Browse > Article
http://dx.doi.org/10.3745/KTCCS.2019.8.6.139

IoT Multi-Phase Authentication System Using Token Based Blockchain  

Park, Hwan (목포대학교 정보보호기술학협동과정)
Kim, Mi-sun (목포대학교 정보보호학과)
Seo, Jae-hyun (목포대학교 정보보호학과)
Publication Information
KIPS Transactions on Computer and Communication Systems / v.8, no.6, 2019 , pp. 139-150 More about this Journal
Abstract
IoT(Internet of Things) security is becoming increasingly important because IoT potentially has a variety of security threats, including limited hardware specifications and physical attacks. This paper is a study on the certification technology suitable for the lightened IoT environment, and we propose a system in which many gateways share authentication information and issue authentication tokens for mutual authentication using blockchain. The IoT node can be issued an authentication token from one gateway to continuously perform authentication with a gateway in the block-chain network using an existing issued token without performing re-authentication from another gateway participating in the block-chain network. Since we do not perform re-authentication for other devices in a blockchain network with only one authentication, we proposed multi phase authentication consisting of device authentication and message authentication in order to enhance the authentication function. By sharing the authentication information on the blockchain network, it is possible to guarantee the integrity and reliability of the authentication token.
Keywords
IoT; Mutual Authentication; Protocol; Blockchain; Token;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 L. Atzoria, A. Ierab, and G. Morabito, "The Internet of Things: A Survey," Computer Networks, Vol.54, Iss.15, pp.2787- 2805, 2010.   DOI
2 Rolf H. Weber, "Internet of Things - New Security and Privacy Challenges," Computer Law & Security Review, Vol. 26, Iss.1, pp.23-30, 2010.   DOI
3 B.-K. Lee, M.-S. Kim, and J.-H. Seo, "Design and Implementation of The Capability Token based Access Control System in the Internet of Things," Journal of The Korea Institute of Informaion Securty & Cryptology, Vol.25, No.2, Apr. 2015.
4 J.-B. Kim, M.-S. Kim, and J.-H. Seo, "Resource Management Service Model Implemented for the Internet of Things Services Access Control," Smart Media Journal, Vol.5, No. 3, pp.9-16, Sept. 2016.
5 Sergio Gusmeroli, Salvatore Piccione, and Domenico Rotondi, "A Capability-based Security Approach to Manage Access Control in the Internet of Things," Mathematical and Computer Modelling 58, pp.1189-1205. Sept. 2013.   DOI
6 Ronghua Xu, Yu Chen, Erik Blasch, and Genshe Chen, "A Federated Capability-based Access Control Mechanism for Internet of Things (IoTs)".
7 A. Dorri, S. S. Kanhere, and R. Jurdak, "Blockchain in Internet of Things: Challenges and Solutions," arXiv Preprint arXiv: 1608.05187, 2016.
8 A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, "Blockchain for IoT Security and Privacy: The Case Study of a Smart Home," In IEEE Percom Workshop on Security Privacy and Trust in the Internet of Thing, 2017.
9 A. Ouaddah, A. Abou Elkalam, and A. Ait Ouahman, "FairAccess: a New Blockchain-based Access Control Framework for the Internet of Things," Security and Communication Networks, pp.5943-5964, 2017.   DOI
10 Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System, Bitcoin.org, 2009.
11 S. Y. Son and Y. T. Shin, "A Study on the Agreement Algorithm for Securing IoT Data Integrity Using Blockchain," Proceedings of Symposium of the Korean Institute of Communications and Information Sciences, pp. 1136-1137, Jun. 2018.
12 Gavin Lowe, Philippa Broadfoot, Christopher Dilloway, and Mei Lin Hui, "Casper-A Compiler ofr the Analysis of Security Protocols User-User Manual and Tutorial," Oxford University Computing Laboratory, www.cs.ox.ac.uk/gavin.lowe/Security/Casper.
13 S. J. Oh and T. J. Yun, "An RFID Mutual Authentication Protocol Using Tag's ID," Journal of Security Engineering, Vol.14, No.4m, pp.281-292, Aug. 2017.   DOI
14 F. Hu, "Security and Privacy in Internet of Things (IoTs) Models, Algorithms, and Implementations," CRC Press, New York, 2016.
15 H. S. Kim, "Security Analysis of SSH Authentication Protocol Using Formal Method," Ph.M Dissertation, Chonnam National University, 2005.
16 H. W. Kim, "A Design of Mutual Authentication Protocol between Heterogeneous Services in the Internet of Things Environment," Ph.D. Dissertation, Soongsil University, Korea, 2017.
17 J.-B. Kim, M.-S. Kim, and J.-H. Seo, "Implementation and Evaluation of IoT Service System for Security Enhancement," Jouranl of The Korea Institute of Information Security & Cryptologhy, Vol.27, No.2, pp.181-192, Apr. 2017.   DOI
18 Parwinder Kaur Dhillon, and Sheetal Kalra, "Secure Multifactor Remote user Authentication Scheme for Internet of Things Environments," Wiley, wileyonlinglibrary.com/journal/dac.
19 Mahdi Aiash, Glenford Mapp, Raphael C.-W. Phan, Aboubaker Lasebae, and Jonathan Loo, "A Formally Verified Device Authentication Protocol Using Casper/FDR," https://eprints.mdx.ac.uk/9049/1/PID2344253.pdf.
20 M. H. Lim, "The Effect, Problems and Implications of Block Chain Technology," Weekly ICT Trends, Vol.1776, pp.2-13, Dec. 16. 2017.
21 R. Y. Choi and K. J. Kim, "New Lightweight Authentication Protocol based on Ring-LPN Problem in the IoT Environment," http://caislab.kaist.ac.kr/publication/paperfiles/2014/FINAL_0024_RY.pdf.
22 W. S. Bae and J. Y. Lee, "Verification of Safety in a RFID Security Auhtnetication Protocol Using Session and Public Keys," A Study on the Sigital Policy, Vol. 10, No. 10, November. 2012.
23 Y. D. You and Y. S. Lee, "Improvement of Mutual Authentication Method between IoT devices and Gateway," Proceedings of Symposium of the Korean Insitute of Communications and Information Sciences, pp. 103-104, June. 2015.
24 H. Park, Y.-S. Park, J.-B. Kim, M.-S. Kim, and J.-H. Seo, "Smart Livestock Barn Monitoring System," CISC-S'18, pp. 309-312, Jun. 2018.