A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications
Existing authentication solutions proposed for Internet of Things (IoT) provide a single Level of Assurance (LoA) regardless of the sensitivity levels of the resources or interactions between IoT devices being protected. For effective (with adequate level of protection) and efficient (with as low ov...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2022-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/9764763/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850126925083705344 |
|---|---|
| author | Salem AlJanah Ning Zhang Siok Wah Tay |
| author_facet | Salem AlJanah Ning Zhang Siok Wah Tay |
| author_sort | Salem AlJanah |
| collection | DOAJ |
| description | Existing authentication solutions proposed for Internet of Things (IoT) provide a single Level of Assurance (LoA) regardless of the sensitivity levels of the resources or interactions between IoT devices being protected. For effective (with adequate level of protection) and efficient (with as low overhead costs as possible) protections, it may be desirable to tailor the protection level in response to the sensitivity level of the resources, as a stronger protection level typically imposes a higher level of overhead costs. In this paper, we investigate how to facilitate multi-LoA authentication for IoT by proposing a multi-factor multi-level and interaction based (M2I) authentication framework. The framework implements LoA linked and interaction based authentication. Two interaction modes, P2P (Peer-to-Peer) and O2M (One-to-Many), are investigated via the design of two corresponding protocols. Evaluation results show that adopting the O2M interaction mode in authentication in the related use-case scenarios can cut communication cost significantly; compared with that of the Kerberos protocol, the O2M protocol reduces the communication cost by 42%~45%. The protocols are also more efficient. The P2P and O2M protocol, respectively, reduce the computational cost by 70%~72% and 81%~82%, in comparison with that of Kerberos. The evaluation results also show that the two-factor authentication option costs twice as much as that of the one-factor option. |
| format | Article |
| id | doaj-art-9b70d461a0fb4a368c389b139fdd0e79 |
| institution | OA Journals |
| issn | 2169-3536 |
| language | English |
| publishDate | 2022-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-9b70d461a0fb4a368c389b139fdd0e792025-08-20T02:33:48ZengIEEEIEEE Access2169-35362022-01-0110479654799610.1109/ACCESS.2022.31708449764763A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) ApplicationsSalem AlJanah0https://orcid.org/0000-0003-0480-4543Ning Zhang1https://orcid.org/0000-0001-9519-9128Siok Wah Tay2https://orcid.org/0000-0002-0005-889XDepartment of Computer Science, The University of Manchester, Manchester, U.K.Department of Computer Science, The University of Manchester, Manchester, U.K.Department of Computer Science, The University of Manchester, Manchester, U.K.Existing authentication solutions proposed for Internet of Things (IoT) provide a single Level of Assurance (LoA) regardless of the sensitivity levels of the resources or interactions between IoT devices being protected. For effective (with adequate level of protection) and efficient (with as low overhead costs as possible) protections, it may be desirable to tailor the protection level in response to the sensitivity level of the resources, as a stronger protection level typically imposes a higher level of overhead costs. In this paper, we investigate how to facilitate multi-LoA authentication for IoT by proposing a multi-factor multi-level and interaction based (M2I) authentication framework. The framework implements LoA linked and interaction based authentication. Two interaction modes, P2P (Peer-to-Peer) and O2M (One-to-Many), are investigated via the design of two corresponding protocols. Evaluation results show that adopting the O2M interaction mode in authentication in the related use-case scenarios can cut communication cost significantly; compared with that of the Kerberos protocol, the O2M protocol reduces the communication cost by 42%~45%. The protocols are also more efficient. The P2P and O2M protocol, respectively, reduce the computational cost by 70%~72% and 81%~82%, in comparison with that of Kerberos. The evaluation results also show that the two-factor authentication option costs twice as much as that of the one-factor option.https://ieeexplore.ieee.org/document/9764763/Internet of Things (IoT)level of assurance (LoA)interaction based authenticationmulti-level authenticationre-authentication |
| spellingShingle | Salem AlJanah Ning Zhang Siok Wah Tay A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications IEEE Access Internet of Things (IoT) level of assurance (LoA) interaction based authentication multi-level authentication re-authentication |
| title | A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications |
| title_full | A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications |
| title_fullStr | A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications |
| title_full_unstemmed | A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications |
| title_short | A Multifactor Multilevel and Interaction Based (M2I) Authentication Framework for Internet of Things (IoT) Applications |
| title_sort | multifactor multilevel and interaction based m2i authentication framework for internet of things iot applications |
| topic | Internet of Things (IoT) level of assurance (LoA) interaction based authentication multi-level authentication re-authentication |
| url | https://ieeexplore.ieee.org/document/9764763/ |
| work_keys_str_mv | AT salemaljanah amultifactormultilevelandinteractionbasedm2iauthenticationframeworkforinternetofthingsiotapplications AT ningzhang amultifactormultilevelandinteractionbasedm2iauthenticationframeworkforinternetofthingsiotapplications AT siokwahtay amultifactormultilevelandinteractionbasedm2iauthenticationframeworkforinternetofthingsiotapplications AT salemaljanah multifactormultilevelandinteractionbasedm2iauthenticationframeworkforinternetofthingsiotapplications AT ningzhang multifactormultilevelandinteractionbasedm2iauthenticationframeworkforinternetofthingsiotapplications AT siokwahtay multifactormultilevelandinteractionbasedm2iauthenticationframeworkforinternetofthingsiotapplications |