Journal of Convergence for Information Technology (융합정보논문지)

Convergence Society for SMB (중소기업융합학회)
권호 표지
DOI QR코드

DOI QR Code

A Study on gateway authentication protocol in IoT

IoT에서 게이트웨이에 대한 인증 프로토콜에 관한 연구

  • Lee, Jae-Young (School of Information & Communication Systems, Semyung University)
  • 이재영 (세명대학교 정보통신학부)
  • Received : 2017.06.08
  • Accepted : 2017.06.20
  • Published : 2017.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

IoT which is an abbreviation of Internet of Things refers to the communication network service among various objects such as people-people, objects-objects interconnection. The characteristic of IoT that enables direct connection among each device makes security to be considered as more emphasized factor. Though a security module such as an authentication protocol for resolving various security problems that may occur in the IoT environment has been developed, some weak points in security are still being revealed. Therefore, this paper proposes a method for including a protocol including gateway authentication procedure and mutual authentication between the devices and gateways. Protocols with additional authentication procedures can appropriately respond to attackers' spoofing attacks. In addition, important information in the message used for authentication process is protected by encryption or hash function so that it can respond to wiretapping attacks.

사람과 사람, 사물과 사물이 유 무선 네트워크로 연결되어 서비스를 제공하는 것이 IoT이다. 인터넷을 통해 각 디바이스가 직접 연결되는 IoT의 특성으로 인해 보안에 대한 중요성이 더욱 강조되고 있다. 때문에 IoT 환경에서 발생할 수 있는 다양한 보안 문제를 해결하기 위한 인증 프로토콜을 비롯한 보안 모듈이 계속적으로 개발되어 왔으나 여전히 취약점이 발견되고 있다. 이에 본 논문에서 제안한 인증 프로토콜에는 기존의 인증 프로토콜에서 생략되어 있는 게이트웨이에 대한 인증 절차와 디바이스와 게이트웨이 상호간의 인증 절차를 추가하였다. 인증 절차가 추가된 프로토콜은 공격자의 위장 공격에 대응할 수 있다. 또한, 인증에 이용되는 메시지에 중요한 정보는 암호키로 암호화하거나 해시 함수를 이용하여 보호함으로써 도청 공격에 대응할 수 있게 하였다.

Keywords

References

  1. S. H. Hong, "Research on IoT international strategic standard model," Journal of the korea convergence society, Vol. 8, No. 2, pp. 21-26, 2017, DOI : 10.15207/JKCS.2017.8.2..021
  2. S. H. Kim, Key distribution scheme between lightweight devices in internet of thing, Graduate School Sungkyunkwan University, 2015.
  3. B. I. Jang and C. S. Kim, “A Study on the Security Technology for the Internet of Things,” Journal of Security Engineering, Vol. 11, No. 5, pp. 429-438, 2014. https://doi.org/10.14257/jse.2014.10.05
  4. D. H. Kim and J. Kwak, "Design of Improved Authentication Protocol for Sensor Networks," Journal of The Korea Institute of Information Security & Cryptology, Vol. 25, No. 2, 2015.
  5. C. W. Park and J. W. Kim, “An Empirical Research on Information Privacy Concern in the IoT Era,” Journal of Digital Convergence, Vol. 14, No. 2, pp. 65-72, Feb. 2016. DOI : 10.14400/JDC.2016.14.2.65
  6. J. O. Park, “A Study of Message Communication Method Using Attribute Based,” Journal of Digital Convergence, Vol. 14, No. 10, pp. 295-302, Oct. 2016. DOI : 10.14400/JDC.2016.14.10.295
  7. E. Kim, Secure device authentication method in the internet of things, Graduate School Kyungnam University. 2014.
  8. Ministry of Science, ICT and Future Planning, Internet of Things Information Security Roadmap, Oct. 2014.
  9. H. J. Mun, G. H. Choi and Y. C. H, “Countermeasure to underlying security threats in IoT communication,” Journal of convergence society for SMB, Vol. 6, No. 2, pp. 37-44, Jun. 2016. DOI : 10.22156/cs4smb.2016.6.2.037
  10. S. S. Shin, G. S. Chae, T. H. Lee, “An Investigation study to reduce security threat in the Internet of things environment,” Journal of convergence society for SMB, Vol. 6, No. 2, pp. 31-36, Jun. 2016. DOI : 10.22156/cs4smb.2016.6.2.031
  11. Y. S. Lee, "Authentication Method for Safe Internet of Things Environments," The Journal of Korea Institute of Information, Electronics, and Communication Technology, Vol. 18, No. 1, pp. 51-58, 2015. DOI : 10.17661/jkiiect.2015.8.1.051
  12. S. G. Yeo and K. H. Lee, “Smart Phone and vehicle Authentication scheme with M2M device,” Journal of the korea convergence society, Vol. 2, No. 4, pp. 1-7, 2011.
  13. J. S. Shin and Y. H. Park, “An Authentication Protocol using the EXOR and the Hash Function in RFID/USN,” Journal of the Korea Industrial Information Systems Research, Vol. 12, No. 2, pp. 24-29, 2007.