On the design of biometric-based user authentication protocol in smart city environment

Bera, Basudeb; Das, Ashok Kumar; Balzano, Walter; Medaglia, Carlo Maria

doi:10.1016/j.patrec.2020.08.017

Cited by 40 publications

(5 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In that paper, they mentioned individual privacy but did not prove that personal privacy could actually be leaked. Bera et al [17] propose a new type of biometric-based authentication scheme using passwords and biometric information. ey presented a secure authentication scheme for various cyber attacks such as replay attacks and man-in-themiddle attacks.…”

Section: Discussionmentioning

confidence: 99%

“…However, they did not present details on the privacy leakage problem of ECG-based authentication schemes. Bera et al [17] proposed a robust security design for ECG-based authentication by combining ECG features with other biometric information. ey claim that their design can successfully mitigate system and network attacks such as man-in-the-middle, replay, and privilege escalation attacks.…”

Section: Vulnerability Of Ecg-based Authentication Schemesmentioning

confidence: 99%

See 1 more Smart Citation

Broken Heart: Privacy Leakage Analysis on ECG-Based Authentication Schemes

Noh

Kim

Lee

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Authentications using biometrics, such as fingerprint recognition and electrocardiogram (ECG), have been actively used in various applications. Unlike traditional authentication methods, such as passwords or PINs, biometric-based authentication has an advantage in terms of security owing to its capability of liveness detection. Among the various types of biometrics, ECG-based authentication is widely utilized in many fields. Because of the inherent characteristics of ECG, however, the incautious design of ECG-based authentication may result in serious leakage of personal private information. In this paper, we extensively investigate ECG-based authentication schemes previously proposed in the literature and analyze possible privacy leakages by employing machine learning and deep learning techniques. We found that most schemes suffer from vulnerabilities that lead to the leakage of personal information, such as gender, age, and even diseases. We also identified some privacy-insensitive ECG fiducial points by utilizing feature selection algorithms. Based on these features, we present a privacy-preserving ECG-based authentication scheme.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Vulnerability Of Ecg-based Authentication Schemesmentioning

confidence: 99%

Broken Heart: Privacy Leakage Analysis on ECG-Based Authentication Schemes

Noh

Kim

Lee

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In the year 2020, Basudeb et al [22] proposed a new biometric-based authentication protocol for smart cities. They allow a registered user to update their password based on biometric authentication.…”

Section: Literature Reviewmentioning

confidence: 99%

Secure and Lightweight Authentication Protocol for Privacy Preserving Communications in Smart City Applications

et al. 2023

View full text Add to dashboard Cite

A smart city is a concept that leverages technology to improve the quality of life for citizens, enhance sustainability, and streamline urban services. The goal of a smart city is to use data and technology to manage resources and assets efficiently, make informed decisions, and create a more livable and thriving city for its residents. Smart cities rely on a range of technologies including the Internet of Things (IoT), Artificial Intelligence (AI), big data analytics, and cloud computing to gather, process, and analyze data from various sources. The aim is to create a city that is more connected, responsive, and sustainable, and that provides its residents with a better quality of life, opportunities, and services. A secure and efficient message communication protocol for sensitive information and real-time communication is critical for the functioning of a smart city environment. The main findings of this paper are to develop a new authentication protocol that meets the specific requirements and constraints of smart city applications. The message communication between smart cities is conducted with the help of a gateway. The challenge in constructing a working, viable infrastructure for a smart city is to provide secure authentication for message communication between the user and gateway node in one network, and the gateway node of one network to the gateway node of the other network. The objective for doing research to develop an authentication protocol that ensures the privacy and security of data transmitted in smart city applications while maintaining a lightweight and efficient design. This paper proposes a secure authentication protocol and key establishment scheme for access to the application in smart cities to make feasible access through the IoT environment. The proposed protocol ensures the mutual authentication between user and gateways, and the security analysis shows that the proposed protocol is effective against energy consumption and have less computational cost. The performance of the proposed method is analyzed and tested using BAN Logic and AVISPA security verification to confirm the authenticity of the security protocol. We do compare with past studies of which our proposed method outperformed.

show abstract

“…To improve security, the authentication schema involves integrating encryption techniques, such as ''RSA-based public key cryptosystem'' [60], ''Secure Hash Agorithm (SHA)'' [61], ''Advanced Encryption Standard (AES)'' [62], and ''Elliptic Curve Cryptography (ECC)'' [63]. In recent years, ''access control, authentication and key management'' are widely-used two main security mechanisms in providing security in IoT-enabled environments [64], [65], [66], [67], [68], [69], [70], [71], [72], [73], [74], [75], [76], [77], [78], [79], [80].…”

Section: B Security Requirementsmentioning

confidence: 99%

Blockchain Integration for IoT-Enabled V2X Communications: A Comprehensive Survey, Security Issues and Challenges

Rao,

Jangirala,

Pedada

et al. 2023

IEEE Access

Self Cite

View full text Add to dashboard Cite

In V2X (vehicle-to-everything) communication, there is a two-way communication among the vehicle(s) and other Internet of Things (IoT)-enabled smart devices around it that may change how we need to drive. Due to the advancement of Information and Communications Technology (ICT) and the rapid development of IoT in transportation, traditional applications are converted to intelligent applications. In V2X communications, the collected information from the IoT smart devices and other sources passes through low-latency, high-bandwidth, high-reliability links. With the future adoption of the 5th generation mobile network (5G) and beyond networks, V2X continues to produce a huge volume of data. However, collecting and storing data securely in blockchain-based storage are extremely needed for immutability and transparency. In this survey article, the convergence of IoT, V2X and blockchain technologies, and various security challenges and their countermeasures are discussed. Next, we discuss various V2X applications and their respective services. Moreover, IoT-V2X architecture and its enabling technologies are discussed in this article. In addition, we also provide a comprehensive analysis of various security mechanisms. Finally, we provide some important challenges and issues of Blockchain for Intelligent Transportation System (BITS).INDEX TERMS Vehicle-to-everything (V2X), Internet of Things (IoT), blockchain, attacks, security.

show abstract

On the design of biometric-based user authentication protocol in smart city environment

Cited by 40 publications

References 29 publications

Broken Heart: Privacy Leakage Analysis on ECG-Based Authentication Schemes

Broken Heart: Privacy Leakage Analysis on ECG-Based Authentication Schemes

Secure and Lightweight Authentication Protocol for Privacy Preserving Communications in Smart City Applications

Blockchain Integration for IoT-Enabled V2X Communications: A Comprehensive Survey, Security Issues and Challenges

Contact Info

Product

Resources

About