A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications

Research output: Contribution to journalArticlepeer-review

61 Downloads (Pure)

Abstract

Existing authentication solutions proposed for Internet of Things (IoT) provide a single Level of Assurance (LoA) regardless of the sensitivity levels of the resources or interactions between IoT devices being protected. For effective (with adequate level of protection) and efficient (with as low overhead costs as possible) protections, it may be desirable to tailor the protection level in response to the sensitivity level of the resources, as a stronger protection level typically imposes a higher level of overhead costs. In this paper, we investigate how to facilitate multi-LoA authentication for IoT by proposing a multi-factor multi-level and interaction based (M2I) authentication framework. The framework implements LoA linked and interaction based authentication. Two interaction modes, P2P (Peer-to-Peer) and O2M (One-to-Many), are investigated via the design of two corresponding protocols. Evaluation results show that adopting the O2M interaction mode in authentication in the related use-case scenarios can cut communication cost significantly; compared with that of the Kerberos protocol, the O2M protocol reduces the communication cost by 42%~45%. The protocols are also more efficient. The P2P and O2M protocol, respectively, reduce the computational cost by 70%~72% and 81%~82%, in comparison with that of Kerberos. The evaluation results also show that the two-factor authentication option costs twice as much as that of the one-factor option.
Original languageEnglish
Pages (from-to)47965 - 47996
JournalIEEE Access
Volume10
Early online date28 Apr 2022
DOIs
Publication statusPublished - 28 Apr 2022

Fingerprint

Dive into the research topics of 'A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications'. Together they form a unique fingerprint.

Cite this