Journal of the Korea Academia-Industrial cooperation Society (한국산학기술학회논문지)

The Korea Academia-Industrial cooperation Society (한국산학기술학회)
권호 표지
DOI QR코드

DOI QR Code

Device Mutual Authentication and Key Management Techniques in a Smart Home Environment

스마트 홈 환경에서 디바이스 상호 인증 및 키 관리 기법

  • Min, So-Yeon (Dept. of Information and Communication Eng., Seoil University) ;
  • Lee, Jae-Seung (Dept. of Computer Science and Eng., Soongsil University)
  • 민소연 (서일대학교 정보통신공학과) ;
  • 이재승 (숭실대학교 컴퓨터공학과)
  • Received : 2018.09.17
  • Accepted : 2018.10.05
  • Published : 2018.10.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, the smart home market is growing due to the development of wireless communication technology and sensor devices, and various devices are being utilized. Such an IoT environment collects various vast amount of device information for intelligent services, receives services based on user information, controls various devices, and provides communication between different types of devices. However, with this growth, various security threats are occurring in the smart home environment. In fact, Proofpoint and HP warned about the cases of damage in a smart home environment and the severity of security vulnerabilities, and cases of infringement in various environments were announced. Therefore, in this paper, we have studied secure mutual authentication method between smart nodes used in smart home to solve security problems that may occur in smart home environment. In the case of the proposed thesis, security evaluations are performed using random numbers and frequently updated session keys and secret keys for well-known vulnerabilities that can occur in IoT environments and sensor devices such as sniffing, spoofing, device mutual authentication, And safety. In addition, it is confirmed that it is superior in security and key management through comparison with existing smart home security protocol.

최근 무선 통신 기술과 센서 디바이스들의 발달로 스마트 홈 시장이 성장하고 있으며, 다양한 디바이스가 활용되고 있다. 이러한 사물인터넷 환경은 지능형 서비스를 위해 다양하고 방대한 양의 디바이스 정보를 수집하여 사용자 정보를 기반으로 서비스를 제공받으며, 다양한 디바이스를 제어해야 하고, 이기종 간의 통신을 제공해야 한다. 하지만, 이러한 성장과 함께, 스마트 홈 환경에서는 다양한 보안 위협이 발생하고 있다. 실제, 프루프 포인트와 HP에서는 스마트 홈 환경에서의 피해 사례 및 보안 취약점의 심각성에대해 경고하였으며, 다양한 환경에서의 침해 사례가 발표되었다. 그러므로, 본 논문에서는 스마트 홈 환경에서 발생할 수 있는 보안 문제를 해결하기 위해 스마트 홈에서 사용하는 스마트 노드들 간의 안전한 상호인증 기법에 대해 연구를 수행하였다. 제안하는 논문의 경우 보안성 평가를 통해 스니핑, 스푸핑, 디바이스 상호 인증, 중간자 공격, 무결성 등 사물인터넷 환경과 센서 디바이스에서 발생할 수 있는 잘 알려진 취약점에 대해 난수와 수시로 갱신되는 세션키 및 비밀키를 이용하여 안전함을 검증하였다. 또한, 기존에 연구된 사물인터넷 보안 프로토콜과의 비교를 통해 보안성 및 키 관리 측면에서 우수함을 확인할 수 있었다.

Keywords

References

  1. YOON, Seokung; PARK, Haeryong; YOO, Hyeong Seon. Security issues on smarthome in IoT environment. In: Computer science and its applications. Springer, Berlin, Heidelberg, pp. 691-696, 2015. DOI: https://doi.org/10.1007/978-3-662-45402-2_97
  2. ROBLES, Rosslin John, et al. A review on security in smart home development. International Journal of Advanced Science and Technology, 2010.
  3. KOMNINOS, Nikos; PHILIPPOU, Eleni; PITSILLIDES, Andreas. Survey in smart grid and smart home security: Issues, challenges and countermeasures. IEEE Communications Surveys & Tutorials, 16.4: 1933-1954, 2014. DOI: https://doi.org/10.1109/comst.2014.2320093
  4. FERNANDES, Earlence; JUNG, Jaeyeon; PRAKASH, Atul. Security analysis of emerging smart home applications. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE, pp. 636-654, 2016. DOI: https://doi.org/10.1109/sp.2016.44
  5. SIVARAMAN, Vijay, et al. Network-level security and privacy control for smart-home IoT devices. In: Wireless and Mobile Computing, Networking and Communications (WiMob), 2015 IEEE 11th International Conference on. IEEE, pp. 163-167, 2015. DOI: https://doi.org/10.1109/wimob.2015.7347956
  6. YE, Xiaojing; HUANG, Junwei. A framework for cloud-based smart home. In: Computer science and network technology (ICCSNT), 2011 international conference on. IEEE, pp. 894-897. 2011. DOI: https://doi.org/10.1109/iccsnt.2011.6182105
  7. MOWAD, Mohamed Abd El-Latif; FATHY, Ahmed; HAFEZ, Ahmed. Smart home automated control system using android application and microcontroller. International Journal of Scientific & Engineering Research, 5.5: 935-939, 2014.
  8. SCHNEPS-SCHNEPPE, Manfred, et al. Wired Smart Home: energy metering, security, and emergency issues. In: Ultra Modern Telecommunications and Control Systems and Workshops (ICUMT), 2012 4th International Congress on. IEEE, pp. 405-410, 2012. DOI: https://doi.org/10.1109/icumt.2012.6459700
  9. MANTAS, Georgios; LYMBERO POULOS, Dimitrios; KOMNINOS, Nikos. Security in smart home environment. In: Wireless Technologies for Ambient Assisted Living and Healthcare: Systems and Applications. IGI Global, pp. 170-191, 2011. DOI: https://doi.org/10.4018/978-1-61520-805-0.ch010
  10. FADELL, Anthony Michael, et al. Handling security services visitor at a smart-home. U.S. Patent Application No 14/587,835, 2015.
  11. JOSE, Arun Cyril; MALEKIAN, Reza. Smart home automation security. SmartCR, 5.4: 269-28, 2015. DOI: https://doi.org/10.6029/smartcr.2015.04.004
  12. J.Zhu and J.Ma, A new authentication scheme with anonymity for wireless environments, IEEE Transactions on Communications, Vol. 50, No.1, pp.231-235, 2004. DOI: https://doi.org/10.1109/tce.2004.1277867
  13. Farash, Mohammad Sabzinejad, Turkanovic Muhamed, Kumari Saru, and Marko Holbl. "An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the internet of things environment." Ad Hoc Networks 36 152-176, 2016. DOI: https://doi.org/10.1016/j.adhoc.2015.05.014
  14. C.-C.Wu, W.-B.Lee, and W.-J.Tsaur," A secure authentication scheme with anonymity for wireless communications", IEEE Communications Letters,Vol. 12, No.10, pp.722-723, 2008. DOI: https://doi.org/10.1109/lcomm.2008.080283
  15. Qinghua Li and Guohong Cao, "Multicast Authentication in the Smart Grid With One-Time Signature", IEEE Transactions on Smart Grid, 2(4), 2011. DOI: https://doi.org/10.1109/tsg.2011.2138172