A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment

Ruhul Amin, Neeraj Kumar, G. P. Biswas, Rahat Iqbal, Victor Chang

Research output: Contribution to journalArticle

45 Citations (Scopus)
789 Downloads (Pure)

Abstract

With the widespread popularity and usage of Internet-enabled devices, Internet of things has become popular now a days. However, data generated from various smart devices in IoT is one of the biggest concerns. To process such a large database repository generated from all types of devices in IoT, Cloud Computing (CC) has emerged as a key technology. But, the private information from IoT devices is stored in distributed private cloud server so that only legitimate users are allowed to access the sensitive information from the cloud server. Keeping focus on all these points, this article first shows security vulnerabilities of the multi-server cloud environment of the protocols proposed by Xue et al. and Chuang et al. Then, we propose an architecture which is applicable for distributed cloud environment and based on it, an authentication protocol using smartcard has been proposed, where the registered user can access all private information securely from all the private cloud servers. To proof security strength of our protocol, we have used AVISPA tool and BAN logic model in this article. In addition, informal cryptanalysis confirms that the protocol is protected against all possible security threats. The performance analysis and comparison confirm that the proposed protocol is superior than its counterparts.

Original languageEnglish
Pages (from-to)1005-1019
Number of pages15
JournalFuture Generation Computer Systems
Volume78
Issue number3
Early online date29 Dec 2016
DOIs
Publication statusPublished - Jan 2018

Fingerprint

Cloud computing
Authentication
Network protocols
Servers
Internet of things
Internet

Bibliographical note

NOTICE: this is the author’s version of a work that was accepted for publication in Future Generation Computer Systems. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Future Generation Computer Systems, [78, 3, (2016)] DOI: 10.1016/j.future.2016.12.028

© 2016, Elsevier. Licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International http://creativecommons.org/licenses/by-nc-nd/4.0/

Keywords

  • Authentication
  • AVISPA tool
  • BAN logic
  • Distributed Cloud environment
  • Security attacks

Cite this

A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. / Amin, Ruhul; Kumar, Neeraj; Biswas, G. P.; Iqbal, Rahat; Chang, Victor.

In: Future Generation Computer Systems, Vol. 78, No. 3, 01.2018, p. 1005-1019.

Research output: Contribution to journalArticle

Amin, Ruhul ; Kumar, Neeraj ; Biswas, G. P. ; Iqbal, Rahat ; Chang, Victor. / A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment. In: Future Generation Computer Systems. 2018 ; Vol. 78, No. 3. pp. 1005-1019.
@article{d9200fa793534b7ba13e10d1d0d92d9f,
title = "A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment",
abstract = "With the widespread popularity and usage of Internet-enabled devices, Internet of things has become popular now a days. However, data generated from various smart devices in IoT is one of the biggest concerns. To process such a large database repository generated from all types of devices in IoT, Cloud Computing (CC) has emerged as a key technology. But, the private information from IoT devices is stored in distributed private cloud server so that only legitimate users are allowed to access the sensitive information from the cloud server. Keeping focus on all these points, this article first shows security vulnerabilities of the multi-server cloud environment of the protocols proposed by Xue et al. and Chuang et al. Then, we propose an architecture which is applicable for distributed cloud environment and based on it, an authentication protocol using smartcard has been proposed, where the registered user can access all private information securely from all the private cloud servers. To proof security strength of our protocol, we have used AVISPA tool and BAN logic model in this article. In addition, informal cryptanalysis confirms that the protocol is protected against all possible security threats. The performance analysis and comparison confirm that the proposed protocol is superior than its counterparts.",
keywords = "Authentication, AVISPA tool, BAN logic, Distributed Cloud environment, Security attacks",
author = "Ruhul Amin and Neeraj Kumar and Biswas, {G. P.} and Rahat Iqbal and Victor Chang",
note = "NOTICE: this is the author’s version of a work that was accepted for publication in Future Generation Computer Systems. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Future Generation Computer Systems, [78, 3, (2016)] DOI: 10.1016/j.future.2016.12.028 {\circledC} 2016, Elsevier. Licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International http://creativecommons.org/licenses/by-nc-nd/4.0/",
year = "2018",
month = "1",
doi = "10.1016/j.future.2016.12.028",
language = "English",
volume = "78",
pages = "1005--1019",
journal = "Future Generation Computer Systems",
issn = "0167-739X",
publisher = "Elsevier",
number = "3",

}

TY - JOUR

T1 - A light weight authentication protocol for IoT-enabled devices in distributed Cloud Computing environment

AU - Amin, Ruhul

AU - Kumar, Neeraj

AU - Biswas, G. P.

AU - Iqbal, Rahat

AU - Chang, Victor

N1 - NOTICE: this is the author’s version of a work that was accepted for publication in Future Generation Computer Systems. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. A definitive version was subsequently published in Future Generation Computer Systems, [78, 3, (2016)] DOI: 10.1016/j.future.2016.12.028 © 2016, Elsevier. Licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International http://creativecommons.org/licenses/by-nc-nd/4.0/

PY - 2018/1

Y1 - 2018/1

N2 - With the widespread popularity and usage of Internet-enabled devices, Internet of things has become popular now a days. However, data generated from various smart devices in IoT is one of the biggest concerns. To process such a large database repository generated from all types of devices in IoT, Cloud Computing (CC) has emerged as a key technology. But, the private information from IoT devices is stored in distributed private cloud server so that only legitimate users are allowed to access the sensitive information from the cloud server. Keeping focus on all these points, this article first shows security vulnerabilities of the multi-server cloud environment of the protocols proposed by Xue et al. and Chuang et al. Then, we propose an architecture which is applicable for distributed cloud environment and based on it, an authentication protocol using smartcard has been proposed, where the registered user can access all private information securely from all the private cloud servers. To proof security strength of our protocol, we have used AVISPA tool and BAN logic model in this article. In addition, informal cryptanalysis confirms that the protocol is protected against all possible security threats. The performance analysis and comparison confirm that the proposed protocol is superior than its counterparts.

AB - With the widespread popularity and usage of Internet-enabled devices, Internet of things has become popular now a days. However, data generated from various smart devices in IoT is one of the biggest concerns. To process such a large database repository generated from all types of devices in IoT, Cloud Computing (CC) has emerged as a key technology. But, the private information from IoT devices is stored in distributed private cloud server so that only legitimate users are allowed to access the sensitive information from the cloud server. Keeping focus on all these points, this article first shows security vulnerabilities of the multi-server cloud environment of the protocols proposed by Xue et al. and Chuang et al. Then, we propose an architecture which is applicable for distributed cloud environment and based on it, an authentication protocol using smartcard has been proposed, where the registered user can access all private information securely from all the private cloud servers. To proof security strength of our protocol, we have used AVISPA tool and BAN logic model in this article. In addition, informal cryptanalysis confirms that the protocol is protected against all possible security threats. The performance analysis and comparison confirm that the proposed protocol is superior than its counterparts.

KW - Authentication

KW - AVISPA tool

KW - BAN logic

KW - Distributed Cloud environment

KW - Security attacks

U2 - 10.1016/j.future.2016.12.028

DO - 10.1016/j.future.2016.12.028

M3 - Article

VL - 78

SP - 1005

EP - 1019

JO - Future Generation Computer Systems

JF - Future Generation Computer Systems

SN - 0167-739X

IS - 3

ER -