Abstract:With the rapid development and evolution of wireless network technology, electronic health has shown great potential in continuously monitoring the health of patients. The wireless medical sensor network (WMSN) has played an important role in this field. In WMSN, medical sensors are placed on patients to collect relevant health data and transmitted to medical professionals in hospitals or at home through insecure channels. These health data need to be highly protected because they contain patientrelated privat… Show more
The Internet of Things (IoT) has experienced significant growth and is now a fundamental part of the next-generation Internet. Alongside improving daily life, IoT devices generate and collect vast amounts of data that can be leveraged by AI-enabled big data analytics for diverse applications. However, due to the machine-to-machine communication inherent in IoT, ensuring data security and privacy is crucial to mitigate various malicious cyber attacks, including man-in-the-middle, impersonation, and data poisoning attacks. Nevertheless, designing an efficient and adaptable IoT security framework poses challenges due to the limited computational and communication power of IoT devices, as well as their wide-ranging variety. To address these challenges, this paper proposes an Access Key Agreement (AKA) scheme called the “Reliable Device-Access Framework for the Industrial IoT (RDAF-IIoT)”. RDAF-IIoT verifies the user’s authenticity before granting access to real-time information from IIoT devices deployed in an industrial plant. Once authenticated at the gateway node, the user and IIoT device establish a session key for future encrypted communication. The security of the proposed RDAF-IIoT is validated using a random oracle model, while the Scyther tool is employed to assess its resilience against various security attacks. Performance evaluations demonstrate that the proposed scheme requires lower computational and communication costs compared to related security frameworks while providing enhanced security features.
The Internet of Things (IoT) has experienced significant growth and is now a fundamental part of the next-generation Internet. Alongside improving daily life, IoT devices generate and collect vast amounts of data that can be leveraged by AI-enabled big data analytics for diverse applications. However, due to the machine-to-machine communication inherent in IoT, ensuring data security and privacy is crucial to mitigate various malicious cyber attacks, including man-in-the-middle, impersonation, and data poisoning attacks. Nevertheless, designing an efficient and adaptable IoT security framework poses challenges due to the limited computational and communication power of IoT devices, as well as their wide-ranging variety. To address these challenges, this paper proposes an Access Key Agreement (AKA) scheme called the “Reliable Device-Access Framework for the Industrial IoT (RDAF-IIoT)”. RDAF-IIoT verifies the user’s authenticity before granting access to real-time information from IIoT devices deployed in an industrial plant. Once authenticated at the gateway node, the user and IIoT device establish a session key for future encrypted communication. The security of the proposed RDAF-IIoT is validated using a random oracle model, while the Scyther tool is employed to assess its resilience against various security attacks. Performance evaluations demonstrate that the proposed scheme requires lower computational and communication costs compared to related security frameworks while providing enhanced security features.
“…The comparison results of computation costs and the security features are shown in Tables 3 and 4, respectively. Table 3 shows the improved scheme is superior to the schemes [18,19] in terms of computation costs. Table 4 shows the comparison results of security features between the improved scheme and the relative schemes [15,18,20] .…”
Telecare Medical Information System (TMIS) can provide various telemedicine services to patients. However, information is communicated over an open channel. An attacker may intercept, replay, or modify this information. Therefore, many authentication schemes are proposed to provide secure communication for TMIS. Recently, Yu et al proposed a privacy-preserving authentication scheme in the Internet of Medical Things (IoMT)-enabled TMIS environments. They emphasize that their scheme is resistant to various attacks and ensures anonymity. Unfortunately, this paper demonstrates that Yu et al's scheme is vulnerable to impersonation attacks, replay attacks, and tracking attacks and cannot mutually authenticate. To overcome the shortcomings of Yu et al's scheme, we mainly improve the authentication and key agreement process and propose a corresponding improved scheme. We also compare the improved scheme with several existing authentication schemes in terms of security and computational efficiency.
“…In healthcare monitoring systems, anonymous failure means serious user privacy and access credentials disclosure. A good anonymous authentication protocol can help to alleviate this problem [78].…”
Section: ) Typical Attack Technologiesmentioning
confidence: 99%
“…Similar to anonymous authentication, without the help of trusted third parties and preloaded secrets, Zhang et al [40] designed an AKA scheme using the secret mismatch problem. Yuanbing et al [78] proposed a protocol for a smart medical system based on ECC, which can resist internal privilege attacks and smart card theft without the problem of user anonymity loss. With SDN architecture, a lightweight AKA scheme named ALAM and its upgrade version were proposed in [32,95].…”
Section: ) Authentication and Key Agreement (Aka)mentioning
The rapid development and wide application of the Internet of Things (IoT) and sensor technologies have produced good opportunities for the development of IoT-based smart home systems (SHSs). However, during the rapid market expansion of SHSs, security challenges associated with SHSs have become a primary concern of people because they are so closely related to people's daily lives. These security problems may damage information assets and pose a serious threat to people's health and life. This study investigates security issues in SHSs and provides a comprehensive overview of research to date. In this review, after analyzing the existing definition and concept of SHSs proposed by authoritative encyclopedias and academic literature, we propose a more accurate, elaborated definition of SHSs, analyze their architecture, extract six natural and contextual features, and summarize spears (cyber-attack means) vs. shields (countermeasures) in detail in the context of SHSs. Then, the security frameworks and evaluation technologies in SHSs are discussed. Different scenarios for technology integration and the practical research results in SHSs, such as blockchain, cloud computing, Internet of Vehicles, and AI are presented meticulously. After that, two special issues related to security are discussed. We believe that future research on SHS security should focus on four aspects: the unification of architecture, resource limitation, fragmentation, and code and firmware security. In addition, research on SHS security should be given priority over its commercialization process.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.