(Publisher of Peer Reviewed Open Access Journals)

International Journal of Advanced Technology and Engineering Exploration (IJATEE)

ISSN (Print):2394-5443    ISSN (Online):2394-7454
Volume-6 Issue-58 September-2019
Full-Text PDF
Paper Title : A new strong user authentication scheme with local certification authority for internet of things based cloud computing services
Author Name : Youssefi My Abdelkader and Mouhsen Ahmed
Abstract :

The term Internet of Things (IoT) refers to the ability to extend network connectivity and computing capability to objects and devices. These devices collect, exchange and analyze data without any human interaction. Generally, IoT architecture requires data communication and cloud computing services. However, security is a big challenge for IoT services. Strong user authentication is the first requirement for IoT services to avoid malicious unauthenticated device. This work explores the weakness of conventional authentication methods in cloud environments. An improved strong user authentication scheme has been proposed. This new scheme is based on local certification authority for IoT devices in cloud computing where devices are authenticated using private public key infrastructure (PKI). The proposed approach has superior security performance compared to conventional techniques. It is shown that our approach doesn’t require any hardware tokens, reduce the computation and then improve authentication strength.

Keywords : IoT, Security, VPN, Cloud computing, Authentication, Private key, Public key, Digital signature, PKI, Certification authority.
Cite this article : Abdelkader YM, Ahmed M. A new strong user authentication scheme with local certification authority for internet of things based cloud computing services . International Journal of Advanced Technology and Engineering Exploration. 2019; 6(58):217-224. DOI:10.19101/IJATEE.2019.650051.
References :
[1]Hand E. Head in the clouds. Nature News. 2007.
[Crossref] [Google Scholar]
[2]Weiss A. Computing in the clouds. Networker. 2007; 11(4):16-25.
[Google Scholar]
[3]Yang Y, Lu H, Weng J. Multi-user private keyword search for cloud computing. In international conference on cloud computing technology and science 2011 (pp. 264-71). IEEE.
[Crossref] [Google Scholar]
[4]Kaavi J. Strong authentication with mobile phones. Helsinki University of Technology, Fall. 2010.
[Google Scholar]
[5]Jiang R. Advanced secure user authentication framework for cloud computing. International Journal on Smart Sensing & Intelligent Systems. 2013; 6(4):1700-24.
[Google Scholar]
[6]Rivest RL, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM. 1978; 21(2):120-6.
[Crossref] [Google Scholar]
[7]Kinastowski W. Digital signature as a cloud-based service. In the international conference on cloud computing 2013(pp. 68-72).
[Google Scholar]
[8]Ford M, Stevenson T, Lew HK, Spanier S. Internetworking technologies handbook. Macmillan Publishing Co., Inc.; 1997.
[Google Scholar]
[9]Diffie W, Hellman ME. Special feature exhaustive cryptanalysis of the NBS data encryption standard. Computer. 1977; 10(6):74-84.
[Crossref] [Google Scholar]
[10]Reynard R. Secret code breaker II: a cryptanalysts handbook. Smith & Daniel; 1997.
[Google Scholar]
[11]Patange T. How to defend yourself against MITM or Man-in-the-middle attack. 2013.
[Google Scholar]
[12]Katz J. Efficient cryptographic protocols preventing man-in-the-middle attacks. Columbia University; 2002.
[Google Scholar]
[13]Prakash MV, Infant PA, Shobana SJ. Eliminating vulnerable attacks using one-time password and passtext–analytical study of blended schema. Universal Journal of Computer Science and Engineering Technology. 2010; 1(2):133-40.
[Google Scholar]
[14]Alliance SC. Strong authentication using smart card technology for logical access. A Smart Card Alliance Access Control Council White Paper. 2012:1-26.
[Google Scholar]
[15]Yang B, Hu Z, Xiao Z. Efficient certificateless strong designated verifier signature scheme. In international conference on computational intelligence and security 2009 (pp. 432-6). IEEE.
[Crossref] [Google Scholar]
[16]Tianhuang C, Xiaoguang X. Digital signature in the application of e-commerce security. In international conference on e-health networking digital ecosystems and technologies (EDT) 2010 (pp. 366-9). IEEE.
[Crossref] [Google Scholar]
[17]Atwady Y, Hammoudeh M. A survey on authentication techniques for the internet of things. In proceedings of the international conference on future networks and distributed systems 2017. ACM.
[Crossref] [Google Scholar]
[18]Silva EdOe, Lima WTSd, Ferraz FS, Ribeiro FIdN. Authentication and the Internet of Things: a survey based on a systematic mapping. In proceedings of the international conference on software engineering advances 2017 (pp. 34-40).
[19]Zhou L, Li X, Yeh KH, Su C, Chiu W. Lightweight IoT-based authentication scheme in cloud computing circumstance. Future Generation Computer Systems. 2019; 91:244-51.
[Crossref] [Google Scholar]
[20]Hammi MT, Hammi B, Bellot P, Serhrouchni A. Bubbles of trust: a decentralized blockchain-based authentication system for IoT. Computers & Security. 2018; 78:126-42.
[Crossref] [Google Scholar]
[21]Alizai ZA, Tareen NF, Jadoon I. Improved IoT device authentication scheme using device capability and digital signatures. In international conference on applied and engineering mathematics 2018 (pp. 1-5). IEEE.
[Crossref] [Google Scholar]