End Devices in IoT Applications. In: Sengodan, T., Murugappan, M., Misra, S. (eds) Advances in Electrical and Computer Technologies. Lecture Notes in Electrical Engineering, vol 672. Springer, Singapore. https://doi.org/10.1007/978-981-15-5558-9_22
Download citation
DOI: https://doi.org/10.1007/978-981-15-5558-9_22
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-5557-2
Online ISBN: 978-981-15-5558-9
eBook Packages: Computer ScienceComputer Science (R0)