dc.contributor.author | Chaudhry, Shehzad Ashraf | |
dc.contributor.author | Yahya, Khalid O. Moh. | |
dc.contributor.author | Al-Turjman, Fadi | |
dc.contributor.author | Yang, Ming-Hour | |
dc.date.accessioned | 2023-08-17T11:46:31Z | |
dc.date.available | 2023-08-17T11:46:31Z | |
dc.date.issued | 2020 | en_US |
dc.identifier.issn | 2169-3536 | |
dc.identifier.uri | https://hdl.handle.net/11363/5364 | |
dc.description.abstract | Among other security concerns, the reliable device to device direct communication is an
important research aspect in sensor cloud system application of Internet of things (IoT). The access control
mechanism can ensure the reliability through secure communication among two IoT devices without mediation of intermediate agent. Mainly, it requires twofold strategy involving the authentication of each other
and session key establishment. Quite recently, in 2019, Das et al. proposed a certificate based lightweight
access control and key agreement scheme for IoT devices (LACKA-IoT) to ensure smooth and secure access
control and claimed LACKA-IoT to withstand the several attacks. Specifically, it is claimed that LACKA-IoT
can resist device impersonation and man in middle attacks. However, the proof in this article refutes their
claim and it is shown here, that LACKA-IoT is insecure against both device impersonation and man in
middle attacks. An adversary just by using public parameters and by listening the communication channel
can impersonate any device. Moreover, the same can also launch successful man in middle attack using
public parameters and listened messages from public channel. An improved protocol iLACKA-IoT is then
proposed in the paper. The iLACKA-IoT provides resistance against various types of threats and provides
the required level of security, for evidence both formal validation through random or real (ROR) model as
well as the informal validation through discussion on attack resilience is provided. The iLACKA-IoT is not
only better in security but also provides performance efficiency as compared with LACKA-IoT and related
schemes. | en_US |
dc.language.iso | eng | en_US |
dc.publisher | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC, 445 HOES LANE, PISCATAWAY, NJ 08855-4141 | en_US |
dc.relation.isversionof | 10.1109/ACCESS.2020.3012121 | en_US |
dc.rights | info:eu-repo/semantics/openAccess | en_US |
dc.rights | Attribution-NonCommercial-NoDerivs 3.0 United States | * |
dc.rights.uri | http://creativecommons.org/licenses/by-nc-nd/3.0/us/ | * |
dc.subject | Device access control | en_US |
dc.subject | device impersonation | en_US |
dc.subject | forged message | en_US |
dc.subject | IoT access | en_US |
dc.subject | reliability | en_US |
dc.title | A Secure and Reliable Device Access Control Scheme for IoT Based Sensor Cloud Systems | en_US |
dc.type | article | en_US |
dc.relation.ispartof | IEEE Access | en_US |
dc.department | Mühendislik ve Mimarlık Fakültesi | en_US |
dc.authorid | https://orcid.org/0000-0002-9321-6956 | en_US |
dc.authorid | https://orcid.org/0000-0002-0792-7031 | en_US |
dc.authorid | https://orcid.org/0000-0001-5418-873X | en_US |
dc.authorid | https://orcid.org/0000-0003-4773-7352 | en_US |
dc.identifier.volume | 8 | en_US |
dc.identifier.startpage | 139244 | en_US |
dc.identifier.endpage | 139254 | en_US |
dc.relation.publicationcategory | Makale - Uluslararası Hakemli Dergi - Kurum Öğretim Elemanı | en_US |
dc.institutionauthor | Chaudhry, Shehzad Ashraf | |
dc.institutionauthor | Yahya, Khalid O. Moh. | |