6533b85bfe1ef96bd12bb174

RESEARCH PRODUCT

Authentication and authorization security solution for the internet of thing

subject

description

The Internet of Things (IoT) represents the interconnection between the Internet and physical objects, places and environments. However, this extensive connectivity of IoT can be hampered by malicious interventions from cyber attackers. Thus, ensuring security for users and IoT devices remains a challenge, especially authentication and authorization, which are essential building blocks of the security process. This is due to the unconventional IoT characteristics, including scalability, heterogeneity, interoperability, and dynamic changes, which make the existing security measures inadequate. Indeed, these characteristics bring up several security requirements to consider when defining a secure IoT system. Thus, this dissertation focuses on designing a secure IoT system that achieves the main security concepts, namely the authentication and the authorization for a large-scale IoT environment. This IoT system provides an effective and efficient secure IoT solution that achieves a tradeoff between the security requirements and the network performance. To this end, we proposed a lightweight authentication scheme that meets the need for limited resources and the dynamic changes related to the one-to-one scenarios. This scheme is based on a token of identification to secure access during a prefixed predetermined time interval. We both developed a prototype of this solution for a smart hotel use case, and conducted experiments and simulations to show its effectiveness. Besides, to protect the sharing access between many users and devices, a decentralized access control mechanism was introduced using a decentralized group-key management to meet the scalability, heterogeneity, and dynamic changes issues. Furthermore, to ensure security for an extensive scale of communications based on groups, a distributed group authentication based on blockchain technology is adopted in order to meet the requirement of a large-scale heterogeneous environment. The blockchain provides our secure IoT system with a trustless, immutable, and distributed ledger that records users’ information and traceability. Further, it facilitates the design of a distributed group authentication protocol without relying on a third party and eliminates the user re-authenticating process.