Al-Refai, H.; Alawneh, A.A. User Authentication and Authorization Framework in IoT Protocols. Computers2022, 11, 147.
Al-Refai, H.; Alawneh, A.A. User Authentication and Authorization Framework in IoT Protocols. Computers 2022, 11, 147.
The Internet of Things (IoT) has become one of the most attractive domains nowadays. It works by creating a special network between physical devices such as vehicles, home equipment, and other items. In recent days, the common technologies of communication such as Wi-Fi and 2G/3G/4G cellular are insufficient for the IoT networks because they are designed to serve appliances with immense processing capabilities such as laptops and PCs. Moreover, most of these technologies are centralized and use an existing infrastructure. Currently, the new communication technologies such as Z-Wave, 6LowPAN, and Thread are dedicated to the IoT and have been developed to meet its requirements. These technologies can handle many factors such as range, data requirements, security, power demands, and battery life. Nevertheless, the security issues in IoT systems have major concerns and matters because vulnerabilities in such systems may result in fatal catastrophes. In this paper, an enhanced IoT security framework for authentication and authorization is proposed and implemented to protect the IoT protocols from different types of attacks such as man-in-the-middle attack, reply attack, and brute force attack. The proposed framework combines an enhanced token authentication that has identity verification capabilities and a new sender verification mechanism on the IoT device side based on time stamp, which in turn can mitigate the need for local identity verification methods in IoT devices. The proposed IoT security framework is tested using security analysis with different types of attacks compared with previous related frameworks. The analysis shows the high capability of the proposed framework to protect IoT networks against many types of attacks compared with current available security frameworks. Finally, the proposed framework is developed using Windows application to simulate the framework phases, check its validity through the real network, and calculate the payload time is adds.
Internet of Things; security protocol; authentication; authorization; networks
MATHEMATICS & COMPUTER SCIENCE, General & Theoretical Computer Science
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.