Authentication in cloud-driven IoT-based big data environment: Survey and outlook

Abstract The Internet of Things (IoT) is composed of different networked objects (i.e., smart devices) which are interconnected to gather, process, refine, and exchange meaningful data over the Internet. These objects are assigned to their respective IP addresses, and they are able to send and receive data over a network without any human assistance. IoT offers different types of applications, such as, but not limited to, smart traffic monitoring, smart home, smart health care and smart cities, to name a few. In a Cyber-Physical System (CPS), computing elements coordinate and communicate with sensor devices, which monitor cyber and physical indicators, and actuators, and also modify the cyber and physical environment where they run. The synergy of computational as well as physical components, specifically the use of CPSs, led to the advancement of IoT implementations. In a cloud-driven IoT-based big data environment, a cloud-based platform is used to store the data generated by IoT devices (normally by sensor devices) which further can be considered as a big data warehouse. This environment is highly scalable and provides important real-time event processing (for example, in critical scenarios like surveillance and monitoring of an industrial plant). In IoT-based critical applications, the real-time data access is obligatory as and when it is required. Such access is possible if we permit only authorized external users to access the real-time data directly from the IoT sensors. Sometimes authorized user may also request for big data query processing and big data analytics over the data stored in cloud servers to figure out hidden patterns of some phenomena (i.e., chances of fire in an industrial plant in future). Therefore, we need secure authentication schemes for cloud-driven IoT-based big data environment in which a legitimate user and an IoT sensor can mutually authenticate each other and establish a common session key for secure communication. In this context, this paper first discusses the network and threat models of the authentication schemes for cloud-driven IoT-based big data environment. Some security requirements, issues and challenges of this environment are then discussed. A taxonomy of various existing authentication schemes applicable for cloud-driven IoT-based big data environment is also discussed, which covers a comparative study of these schemes. We identify and briefly discuss some future research challenges in designing the authentication schemes and other security protocols for cloud-driven IoT-based big data environment that need to be addressed in the future.

[1]  Cheng-Chi Lee,et al.  Two Attacks on a Two-Factor User Authentication in Wireless Sensor Networks , 2011, Parallel Process. Lett..

[2]  Basit Shafiq,et al.  A Random Decision Tree Framework for Privacy-Preserving Data Mining , 2014, IEEE Transactions on Dependable and Secure Computing.

[3]  Mauro Conti,et al.  Design of Secure User Authenticated Key Management Protocol for Generic IoT Networks , 2018, IEEE Internet of Things Journal.

[4]  David M. Eyers,et al.  Twenty Security Considerations for Cloud-Supported Internet of Things , 2016, IEEE Internet of Things Journal.

[5]  Tony Q. S. Quek,et al.  Lightweight and Practical Anonymous Authentication Protocol for RFID Systems Using Physically Unclonable Functions , 2018, IEEE Transactions on Information Forensics and Security.

[6]  Muhammad Khurram Khan,et al.  Design of an anonymity-preserving three-factor authenticated key exchange protocol for wireless sensor networks , 2016, Comput. Networks.

[7]  Marko Hölbl,et al.  A novel user authentication and key agreement scheme for heterogeneous ad hoc wireless sensor networks, based on the Internet of Things notion , 2014, Ad Hoc Networks.

[8]  Hugo Krawczyk,et al.  Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels , 2001, EUROCRYPT.

[9]  Jenq-Shiou Leu,et al.  A Robust User Authentication Scheme Using Dynamic Identity in Wireless Sensor Networks , 2014, Wirel. Pers. Commun..

[10]  Athanasios V. Vasilakos,et al.  Design of secure key management and user authentication scheme for fog computing services , 2019, Future Gener. Comput. Syst..

[11]  Amit P. Sheth,et al.  Internet of Things to Smart IoT Through Semantic, Cognitive, and Perceptual Computing , 2016, IEEE Intelligent Systems.

[12]  Manik Lal Das,et al.  Two-factor user authentication in wireless sensor networks , 2009, IEEE Transactions on Wireless Communications.

[13]  Athanasios V. Vasilakos,et al.  Authenticated key management protocol for cloud-assisted body area sensor networks , 2018, J. Netw. Comput. Appl..

[14]  Ibrar Yaqoob,et al.  Big IoT Data Analytics: Architecture, Opportunities, and Open Research Challenges , 2017, IEEE Access.

[15]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[16]  Joel J. P. C. Rodrigues,et al.  2PBDC: privacy-preserving bigdata collection in cloud environment , 2018, The Journal of Supercomputing.

[17]  Sherali Zeadally,et al.  A secure enhanced privacy-preserving key agreement protocol for wireless mobile networks , 2018, Telecommun. Syst..

[18]  Prem Prakash Jayaraman,et al.  IOTSim: A simulator for analysing IoT applications , 2017, J. Syst. Archit..

[19]  Ping Wang,et al.  Understanding security failures of two-factor authentication schemes for real-time applications in hierarchical wireless sensor networks , 2014, Ad Hoc Networks.

[20]  Chin-Chen Chang,et al.  A Provably Secure, Efficient, and Flexible Authentication Scheme for Ad hoc Wireless Sensor Networks , 2016, IEEE Transactions on Wireless Communications.

[21]  Saru Kumari,et al.  An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment , 2016, Ad Hoc Networks.

[22]  H. T. Mouftah,et al.  Improved two-factor user authentication in wireless sensor networks , 2010, 2010 IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications.

[23]  Lixiang Li,et al.  General Theory of Security and a Study Case in Internet of Things , 2017, IEEE Internet of Things Journal.

[24]  Donghyun Kim,et al.  PBF: A New Privacy-Aware Billing Framework for Online Electric Vehicles with Bidirectional Auditability , 2015, Wirel. Commun. Mob. Comput..

[25]  Sherali Zeadally,et al.  Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment , 2017, Future Gener. Comput. Syst..

[26]  David Pointcheval,et al.  Password-Based Authenticated Key Exchange in the Three-Party Setting , 2005, Public Key Cryptography.

[27]  Athanasios V. Vasilakos,et al.  Biometrics-Based Privacy-Preserving User Authentication Scheme for Cloud-Based Industrial Internet of Things Deployment , 2018, IEEE Internet of Things Journal.

[28]  Eun-Jun Yoon,et al.  Secure Signature-Based Authenticated Key Establishment Scheme for Future IoT Applications , 2017, IEEE Access.

[29]  Zhihui Lu,et al.  Smart-toy-edge-computing-oriented data exchange based on blockchain , 2018, J. Syst. Archit..

[30]  Ruhul Amin,et al.  A secure light weight scheme for user authentication and key agreement in multi-gateway based wireless sensor networks , 2016, Ad Hoc Networks.

[31]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[32]  Robert H. Sloan,et al.  Examining Smart-Card Security under the Threat of Power Analysis Attacks , 2002, IEEE Trans. Computers.

[33]  Ashok Kumar Das,et al.  2PAKEP: Provably Secure and Efficient Two-Party Authenticated Key Exchange Protocol for Mobile Environment , 2018, IEEE Access.

[34]  Muhammad Khurram Khan,et al.  Cryptanalysis and Security Improvements of ‘Two-Factor User Authentication in Wireless Sensor Networks’ , 2010, Sensors.

[35]  Kyung-Sup Kwak,et al.  The Internet of Things for Health Care: A Comprehensive Survey , 2015, IEEE Access.

[36]  Willy Susilo,et al.  Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment , 2020, IEEE Transactions on Dependable and Secure Computing.

[37]  Edgar Tello-Leal,et al.  Methodology for the model-driven development of service oriented IoT applications , 2018, J. Syst. Archit..

[38]  Sherali Zeadally,et al.  Certificateless Public Key Authenticated Encryption With Keyword Search for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[39]  Biplab Sikdar,et al.  An Efficient Data Aggregation Scheme for Privacy-Friendly Dynamic Pricing-Based Billing and Demand-Response Management in Smart Grids , 2018, IEEE Internet of Things Journal.

[40]  Ronald L. Rivest,et al.  Responses to NIST's proposal , 1992, CACM.

[41]  Jia-Lun Tsai,et al.  A Privacy-Aware Authentication Scheme for Distributed Mobile Cloud Computing Services , 2015, IEEE Systems Journal.

[42]  Prosanta Gope,et al.  A Realistic Lightweight Anonymous Authentication Protocol for Securing Real-Time Application Data Access in Wireless Sensor Networks , 2016, IEEE Transactions on Industrial Electronics.

[43]  Sherali Zeadally,et al.  Efficient and Provably Secure Distributed Signing Protocol for Mobile Devices in Wireless Networks , 2018, IEEE Internet of Things Journal.

[44]  Ashok Kumar Das,et al.  A Secure and Efficient User Anonymity-Preserving Three-Factor Authentication Protocol for Large-Scale Distributed Wireless Sensor Networks , 2015, Wirel. Pers. Commun..

[45]  Xiong Li,et al.  A privacy-preserving and provable user authentication scheme for wireless sensor networks based on Internet of Things security , 2017, J. Ambient Intell. Humaniz. Comput..

[46]  M. Ylianttila,et al.  Group Key Establishment for Enabling Secure Multicast Communication in Wireless Sensor Networks Deployed for IoT Applications , 2015, IEEE Access.

[47]  Jian Shen,et al.  An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment , 2017, J. Netw. Comput. Appl..

[48]  Ruhul Amin,et al.  Lightweight and privacy-preserving RFID authentication scheme for distributed IoT infrastructure with secure localization services for smart city environment , 2018, Future Gener. Comput. Syst..

[49]  Andrei V. Gurtov,et al.  Two-phase authentication protocol for wireless sensor networks in distributed IoT applications , 2014, 2014 IEEE Wireless Communications and Networking Conference (WCNC).

[50]  Bengt Ahlgren,et al.  Internet of Things for Smart Cities: Interoperability and Open Data , 2016, IEEE Internet Computing.

[51]  Bruno Blanchet,et al.  Models and Proofs of Protocol Security: A Progress Report , 2009, CAV.

[52]  Dheerendra Mishra,et al.  Secure and efficient user authentication scheme for multi-gateway wireless sensor networks , 2017, Ad Hoc Networks.

[53]  Peter Kruus,et al.  TinyPK: securing sensor networks with public key technology , 2004, SASN '04.

[54]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[55]  Xiong Li,et al.  Privacy Preserving Data Aggregation Scheme for Mobile Edge Computing Assisted IoT Applications , 2019, IEEE Internet of Things Journal.

[56]  Athanasios V. Vasilakos,et al.  IoT-Based Big Data Storage Systems in Cloud Computing: Perspectives and Challenges , 2017, IEEE Internet of Things Journal.

[57]  Joel J. P. C. Rodrigues,et al.  SecSVA: Secure Storage, Verification, and Auditing of Big Data in the Cloud Environment , 2018, IEEE Communications Magazine.

[58]  Athanasios V. Vasilakos,et al.  Providing Healthcare-as-a-Service Using Fuzzy Rule Based Big Data Analytics in Cloud Computing , 2018, IEEE Journal of Biomedical and Health Informatics.

[59]  Ping Wang,et al.  Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment , 2015, IEEE Transactions on Dependable and Secure Computing.

[60]  Da-Zhi Sun,et al.  On the security and improvement of a two-factor user authentication scheme in wireless sensor networks , 2012, Personal and Ubiquitous Computing.

[61]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[62]  Ashok Kumar Das,et al.  Anonymous Lightweight Chaotic Map-Based Authenticated Key Agreement Protocol for Industrial Internet of Things , 2020, IEEE Transactions on Dependable and Secure Computing.

[63]  Ashok Kumar Das,et al.  A secure and robust temporal credential-based three-factor user authentication scheme for wireless sensor networks , 2016, Peer-to-Peer Netw. Appl..

[64]  Jian Shen,et al.  Efficient Privacy-Aware Authentication Scheme for Mobile Cloud Computing Services , 2018, IEEE Systems Journal.

[65]  José María Sierra,et al.  A light-weight authentication scheme for wireless sensor networks , 2011, Ad Hoc Networks.

[66]  Ruhul Amin,et al.  Efficient authentication protocol for secure multimedia communications in IoT-enabled wireless sensor networks , 2017, Multimedia Tools and Applications.

[67]  Lilian Bossuet,et al.  Implementation and Characterization of a Physical Unclonable Function for IoT: A Case Study With the TERO-PUF , 2018, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[68]  Kim-Kwang Raymond Choo,et al.  Design of Secure and Lightweight Authentication Protocol for Wearable Devices Environment , 2018, IEEE Journal of Biomedical and Health Informatics.

[69]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[70]  Athanasios V. Vasilakos,et al.  A Novel Authentication and Key Agreement Scheme for Implantable Medical Devices Deployment , 2018, IEEE Journal of Biomedical and Health Informatics.

[71]  Vanga Odelu,et al.  An efficient biometric-based privacy-preserving three-party authentication with key agreement protocol using smart cards , 2015, Secur. Commun. Networks.

[72]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[73]  Fan Wu,et al.  A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things , 2018, IEEE Transactions on Industrial Informatics.

[74]  Sherali Zeadally,et al.  Lightweight Three-Factor Authentication and Key Agreement Protocol for Internet-Integrated Wireless Sensor Networks , 2017, IEEE Access.

[75]  Sherali Zeadally,et al.  Taxonomy and analysis of security protocols for Internet of Things , 2018, Future Gener. Comput. Syst..