Skip to main content
SpringerLink
Log in

Dynamic authentication for intelligent sensor clouds in the Internet of Things

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Sensor clouds are formed by IP-enabled wireless sensors and Internet of Things devices that are used for sensing and actuation in commercial and industrial applications. Data collected by the sensors are consolidated by distributed cloud data consolidation (DCS) servers to be utilized as raw sensory information by applications running data analytics and actuation functions. Alternatively, DC servers may feed sensor data to the cloud-hosted Big Data Analytics (BDS) servers. Sensor clouds and their respective DCS servers, as well as BDS servers, may form different security realms. These security realms’ ownership structures are complicated and differ from standard database servers, necessitating a dependable authentication technique to provide trusted access to DC and BDS servers. This paper proposes a new multiparty authentication framework to authenticate applications requesting access to the DCS and BDS servers without direct human or application access to the sensors and actuators. Only DC servers are permitted to communicate with sensors/actuators, and only applications certified by a Session Authority Cloud are granted access to DCS/BDS servers via an authentication protocol that includes many information and key exchanges. This solution may assure the reliable deployment of sensor clouds in different critical application domains (i.e., industry, commercial, national security, and defense, etc.) while reducing the potential of direct espionage of sensed/actuated systems. Linear Temporal Logic is used to explicitly analyze and establish the correctness of the presented framework. OPNET modeling and simulations are used to illustrate the protocol’s design and operations. The results demonstrate that multiparty authentication is conceivable for Sensor cloud computing systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Data availability

All data are either included in the paper or can be found in the sources given.

Abbreviations

DCS:

Distributed cloud data consolidation

BDS:

Big data analytics

LTL:

Linear temporal logic

SAC:

Session authority cloud

\(\textrm{SAC}_{\textrm{DB}}\) :

DB database

\(\textrm{SAC}_{\textrm{SH}}\) :

Session handler

MPSH:

Multiparty session handler

\(\textrm{ID}_r^A\) :

Cloud membership root key of user A

\(\textrm{ID}_s^A\) :

Subdomain membership key of user A

RFID:

Radio frequency identification

WSN:

Wireless sensor networking

SSO:

Single sign-on

References

  1. Sundmaeker, H., Guillemin, P., Friess, P., Woelffl, S.: e. Ccluster of european research projects on the internet of things. In vision and challenges for realizing the Internet of Things, page 0, European Commission, (2010)

  2. Evans, D.: The internet of things,howthenext evolution of the internet is changing everything. Whitepaper. Cisco Internet Business Solutions Group (IBSG), 1:1–12, (2011)

  3. Assunção, M.D., Calheiros, R.N., Bianchi, S., Netto, M.A.S., Buyya, R.: Big data computing and clouds: trends and future directions. J. Parallel Distrib. Comput. 79, 3–15 (2015)

    Article  Google Scholar 

  4. Yang, Y., Longfei, W., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017)

    Article  Google Scholar 

  5. Lin, J., Wei, Yu., Zhang, N., Yang, X., Zhang, H., Zhao, W.: A survey on internet of things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet Things J. 4(5), 1125–1142 (2017)

    Article  Google Scholar 

  6. Manasrah, A.M., Aldomi, A., Gupta, B.B.: An optimized service broker routing policy based on differential evolution algorithm in fog/cloud environment. Clust. Comput. 22(1), 1639–1653 (2019)

    Article  Google Scholar 

  7. SYi, S., Li, C. Li, Q: A survey of fog computing: concepts, applications and issues. In: Proceedings of the 2015 workshop on mobile big data, pages 37–42, (2015)

  8. Alessio, B., De Donato, W., Persico, V., Pescapé, A.: On the integration of cloud computing and internet of things. Proc. Future internet of things and cloud (FiCloud), 23–30 (2014)

  9. Hussain Al-Aqrabi, L., Liu, R.H., Antonopoulos, N.: Cloud bi: future of business intelligence in the cloud. J. Comput. Syst. Sci. 81(1), 85–96 (2015)

    Article  MathSciNet  Google Scholar 

  10. Hill, R., Hirsch, L., Lake, P., Moshiri, S.: Guide to Cloud Computing: Principles and Practice. Springer (2012)

    Google Scholar 

  11. Al-Aqrabi, H., Hill, R., Lane, P., Aagela, H.: Securing manufacturing intelligence for the industrial internet of things. In: Fourth international congress on information and communication technology. pp 267–282. Springer (2020)

  12. Alsboui, T., Qin, Y., Hill, R., Al-Aqrabi, H.: Towards a scalable iota tangle-based distributed ntelligence approach for the internet of things. In: Science and information conference, pp 487–501. Springer (2020)

  13. Alsboui, T., Qin, Y., Hill, R., Al-Aqrabi, H.: Distributed intelligence in the internet of things: challenges and opportunities. SN Comput. Sci. 2(4), 277 (2021)

    Article  Google Scholar 

  14. Da Li, X., He, W., Li, S.: Internet of things in industries: a survey. IEEE Trans. Ind. Inf. 10(4), 2233–2243 (2014)

    Article  Google Scholar 

  15. Wasef, A., Shen, X.: Emap: expedite message authentication protocol for vehicular ad hoc networks. IEEE Trans. Mob. Comput. 12(1), 78–89 (2011)

    Article  Google Scholar 

  16. Ferrag, M.A., Maglaras, L., Derhab, A., Janicke, H.: Authentication schemes for smart mobile devices: threat models, countermeasures, and open research issues. Telecommun. Syst. 73(2), 317–348 (2020)

    Article  Google Scholar 

  17. Hada, S., Maruyama, H.: Session authentication protocol for web services. In: Proceedings 2002 symposium on applications and the internet (SAINT) workshops, pages 158–165. IEEE (2002)

  18. Darabian, H., Dehghantanha, A., Hashemi, S., Homayoun, S., Choo, K.K.: An opcode-based technique for polymorphic internet of things malware detection. Concurr. Comput. Pract. Exp. 32(6), e5173 (2020)

    Article  Google Scholar 

  19. Ferrag, M.A., Maglaras, L.A., Janicke, H., Jiang, J., Shu, L.: Authentication protocols for internet of things: a comprehensive survey. Secur. Commun. Netw. (2017)

  20. Zhang, L., Chuanyan, H., Qianhong, W., Domingo-Ferrer, J., Qin, B.: Privacy-preserving vehicular communication authentication with hierarchical aggregation and fast response. IEEE Trans. Comput. 65(8), 2562–2574 (2015)

    Article  MathSciNet  Google Scholar 

  21. Li, H., Rongxing, L., Zhou, L., Yang, B., Shen, X.: An efficient merkle-tree-based authentication scheme for smart grid. IEEE Syst. J. 8(2), 655–663 (2013)

    Article  ADS  Google Scholar 

  22. Jan, M., Nanda, P., Usman, M., He, X.: Pawn: a payload-based mutual authentication scheme for wireless sensor networks. Concurr. Comput. Pract. Exp. 29(17), e3986 (2017)

    Article  Google Scholar 

  23. Bernstein, D., Vij, D.: Intercloud security considerations. In 2010 IEEE second international conference on cloud computing technology and science, pages 537–544. IEEE (2010)

  24. Zubair, A.A., et al.: A cloud computing-based modified symbiotic organisms search algorithm (ai) for optimal task scheduling. Sensors 22(4), 1674 (2022)

    Article  ADS  PubMed  PubMed Central  Google Scholar 

  25. Liu, L., Gao, J.: An organization-oriented model for federated indentity management and its application. In: 2008 6th IEEE international conference on industrial informatics. pp 197–202 (2008)

  26. Krautheim, F.J.: Building Trust into Utility Cloud Computing. University of Maryland, Baltimore County (2010)

    Google Scholar 

  27. Khan, K.M., Malluhi, Q.: Establishing trust in cloud computing. IT Professional 12(5), 20–27 (2010)

    Article  Google Scholar 

  28. Huang, J., Nicol, D.M.: Trust mechanisms for cloud computing. J. Cloud Comput. Adv. Syst. Appl. 2(1), 1–14 (2013)

    Article  CAS  Google Scholar 

  29. Xiaonian, W., Zhang, R., Zeng, B., Zhou, S.: A trust evaluation model for cloud computing. Proc. Comput. Sci. 17, 1170–1177 (2013)

    Article  Google Scholar 

  30. Celesti, A., Tusa, F., Villari, M., Puliafito, A.: Security and cloud computing: intercloud identity management infrastructure. In 2010 19th IEEE international workshops on enabling technologies: infrastructures for collaborative enterprises, pp 263–265. IEEE (2010)

  31. Sharma, R., Joshi, B.: H-ibe: Hybrid-identity based encryption approach for cloud security with outsourced revocation. In: 2016 International conference on signal processing, communication, power and embedded system. pp 1192–1196. IEEE (2016)

  32. Schridde, C., Dörnemann, T., Juhnke, E., Freisleben, B., Smith, M.: An identity-based security infrastructure for cloud environments. In 2010 IEEE International conference on wireless communications, networking and information security, pp 644–649. IEEE (2010)

  33. Al-Aqrabi, H., Hill, R.: Dynamic multiparty authentication of data analytics services within cloud environments. In 2018 IEEE 20th International conference on high performance computing and communications. In: IEEE 16th international conference on smart city; IEEE 4th international conference on data science and systems (HPCC/SmartCity/DSS), pp 742–749. IEEE (2018)

  34. Dai, Q., Zhao, X., Xu, Q., Jiang, H.: A new cross-realm group password-based authenticated key exchange protocol. In: 2011 Seventh international conference on computational intelligence and security. pp 856–860. IEEE (2011)

  35. Xu, J., Zhang, D., Liu, L., Li, X.: Dynamic authentication for cross-realm soa-based business processes. IEEE Trans. Serv. Comput. 5(1), 20–32 (2010)

    Article  Google Scholar 

  36. Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of things (iot): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2013)

    Article  Google Scholar 

  37. Al-Fuqaha, A., Guizani, M., Mohammadi, M., Aledhari, M., Ayyash, M.: Internet of things: a survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 17(4), 2347–2376 (2015)

    Article  Google Scholar 

  38. Uckelmann, D., Harrison, M., Michahelles, F.: An architectural approach towards the future internet of things. In Architecting the internet of things, pages 1–24. Springer, (2011)

  39. Want, R., Schilit, B.N., Jenson, S.: Enabling the internet of things. Computer 48(1), 28–35 (2015)

    Article  Google Scholar 

  40. Balachandran, B.M., Prasad, S.: Challenges and benefits of deploying big data analytics in the cloud for business intelligence. Proc. Comput. Sci. 112, 1112–1122 (2017)

    Article  Google Scholar 

  41. JinJing, Q., Vasilakos, A.V., Wan, J., Lu, J., Qiu, D.: Security of the internet of things: perspectives and challenges. Wireless Netw. 20(8), 2481–2501 (2014)

  42. Al-Aqrabi, H., Johnson, A.P., Hill, R., Lane, P., Liu, L.: A multi-layer security model for 5g-enabled industrial internet of things. In: International conference on smart city and informatization. pp 279–292. Springer (2019)

  43. Saadeh, M., Sleit, A., Qatawneh, M., Almobaideen, W.: Authentication techniques for the internet of things: a survey. In: 2016 cybersecurity and cyberforensics conference. pp 28–34. IEEE (2016)

  44. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: 2010 Proceedings IEEE INFOCOM. pp 1–9. IEEE (2010)

  45. Chadwick, D.W., Fatema, K.: A privacy preserving authorisation system for the cloud. J. Comput. Syst. Sci. 78(5), 1359–1373 (2012)

    Article  Google Scholar 

  46. Yan, Z., Zhang, P., Vasilakos, A.V.: A survey on trust management for internet of things. J. Netw. Comput. Appl. 42, 120–134 (2014)

    Article  Google Scholar 

  47. Sadeghi, A.R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: 2015 52nd ACM/EDAC/IEEE design automation conference. pp 1–6. IEEE (2015)

  48. Li, H., Dai, Y., Tian, L., Yang, H.: Identity-based authentication for cloud computing. In: IEEE international conference on cloud computing. pp 157–166. Springer (2009)

  49. Cimatti, A., Clarke, E., Giunchiglia, F., Roveri, M.: Nusmv: a new symbolic model checker. Int. J. Softw. Tools Technol. Transf. 2(4), 410–425 (2000)

    Article  Google Scholar 

  50. Inc. OPNET Technologies. The opnet simulator. http://www.opnet.com

  51. Ambre, A., Shekokar, N.: Insider threat detection using log analysis and event correlation. Proc. Comput. Sci. 45, 436–445 (2015)

    Article  Google Scholar 

  52. Yusop, Z.M., Abawajy, J.: Analysis of insiders attack mitigation strategies. Proc. Soc. Behav. Sci. 129, 581–591 (2014)

    Article  Google Scholar 

  53. Gonzales, D., Kaplan, J.M., Saltzman, E., Winkelman, Z., Woods, D.: Cloud-trust-a security assessment model for infrastructure as a service (iaas) clouds. IEEE Trans. Cloud Comput. 5(3), 523–536 (2015)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Information Science, Higher Colleges of Technology, Sharjah, UAE

    Hussain Al-Aqrabi & Ahmed M. Manasrah

  2. Computer Sciences Department, Yarmouk University, Irbid, Jordan

    Ahmed M. Manasrah

  3. Department of Computer Science, University of Huddersfield, Huddersfield, UK

    Richard Hill

  4. Faculty of Computer and Information Technology, Jordan University of Science and Technology, Irbid, Jordan

    Mohammed Q. Shatnawi

  5. College of Engineering, Al Ain University, Abu Dhabi, UAE

    Mohammad Sh Daoud

  6. Engineering Department and Research Institute, New York University, Abu Dhabi, UAE

    Hoda Alkhzaimi

Authors
  1. Hussain Al-Aqrabi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ahmed M. Manasrah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Richard Hill
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Mohammed Q. Shatnawi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mohammad Sh Daoud
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Hoda Alkhzaimi
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

HA contributed to conceptualization, methodology, investigation, validation, supervision, and writing—original draft, and provided software. RH was involved in conceptualization, investigation, supervision, and writing—review and editing. HA, AHM, and ME contributed to project administration, visualization, and writing—review and editing. MSD and HA were involved in investigation, visualization, and writing—review and editing. All authors have read and agreed to the published version of the manuscript.

Corresponding author

Correspondence to Hussain Al-Aqrabi.

Ethics declarations

Conflict of interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Ethical approval

This article does not include studies with human participants or animals conducted by any of the authors. The authors state that all experiments and research outlined in this manuscript adhere to ethical standards.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Al-Aqrabi, H., Manasrah, A.M., Hill, R. et al. Dynamic authentication for intelligent sensor clouds in the Internet of Things. Int. J. Inf. Secur. (2024). https://doi.org/10.1007/s10207-024-00829-9

Download citation

  • Published:

  • DOI: https://doi.org/10.1007/s10207-024-00829-9

Keywords

Search

Navigation