[50] |
A scalable decentralized security framework for the future of IoT. Blockchain technology helps accomplish advantages like scalability and decentralization.
Achieving network and device security levels by using message authentication and device verification.
Requests are authenticated using a tree-based hash.
A tree-based hash is used to maintain communication security while adhering to standard cryptographic procedures.
Device-level security is provided via the framework’s central authority-based security feature.
|
|
Complexity of the system because of using decentralized security framework, intelligent computing, and Blockchain.
Suffering from performance problems when the networks expand.
Energy consumption and operational costs may be increased.
Needs to be updated continuously.
Privacy issues due to sharing sensitive information among users and devices in the blockchain.
|
[51] |
A flexible and effective strategy for secure data transmission and authentication was proposed.
The suggested strategy offers security and privacy to resource-constrained IoT devices.
Using PUFs to protect T2 IoT devices against cloning attacks and streamline the authentication process.
ECC is used with hash algorithms and XOR to meet efficiency requirements.
The suggested approach offers flexible and efficient security by taking into account heterogeneous IoT devices.
|
Using PUFs which are one of the built-in security features of IoT devices.
Using ECC which is a lightweight asymmetric security solution to enhance secured transmission of data with hash algorithms and XOR.
|
The study might not be able to cover every situation and security problem that IoT systems might encounter.
Assumptions made during the design and implementation of these trust models may restrict their effectiveness and create vulnerabilities in real-world IoT systems.
It can be difficult to guarantee security and compatibility across a variety of devices.
One potential drawback of the suggested authentication technique would be its scalability.
One drawback of the system would be how well it works in areas with limited resources, particularly when it comes to energy and computational overhead.
|
[52] |
A novel method for building a large-scale blockchain-based IoT system.
The users are provided with data storage optimization, security, privacy preservation, and a lightweight authentication mechanism.
Utilizing the immutable and decentralized features of blockchain.
Hash evaluation and MAC verification are used in the suggested model.
A homomorphic encryption was incorporated to encrypt IoT data at the user’s end and upload it to the cloud.
|
|
|
[53] |
Creating a more lightweight and safe authentication scheme.
By using a PUF to offer physical security,
The suggested protocol manipulates some fundamental cryptographic operations, such as bitwise-XOR and hash function, to achieve lightweight performance.
While simultaneously using three factors which are password, smartcard, and personal biometrics to strengthen security in comparison to two factors.
The suggested protocol is superior to the analogous protocols that are currently in use in terms of security, functionality, and computational costs.
|
Using PUF.
Cryptographic operations, such as bitwise-XOR and hash function.
Using three factors which are password, smartcard, and personal biometrics.
|
When the number of users and sensors in the IoT network rises dramatically, protocol performance may suffer.
It might not work with every kind of IoT device or communication protocol.
For certain IoT devices with limited resources, the protocol’s resource needs could be too high.
|
[54] |
Outlined the most important access control models and how well they worked for the IoT.
Before creating an IoT security mechanism, a set of requirements needed to be taken into account in order to better examine the reviewed access control model.
The authors attempted to determine which access control model would work best for the IoT when paired with a suitable edge architecture.
This combination must fulfill the specified IoT standards.
|
|
Designing access control models only for IoT in smart cities, smart homes, transportation, and healthcare fields.
Lack of detailed information for some solutions.
|
[55] |
The application of RBAC, which grants rights and privileges based on entity roles.
This study builds a network of nodes, where each node is made up of various devices, some of which are limited and some of which are not.
The RBAC paradigm will be enforced by the blockchain to arrange the data flow between these nodes.
To protect privacy, each node has a registration and authentication procedure that takes place before the data-sharing procedure.
Two well-known Android apps for controlling IoT devices, one that makes use of the MQTT protocol and the other that makes use of Blockchain technology, are utilized to implement a realistic use case.
|
Using RBAC, which grants rights and privileges based on entity roles.
Blockchain
MQTT protocol for data transmission, as it is easy to implement and can communicate IoT data efficiently.
|
|
[56] |
A multi-agent system architecture that managed the delivery of decentralized and lightweight secure access control for the IoT using a private distributed blockchain.
Building Blockchain Managers to secure IoT access control is the primary goal of the suggested approach.
Because IoT devices have limited resources, the architecture uses a private hierarchical blockchain framework to fulfill their needs.
The utilization of mobile agent software in our suggested solution demonstrates the high degree of mobility and intelligence of our solution and can significantly contribute to the decrease of traffic overheads.
created a scalable, general-purpose, and lightweight solution that can be used with a wide range of IoT applications.
|
|
|
[57] |
Analyze the access control and authentication protocols of 19 well-known security cameras and connected doorbells.
The findings showed that, after a password change or account cancellation, 16 out of 19 devices had an authentication or access control flaw that allowed an attacker to access an IoT device.
A systematic flaw in access control and device authentication protocols for shared IoT ecosystems was found by the analysis.
|
All devices were connected to a WiFi network as part of the experiment setup, and two Android phones with companion applications were paired with each device. To simulate a shared IoT ecosystem, accounts were made on each phone to share access to the devices. After that, the researchers put the devices to the test to see how vulnerable they were to the suggested attack vector.
|
A bigger sample size might offer a more thorough knowledge of the vulnerabilities in access control and authentication that are common in shared IoT environments.
The research concentrated on a particular kind of attack vector associated with unauthorized access and credential revocation.
|
[58] |
A unique dynamic and secure access control (SDAC) concept was introduced for IoT networks by using of wired and wireless networks.
Combining RBAC and ABAC.
By employing the concept of characteristics, the assignment of roles to users and permissions to roles are dynamic.
The suggested SDAC model is more secure because it is built on RBAC model entities.
The generation of permissions, performance evaluations of the number of roles assigned, the duration of each permission assignment, and the memory usage of each entity are carried out.
SDAC is dynamic because it helps to reduce administrator burdens because all the processes including permission creation are done more efficiently.
|
|
The SDAC paradigm makes it easier to allocate roles based on permissions. The feature of conflicting roles and permissions is not covered by this paradigm.
In contrast to the conventional RBAC approach, the administrator must give more time to the object and action creation phase.
|
[59] |
A framework for trust-based access control was presented for decentralized IoT networks.
To create a dynamic and reliable access control system, an extra TRS was created as part of a blockchain-based ABAC mechanism that takes trust and reputation ratings into account.
Private blockchains are used to store sensitive data including user attributes to protect user privacy.
The outcomes of the experiments show that the suggested structure can achieve reliable processing latency and is workable for putting in place efficient access control in decentralized IoT networks.
|
|
|
[60] |
The ROR model is used to conduct formal and informal security analysis.
The ProVerif is used to validate the security verification of their framework.
OPNET network is used to simulate their framework and compare it in terms of performance and security with other frameworks.
The result shows that their framework is suitable for WBAN and more secure.
|
|
|
[61] |
An effective mechanism called Slice Specific Authentication and Access Control (SSAAC).
It utilizes virtualization technology’s flexibility to improve the management of AAC on many devices.
The third-party providers inherit the authentication and access control privileges for IoT devices, reducing the communication load on the CN provider and enhancing 5G network flexibility and modularity.
OAI is used to evaluate their mechanism’s performance.
Security requirements are highlighted in this proposal.
Their mechanism proved its ability to overcome the security issues in the ACC of cellular networks. In addition, it minimizes the load of the ACC signaling on the CN communication providers.
|
|
There is a need to apply various AAC mechanisms to different third-party networks.
OAI-CN needs to be modified by adding various network functions for third-party providers to implement different ACC mechanisms.
|
[62] |
A secure protocol called Secure Addressing and Mutual Authentication (SAMA) is proposed.
It is used to secure the network from different types of attacks or unauthorized access.
SAMA is a novel authentication method to identify and authenticate a large number of devices in medical IoT networks.
It takes into consideration three elements; the unique doctor’s identity, the medical device, and the passwords.
The performance evaluation process of SAMA depends on communication cost, computation, and functionality.
In terms of security, the widely accepted BAN logic model and AVISPA tool are used for formal and informal analysis.
|
|
|
[63] |
An improved version of Das scheme [ 64] because it is unsafe against some types of attacks like MITM and impersonation attacks.
This scheme aims to improve security, provide more secure communications, and increase computational efficiency.
To achieve these goals, the iLACKA-IoT protocol is proposed.
The results confirmed that the iLACKA-IoT protocol is better in terms of security and performance efficiency.
|
|
|
[65] |
A mutual protocol based on ECC to protect IoT and its cloud services.
Then, it will be compared and informally analyzed with other protocols in the same field based on different security characteristics, like privacy, mutual authentication, reply, impersonation, and password attacks.
Communication, computational storage overhead, and computational time are the factors that have been used in the performance evaluation.
The results of the experiments proved that the proposed protocol is more secure and has better performance capabilities compared with other protocols.
|
|
There is a need for further enhancements to the computational time and overhead of the proposed protocol without affecting the security level.
The users need to know the reliability and behavior model of the proposed protocol before using it.
|
[66] |
HARCI is a lightweight authentication protocol to achieve mutual authentication for medical IoT devices that suffer from limited memory, computational capabilities, and battery life.
HARCI is designed with three layers for IoT architectures, which are patient nodes, sink nodes, and medical cloud servers.
PUFs are used for the dynamic generation of information needed in the authentication process.
HARCI is safe against different types of attacks, like MITM, reply, and impersonation attacks.
HARCI has multiple advantages, like data confidentiality, message integrity, protection for identity, and two-stage authentication.
|
|
Lack of elaborate performance evaluation and limited details about scalability issues in real-world scenarios of medical IoT networks.
Lack of details about HARCI efficiency compared with other protocols in the same field.
|
[67] |
Their scheme contains 2 parts: Firstly, enhance scalability by authenticating the dynamic user addition protocol securely. It will help to allow new users to engage in current communication without affecting the entire system.
Secondly, attribute-based encryption is used by non-identical entities to communicate continuously and securely in the dynamic distributed IoT.
SDUAP is compared with other relevant models in terms of storage, computation, and communication overhead.
|
A new authentication framework that includes TTP nomenclatured Secure Dynamic User Addition Protocol (SDUAP) which depends on JSON Web Token (JWT) utilizing private key cryptography.
SDUAP security is evaluated using the Oracle model, and SDUAP resistance against different types of attacks is evaluated using the Scyther tool.
|
Lack of details about lightweight encryption and formal modes to enhance encryption techniques to prove the reliability and efficiency of their framework.
There is no focus on the privacy aspect of the SDUAP framework in the dynamic distributed IoT networks.
|
[68] |
A systematic literature review about machine learning for authentication and authorization in IoT.
Recent developments in the field are discussed. Authentication and access control in IoT environments with focusing on machine learning are elaborated.
Threats and challenges of authentication and authorization in IoT are analyzed.
Different criteria to access a high level of security in IoT environments are determined.
Detailed discussion and analysis for future research direction to secure communications in IoT are provided.
|
|
|
[69] |
A new method known as SCAB-IoTA provides a secure connection in IoT environments.
It confirms the authentication and authorization of IoT devices.
SCAB-IoTA ensures data integrity.
SCAB-IoTA aims to improve the security of IoT by preventing different attacks and reducing computational and storage overhead.
It uses AD to enable IoT device communication without any interruption.
The results of the analysis ensure that SCAB-IoTA can resist different cyberattacks, like MITM and impersonation attacks.
|
|
The proposed method needs to be implemented in real-world environments, like IIoT, smart agriculture, and smart cities where different devices can reach each other securely and openly.
|
[70] |
A novel and unified authentication and authorization system to secure IoT known as SUACC-IoT.
SUACC-IoT depends on the capability concept which contains access privileges for authorized entities to access limited resources in the IoT networks.
The analysis result proves that SUACC-IoT is secure against various attacks targeted IoT environments.
|
Using the lightweight Elliptic Curve Diffie-Hellman Ephemeral cryptography technique, secret cryptography, hash function, and message authentication code.
|
Need for a decentralized environment to make their system more scalable.
Mobility management issues in IoT networks need to be considered.
Bilateral access control and fine-granularity need to be Integrated to protect the privacy in the proposed protocol.
|