ABSTRACT
Health care is one of the primary beneficiaries of the technological revolution created by Internet of Things (IoT). In the implementation of health care with IoT, wireless body area network (WBAN) is a suitable communication tool. That being the case security has been one of the major concerns to efficiently utilize the services of WBAN. The diverse nature of the technologies involved in WBAN, the broadcast nature of wireless networks, and the existence of resource constrained devices are the main challenges to implement heavy security protocols for WBAN. In this paper we develop a risk-based adaptive authentication mechanism which continuously monitors the channel characteristics variation, analyzes a potential risk using naive Bayes machine learning algorithm and performs adaptation of the authentication solution. Our solution validates both the authenticity of the user and the device. In addition we evaluate the resource need of the selected authentication solution and provide an offloading functionality in case of scarce resource to perform the selected protocol. The approach is novel because it defines the whole adaptation process and methods required in each phase of the adaptation. The paper also briefly describes the evaluation case study - Smart Home eHealth.
- O. Ojo and O. Adigun, "A Grid Enabled Framework for Ubiquitous Healthcare Service Provisioning," in Advances in Grid Computing: InTech, 2011.Google Scholar
- J. Y. Khan and M. R. Yuce, "Wireless body area network (WBAN) for medical applications," New Developments in Biomedical Engineering. INTECH, 2010.Google Scholar
- R. V. Sampangi, S. Dey, S. R. Urs, and S. Sampalli, "A security suite for wireless body area networks," arXiv preprint arXiv:1202.2171, 2012.Google Scholar
- B. Vaidya, D. Makrakis, and H. T. Mouftah, "Device authentication mechanism for smart energy home area networks," in Consumer Electronics (ICCE), 2011 IEEE Int. Conference on, 2011, pp. 787--788.Google Scholar
- P. Kumar, A. Gurtov, J. Iinatti, M. Ylianttila, and M. Sain, "Lightweight and Secure Session-Key Establishment Scheme in Smart Home Environments," IEEE Sensors Journal, vol. 16, no. 1, pp. 254--264, 2016.Google ScholarDigital Library
- P. P. Gaikwad, J. P. Gabhane, and S. S. Golait, "3-level secure Kerberos authentication for Smart Home Systems using IoT," in Next Generation Computing Technologies (NGCT), 2015 1st International Conference on, 2015, pp. 262--268: IEEE.Google Scholar
- S. Z. Reyhani and M. Mahdavi, "User authentication using neural network in smart home networks," International Journal of Smart Home, vol. 1, no. 2, pp. 147--154, 2007.Google Scholar
- K. Han, T. Shon, and K. Kim, "Efficient mobile sensor authentication in smart home and WPAN," IEEE Transactions on Consumer Electronics, vol. 56, no. 2, 2010. Google ScholarDigital Library
- Y. Li, "Design of a key establishment protocol for smart home energy management system," in Computational Intelligence, Communication Systems and Networks (CICSyN), 2013 IEEE Fifth International Conference on, 2013, pp. 88--93. Google ScholarDigital Library
- S. N. Ramli, R. Ahmad, M. F. Abdollah, and E. Dutkiewicz, "A biometric-based security for data authentication in wireless body area network (wban)," in Advanced Communication Technology (ICACT), 2013 15th International Conference on, 2013, pp. 998--1001: IEEE.Google Scholar
- D. He, S. Zeadally, N. Kumar, and J.-H. Lee, "Anonymous authentication for wireless body area networks with provable security," IEEE Systems Journal, 2016.Google Scholar
- Y.-P. Kim, S. Yoo, and C. Yoo, "DAoT: Dynamic and energy-aware authentication for smart home appliances in Internet of Things," in Consumer Electronics (ICCE), 2015 IEEE International Conference on, 2015, pp. 196--197: IEEE.Google Scholar
- K. H. Wong, Y. Zheng, J. Cao, and S. Wang, "A dynamic user authentication scheme for wireless sensor networks," in Sensor Networks, Ubiquitous, and Trustworthy Computing, 2006. IEEE International Conference on, 2006, vol. 1, p. 8 pp.: IEEE. Google ScholarDigital Library
- Q. Chang, Y.-p. Zhang, and L.-l. Qin, "A node authentication protocol based on ECC in WSN," in Computer Design and Applications (ICCDA), 2010 Int. Conference on, 2010, vol. 2, V2-606--V2-609: IEEE.Google Scholar
- R. Hummen, H. Shafagh, S. Raza, T. Voig, and K. Wehrle, "Delegation-based Authentication and Authorization for the IP-based Internet of Things," in Sensing, Communication, and Networking (SECON), 2014 Eleventh Annual IEEE Int. Conference on, 2014, pp. 284--292: IEEE.Google Scholar
- S. Gerdes, O. Bergmann, and C. Bormann, "Delegated Authenticated Authorization for Constrained Environments," in Network Protocols (ICNP), 2014 IEEE 22nd Int. Conference on, 2014, pp. 654--659: IEEE. Google ScholarDigital Library
- N. Zhao, A. Ren, M. U. Rehman, Z. Zhang, X. Yang, and F. Hu, "Biometric Behavior Authentication Exploiting Propagation Characteristics of Wireless Channel," IEEE Access, vol. 4, pp. 4789--4796, 2016.Google ScholarCross Ref
- N. Zhao et al., "Double threshold authentication using body area radio channel characteristics," IEEE Communications Letters, vol. 20, no. 10, pp. 2099--2102, 2016.Google ScholarCross Ref
- R. Fantacci, F. Chiti, and L. Maccari, "Fast distributed bi-directional authentication for wireless sensor networks," Security and Communication Networks, vol. 1, no. 1, pp. 17--24, 2008.Google ScholarCross Ref
- P. Banerjee, T. Chatterjee, and S. DasBit, "LoENA: Low-overhead encryption based node authentication in WSN," in Advances in Computing, Communications and Informatics (ICACCI), 2015 International Conference on, 2015, pp. 2126--2132: IEEE.Google Scholar
- B. Mbarek, A. Meddeb, W. B. Jaballah, and M. Mosbah, "A secure authentication mechanism for resource constrained devices," in Computer Systems and Applications (AICCSA), 2015 IEEE/ACS 12th International Conference of, 2015, pp. 1--7: IEEE.Google Scholar
- S. Zhu, S. Setia, and S. Jajodia, "LEAP+: Efficient security mechanisms for large-scale distributed sensor networks," ACM Transactions on Sensor Networks (TOSN), vol. 2, no. 4, pp. 500--528, 2006. Google ScholarDigital Library
- J. Han and D. Kim, "A back-end offload architecture for security of resource-constrained networks," in Network Computing and Applications (NCA), 2016 IEEE 15th Int. Symposium on, 2016, pp. 383--387: IEEE.Google Scholar
- M. Mana, M. Feham, and B. A. Bensaber, "SEKEBAN (secure and efficient key exchange for wireless body area network)," International Journal of advanced science and technology, vol. 12, pp. 45--60, 2009.Google Scholar
- G. Caparra, M. Centenaro, N. Laurenti, S. Tomasin, and L. Vangelista, "Energy-based anchor node selection for IoT physical layer authentication," in Communications (ICC), 2016 IEEE International Conference on, 2016, pp. 1--6: IEEE.Google ScholarCross Ref
- K. Renaud, "A process for supporting risk-aware web authentication mechanism choice," Reliability Engineering & System Safety, vol. 92, no. 9, pp. 1204--1217, 2007.Google ScholarCross Ref
- I. Traore, I. Woungang, M. S. Obaidat, Y. Nakkabi, and I. Lai, "Online risk-based authentication using behavioral biometrics," Multimedia tools and applications, vol. 71, no. 2, pp. 575--605, 2014. Google ScholarDigital Library
- D. Hintze, E. Koch, S. Scholz, and R. Mayrhofer, "Location-based risk assessment for mobile authentication," in Proceedings of the 2016 ACM International Joint Conference on Pervasive and Ubiquitous Computing: Adjunct, 2016, pp. 85--88: ACM. Google ScholarDigital Library
- A. Hurkała and J. Hurkała, "Architecture of Context-Risk-Aware Authentication System for Web Environments," 2014.Google Scholar
- H. Gascon, S. Uellenbeck, C. Wolf, and K. Rieck, "Continuous Authentication on Mobile Devices by Analysis of Typing Motion Behavior," in Sicherheit, 2014, pp. 1--12.Google Scholar
- L. Li, X. Zhao, and G. Xue, "Unobservable Re-authentication for Smartphones," in NDSS, 2013.Google Scholar
- H. Abie, R. M. Savola, J. Bigham, I. Dattani, D. Rotondi, and G. Da Bormida, "Self-healing and secure adaptive messaging middleware for business-critical systems," International Journal on Advances in Security, vol. 3, no. 1&2, 2010.Google Scholar
- R. M. Savola, H. Abie, and M. Sihvonen, "Towards metrics-driven adaptive security management in e-health IoT applications," in Proceedings of the 7th International Conference on Body Area Networks, 2012, pp. 276--281: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). Google ScholarDigital Library
- R. M. Savola and H. Abie, "Metrics-driven security objective decomposition for an e-health application with adaptive security management," in Proceedings of the International Workshop on Adaptive Security, 2013, p. 6: ACM. Google ScholarDigital Library
- A. B. Torjusen, H. Abie, E. Paintsil, D. Trcek, and Å. Skomedal, "Towards run-time verification of adaptive security for IoT in eHealth," in Proceedings of the 2014 European Conference on Software Architecture Workshops, 2014, p. 4: ACM. Google ScholarDigital Library
- H. Abie and I. Balasingham, "Risk-based adaptive security for smart IoT in eHealth," in Proceedings of the 7th International Conference on Body Area Networks, 2012, pp. 269--275: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). Google ScholarDigital Library
- R. Hulsebosch, M. Bargh, G. Lenzini, P. Ebben, and S. Iacob, "Context sensitive adaptive authentication," Smart Sensing and Context, pp. 93--109, 2007. Google ScholarDigital Library
- M. Sarvabhatla and C. S. Vorugunti, "A Secure Biometric-Based User Authentication Scheme for Heterogeneous WSN," in Emerging Applications of Information Technology (EAIT), 2014 Fourth International Conference of, 2014, pp. 367--372: IEEE. Google ScholarDigital Library
- J. Spooren, D. Preuveneers, and W. Joosen, "Leveraging Battery Usage from Mobile Devices for Active Authentication," Mobile Information Systems, vol. 2017, pp. 1--14, 2017.Google ScholarCross Ref
- M. Hamdi and H. Abie, "Game-based adaptive security in the Internet of Things for eHealth," in Communications (ICC), 2014 IEEE International Conference on, 2014, pp. 920--925: IEEE.Google ScholarCross Ref
- M. A. Ferrag, L. A. Maglaras, H. Janicke, and J. Jiang, "Authentication Protocols for Internet of Things: A Comprehensive Survey," arXiv preprint arXiv:1612.07206, 2016.Google Scholar
- S. Prameela and P. Ponmuthuramalingam, "A robust energy efficient and secure data dissemination protocol for wireless body area networks," in Advances in Computer Applications (ICACA), IEEE International Conference on, 2016, pp. 131--134: IEEE.Google Scholar
- M. Rizk and M. Mokhtar, "An efficient authentication protocol and key establishment in dynamic WSN," in Information Communication and Management (ICICM), Int. Conference on, 2016, pp. 178--182: IEEE.Google Scholar
- M. Särestöniemi, T. Tuovinen, M. Hämäläinen, K. Y. Yazdandoost, and J. Iinatti, "Channel modeling for UWB WBAN on-off body communication link with finite integration technique," in Proceedings of the 7th International Conference on Body Area Networks, 2012, pp. 235--241: ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering). Google ScholarDigital Library
- S.-H. Han and S. K. Park, "Performance analysis of wireless body area network in indoor off-body communication," IEEE Transactions on Consumer Electronics, vol. 57, no. 2, 2011.Google ScholarCross Ref
- A. Taparugssanagorn, C. Pomalaza-Ráez, R. Tesi, M. Hämäläinen, J. Iinatti, and R. Kohno, "UWB Channel Characteristics in the Proximity of a Dynamic Human Body for WBAN Medical Applications," in Submitted to Int. Symp. on Medical Information and Communication Technology (ISMICT), 2010.Google Scholar
- L. Shi, M. Li, S. Yu, and J. Yuan, "BANA: body area network authentication exploiting channel characteristics," IEEE Journal on selected Areas in Communications, vol. 31, no. 9, pp. 1803--1816, 2013.Google Scholar
- A. Kalamandeen, A. Scannell, E. de Lara, A. Sheth, and A. LaMarca, "Ensemble: cooperative proximity-based authentication," in Proceedings of the 8th international conference on Mobile systems, applications, and services, 2010, pp. 331--344: ACM. Google ScholarDigital Library
- A. Scannell, A. Varshavsky, A. LaMarca, and E. De Lara, "Proximity-based authentication of mobile devices," International Journal of Security and Networks, vol. 4, no. 1--2, pp. 4--16, 2009. Google ScholarDigital Library
- Z. Li, W. Xu, R. Miller, and W. Trappe, "Securing wireless systems via lower layer enforcements," in Proceedings of the 5th ACM workshop on Wireless security, 2006, pp. 33--42: ACM. Google ScholarDigital Library
- N. Patwari and S. K. Kasera, "Robust location distinction using temporal link signatures," in Proceedings of the 13th annual ACM international conference on Mobile computing and networking, 2007, pp. 111--122: Google ScholarDigital Library
- A. Domazetovic, L. J. Greenstein, N. B. Mandayam, and I. Seskar, "Estimating the Doppler spectrum of a short-range fixed wireless channel," IEEE Communications Letters, vol. 7, no. 5, 227--229, 2003.Google ScholarCross Ref
- X. Yin, J. Chen, M. Tian, N. Zhang, Z. Zhong, S. X. Lu, Personal authentication using the fingerprints of intra-body radio propagation channels, 2013 7th Int. Symp. on Medical Information and Communication Technology (ISMICT), 6--8 March 2013Google Scholar
Index Terms
- Risk-based adaptive authentication for internet of things in smart home eHealth
Recommendations
Internet of Things for enabling smart environments: A technology-centric perspective
The Internet of Things (IoT) is a computing paradigm whereby everyday life objects are augmented with computational and wireless communication capabilities, typically through the incorporation of resource-constrained devices including sensors and ...
Risk-based adaptive security for smart IoT in eHealth
BodyNets '12: Proceedings of the 7th International Conference on Body Area NetworksEmerging Internet of Things (IoTs) technologies provide many benefits to the improvement of eHealth. The successful deployment of IoTs depends on ensuring security and privacy that need to adapt to their processing capabilities and resource use. IoTs ...
A testbed for adaptive security for IoT in eHealth
ASPI '13: Proceedings of the International Workshop on Adaptive SecurityWireless Body Area Sensor Networks (WBASNs) are networks of low-power sensing objects that collect and send vital signs of a patient using low-rate communication media. They have been originally created to improve the efficiency of e-health applications ...
Comments