research-article

Risk-based adaptive authentication for internet of things in smart home eHealth

Authors:
Mattias T. Gebrie

Corso Duca degli Abruzzi, Torino, Italy

Corso Duca degli Abruzzi, Torino, Italy
View Profile

,
Habtamu Abie

Norwegian Computing Center, Oslo, Norway

Norwegian Computing Center, Oslo, Norway
View Profile

ECSA '17: Proceedings of the 11th European Conference on Software Architecture: Companion ProceedingsSeptember 2017Pages 102–108https://doi.org/10.1145/3129790.3129801

Published:11 September 2017Publication History

ECSA '17: Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings

Pages 102–108

ABSTRACT

Health care is one of the primary beneficiaries of the technological revolution created by Internet of Things (IoT). In the implementation of health care with IoT, wireless body area network (WBAN) is a suitable communication tool. That being the case security has been one of the major concerns to efficiently utilize the services of WBAN. The diverse nature of the technologies involved in WBAN, the broadcast nature of wireless networks, and the existence of resource constrained devices are the main challenges to implement heavy security protocols for WBAN. In this paper we develop a risk-based adaptive authentication mechanism which continuously monitors the channel characteristics variation, analyzes a potential risk using naive Bayes machine learning algorithm and performs adaptation of the authentication solution. Our solution validates both the authenticity of the user and the device. In addition we evaluate the resource need of the selected authentication solution and provide an offloading functionality in case of scarce resource to perform the selected protocol. The approach is novel because it defines the whole adaptation process and methods required in each phase of the adaptation. The paper also briefly describes the evaluation case study - Smart Home eHealth.

References

O. Ojo and O. Adigun, "A Grid Enabled Framework for Ubiquitous Healthcare Service Provisioning," in Advances in Grid Computing: InTech, 2011.Google Scholar
J. Y. Khan and M. R. Yuce, "Wireless body area network (WBAN) for medical applications," New Developments in Biomedical Engineering. INTECH, 2010.Google Scholar
R. V. Sampangi, S. Dey, S. R. Urs, and S. Sampalli, "A security suite for wireless body area networks," arXiv preprint arXiv:1202.2171, 2012.Google Scholar
B. Vaidya, D. Makrakis, and H. T. Mouftah, "Device authentication mechanism for smart energy home area networks," in Consumer Electronics (ICCE), 2011 IEEE Int. Conference on, 2011, pp. 787--788.Google Scholar
P. Kumar, A. Gurtov, J. Iinatti, M. Ylianttila, and M. Sain, "Lightweight and Secure Session-Key Establishment Scheme in Smart Home Environments," IEEE Sensors Journal, vol. 16, no. 1, pp. 254--264, 2016.Google ScholarDigital Library
P. P. Gaikwad, J. P. Gabhane, and S. S. Golait, "3-level secure Kerberos authentication for Smart Home Systems using IoT," in Next Generation Computing Technologies (NGCT), 2015 1st International Conference on, 2015, pp. 262--268: IEEE.Google Scholar
S. Z. Reyhani and M. Mahdavi, "User authentication using neural network in smart home networks," International Journal of Smart Home, vol. 1, no. 2, pp. 147--154, 2007.Google Scholar
K. Han, T. Shon, and K. Kim, "Efficient mobile sensor authentication in smart home and WPAN," IEEE Transactions on Consumer Electronics, vol. 56, no. 2, 2010. Google ScholarDigital Library
Y. Li, "Design of a key establishment protocol for smart home energy management system," in Computational Intelligence, Communication Systems and Networks (CICSyN), 2013 IEEE Fifth International Conference on, 2013, pp. 88--93. Google ScholarDigital Library
S. N. Ramli, R. Ahmad, M. F. Abdollah, and E. Dutkiewicz, "A biometric-based security for data authentication in wireless body area network (wban)," in Advanced Communication Technology (ICACT), 2013 15th International Conference on, 2013, pp. 998--1001: IEEE.Google Scholar
D. He, S. Zeadally, N. Kumar, and J.-H. Lee, "Anonymous authentication for wireless body area networks with provable security," IEEE Systems Journal, 2016.Google Scholar
Y.-P. Kim, S. Yoo, and C. Yoo, "DAoT: Dynamic and energy-aware authentication for smart home appliances in Internet of Things," in Consumer Electronics (ICCE), 2015 IEEE International Conference on, 2015, pp. 196--197: IEEE.Google Scholar
K. H. Wong, Y. Zheng, J. Cao, and S. Wang, "A dynamic user authentication scheme for wireless sensor networks," in Sensor Networks, Ubiquitous, and Trustworthy Computing, 2006. IEEE International Conference on, 2006, vol. 1, p. 8 pp.: IEEE. Google ScholarDigital Library
Q. Chang, Y.-p. Zhang, and L.-l. Qin, "A node authentication protocol based on ECC in WSN," in Computer Design and Applications (ICCDA), 2010 Int. Conference on, 2010, vol. 2, V2-606--V2-609: IEEE.Google Scholar
R. Hummen, H. Shafagh, S. Raza, T. Voig, and K. Wehrle, "Delegation-based Authentication and Authorization for the IP-based Internet of Things," in Sensing, Communication, and Networking (SECON), 2014 Eleventh Annual IEEE Int. Conference on, 2014, pp. 284--292: IEEE.Google Scholar
S. Gerdes, O. Bergmann, and C. Bormann, "Delegated Authenticated Authorization for Constrained Environments," in Network Protocols (ICNP), 2014 IEEE 22nd Int. Conference on, 2014, pp. 654--659: IEEE. Google ScholarDigital Library
N. Zhao, A. Ren, M. U. Rehman, Z. Zhang, X. Yang, and F. Hu, "Biometric Behavior Authentication Exploiting Propagation Characteristics of Wireless Channel," IEEE Access, vol. 4, pp. 4789--4796, 2016.Google ScholarCross Ref
N. Zhao et al., "Double threshold authentication using body area radio channel characteristics," IEEE Communications Letters, vol. 20, no. 10, pp. 2099--2102, 2016.Google ScholarCross Ref
R. Fantacci, F. Chiti, and L. Maccari, "Fast distributed bi-directional authentication for wireless sensor networks," Security and Communication Networks, vol. 1, no. 1, pp. 17--24, 2008.Google ScholarCross Ref
P. Banerjee, T. Chatterjee, and S. DasBit, "LoENA: Low-overhead encryption based node authentication in WSN," in Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, 2015, pp. 2126--2132: IEEE.Google Scholar
B. Mbarek, A. Meddeb, W. B. Jaballah, and M. Mosbah, "A secure authentication mechanism for resource constrained devices," in Computer Systems and Applications (AICCSA), 2015 IEEE/ACS 12th International Conference of, 2015, pp. 1--7: IEEE.Google Scholar
S. Zhu, S. Setia, and S. Jajodia, "LEAP+: Efficient security mechanisms for large-scale distributed sensor networks," ACM Transactions on Sensor Networks (TOSN), vol. 2, no. 4, pp. 500--528, 2006. Google ScholarDigital Library
J. Han and D. Kim, "A back-end offload architecture for security of resource-constrained networks," in Network Computing and Applications (NCA), 2016 IEEE 15th Int. Symposium on, 2016, pp. 383--387: IEEE.Google Scholar
M. Mana, M. Feham, and B. A. Bensaber, "SEKEBAN (secure and efficient key exchange for wireless body area network)," International Journal of advanced science and technology, vol. 12, pp. 45--60, 2009.Google Scholar
G. Caparra, M. Centenaro, N. Laurenti, S. Tomasin, and L. Vangelista, "Energy-based anchor node selection for IoT physical layer authentication," in Communications (ICC), 2016 IEEE International Conference on, 2016, pp. 1--6: IEEE.Google ScholarCross Ref
K. Renaud, "A process for supporting risk-aware web authentication mechanism choice," Reliability Engineering & System Safety, vol. 92, no. 9, pp. 1204--1217, 2007.Google ScholarCross Ref
I. Traore, I. Woungang, M. S. Obaidat, Y. Nakkabi, and I. Lai, "Online risk-based authentication using behavioral biometrics," Multimedia tools and applications, vol. 71, no. 2, pp. 575--605, 2014. Google ScholarDigital Library
D. Hintze, E. Koch, S. Scholz, and R. Mayrhofer, "Location-based risk assessment for mobile authentication," in Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct, 2016, pp. 85--88: ACM. Google ScholarDigital Library
A. Hurkała and J. Hurkała, "Architecture of Context-Risk-Aware Authentication System for Web Environments," 2014.Google Scholar
H. Gascon, S. Uellenbeck, C. Wolf, and K. Rieck, "Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior," in Sicherheit, 2014, pp. 1--12.Google Scholar
L. Li, X. Zhao, and G. Xue, "Unobservable Re-authentication for Smartphones," in NDSS, 2013.Google Scholar
H. Abie, R. M. Savola, J. Bigham, I. Dattani, D. Rotondi, and G. Da Bormida, "Self-healing and secure adaptive messaging middleware for business-critical systems," International Journal on Advances in Security, vol. 3, no. 1&2, 2010.Google Scholar
R. M. Savola, H. Abie, and M. Sihvonen, "Towards metrics-driven adaptive security management in e-health IoT applications," in Proceedings of the 7th International Conference on Body Area Networks, 2012, pp. 276--281: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). Google ScholarDigital Library
R. M. Savola and H. Abie, "Metrics-driven security objective decomposition for an e-health application with adaptive security management," in Proceedings of the International Workshop on Adaptive Security, 2013, p. 6: ACM. Google ScholarDigital Library
A. B. Torjusen, H. Abie, E. Paintsil, D. Trcek, and Å. Skomedal, "Towards run-time verification of adaptive security for IoT in eHealth," in Proceedings of the 2014 European Conference on Software Architecture Workshops, 2014, p. 4: ACM. Google ScholarDigital Library
H. Abie and I. Balasingham, "Risk-based adaptive security for smart IoT in eHealth," in Proceedings of the 7th International Conference on Body Area Networks, 2012, pp. 269--275: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). Google ScholarDigital Library
R. Hulsebosch, M. Bargh, G. Lenzini, P. Ebben, and S. Iacob, "Context sensitive adaptive authentication," Smart Sensing and Context, pp. 93--109, 2007. Google ScholarDigital Library
M. Sarvabhatla and C. S. Vorugunti, "A Secure Biometric-Based User Authentication Scheme for Heterogeneous WSN," in Emerging Applications of Information Technology (EAIT), 2014 Fourth International Conference of, 2014, pp. 367--372: IEEE. Google ScholarDigital Library
J. Spooren, D. Preuveneers, and W. Joosen, "Leveraging Battery Usage from Mobile Devices for Active Authentication," Mobile Information Systems, vol. 2017, pp. 1--14, 2017.Google ScholarCross Ref
M. Hamdi and H. Abie, "Game-based adaptive security in the Internet of Things for eHealth," in Communications (ICC), 2014 IEEE International Conference on, 2014, pp. 920--925: IEEE.Google ScholarCross Ref
M. A. Ferrag, L. A. Maglaras, H. Janicke, and J. Jiang, "Authentication Protocols for Internet of Things: A Comprehensive Survey," arXiv preprint arXiv:1612.07206, 2016.Google Scholar
S. Prameela and P. Ponmuthuramalingam, "A robust energy efficient and secure data dissemination protocol for wireless body area networks," in Advances in Computer Applications (ICACA), IEEE International Conference on, 2016, pp. 131--134: IEEE.Google Scholar
M. Rizk and M. Mokhtar, "An efficient authentication protocol and key establishment in dynamic WSN," in Information Communication and Management (ICICM), Int. Conference on, 2016, pp. 178--182: IEEE.Google Scholar
M. Särestöniemi, T. Tuovinen, M. Hämäläinen, K. Y. Yazdandoost, and J. Iinatti, "Channel modeling for UWB WBAN on-off body communication link with finite integration technique," in Proceedings of the 7th International Conference on Body Area Networks, 2012, pp. 235--241: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). Google ScholarDigital Library
S.-H. Han and S. K. Park, "Performance analysis of wireless body area network in indoor off-body communication," IEEE Transactions on Consumer Electronics, vol. 57, no. 2, 2011.Google ScholarCross Ref
A. Taparugssanagorn, C. Pomalaza-Ráez, R. Tesi, M. Hämäläinen, J. Iinatti, and R. Kohno, "UWB Channel Characteristics in the Proximity of a Dynamic Human Body for WBAN Medical Applications," in Submitted to Int. Symp. on Medical Information and Communication Technology (ISMICT), 2010.Google Scholar
L. Shi, M. Li, S. Yu, and J. Yuan, "BANA: body area network authentication exploiting channel characteristics," IEEE Journal on selected Areas in Communications, vol. 31, no. 9, pp. 1803--1816, 2013.Google Scholar
A. Kalamandeen, A. Scannell, E. de Lara, A. Sheth, and A. LaMarca, "Ensemble: cooperative proximity-based authentication," in Proceedings of the 8th international conference on Mobile systems, applications, and services, 2010, pp. 331--344: ACM. Google ScholarDigital Library
A. Scannell, A. Varshavsky, A. LaMarca, and E. De Lara, "Proximity-based authentication of mobile devices," International Journal of Security and Networks, vol. 4, no. 1--2, pp. 4--16, 2009. Google ScholarDigital Library
Z. Li, W. Xu, R. Miller, and W. Trappe, "Securing wireless systems via lower layer enforcements," in Proceedings of the 5th ACM workshop on Wireless security, 2006, pp. 33--42: ACM. Google ScholarDigital Library
N. Patwari and S. K. Kasera, "Robust location distinction using temporal link signatures," in Proceedings of the 13th annual ACM international conference on Mobile computing and networking, 2007, pp. 111--122: Google ScholarDigital Library
A. Domazetovic, L. J. Greenstein, N. B. Mandayam, and I. Seskar, "Estimating the Doppler spectrum of a short-range fixed wireless channel," IEEE Communications Letters, vol. 7, no. 5, 227--229, 2003.Google ScholarCross Ref
X. Yin, J. Chen, M. Tian, N. Zhang, Z. Zhong, S. X. Lu, Personal authentication using the fingerprints of intra-body radio propagation channels, 2013 7th Int. Symp. on Medical Information and Communication Technology (ISMICT), 6--8 March 2013Google Scholar

Index Terms

Risk-based adaptive authentication for internet of things in smart home eHealth
1. Security and privacy
  1. Network security
    1. Mobile and wireless security

Recommendations

Internet of Things for enabling smart environments: A technology-centric perspective

The Internet of Things (IoT) is a computing paradigm whereby everyday life objects are augmented with computational and wireless communication capabilities, typically through the incorporation of resource-constrained devices including sensors and ...
Read More
Risk-based adaptive security for smart IoT in eHealth
BodyNets '12: Proceedings of the 7th International Conference on Body Area Networks

Emerging Internet of Things (IoTs) technologies provide many benefits to the improvement of eHealth. The successful deployment of IoTs depends on ensuring security and privacy that need to adapt to their processing capabilities and resource use. IoTs ...
Read More
A testbed for adaptive security for IoT in eHealth
ASPI '13: Proceedings of the International Workshop on Adaptive Security

Wireless Body Area Sensor Networks (WBASNs) are networks of low-power sensing objects that collect and send vital signs of a patient using low-rate communication media. They have been originally created to improve the efficiency of e-health applications ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ECSA '17: Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings
September 2017
215 pages
ISBN:9781450352178
DOI:10.1145/3129790
General Chair:
Rogério de Lemos
University of Kent, UK
Copyright © 2017 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 11 September 2017
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
IoT
WBAN
adaptive authentication
eHealth
machine learning
risk-based
smart home
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate48of72submissions,67%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 24
  Total Citations
  View Citations
- 543
  Total Downloads
- Downloads (Last 12 months)44
- Downloads (Last 6 weeks)3
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Risk-based adaptive authentication for internet of things in smart home eHealth

ECSA '17: Proceedings of the 11th European Conference on Software Architecture: Companion Proceedings

ABSTRACT

References

Cited By

Index Terms

Recommendations

Internet of Things for enabling smart environments: A technology-centric perspective

Risk-based adaptive security for smart IoT in eHealth

A testbed for adaptive security for IoT in eHealth