Modern Authentication Schemes in Smartphones and IoT Devices: An Empirical Survey

被引:16
作者
Ahvanooey, Milad Taleby [1 ]
Zhu, Mark Xuefang [1 ]
Li, Qianmu [2 ,3 ]
Mazurczyk, Wojciech [4 ]
Choo, Kim-Kwang Raymond [5 ]
Gupta, Birij B. [6 ,7 ,8 ]
Conti, Mauro [9 ,10 ]
机构
[1] Nanjing Univ, Sch Informat Management, Nanjing 210023, Peoples R China
[2] Nanjing Univ Sci & Technol, Sch Cyber Sci & Engn, Nanjing 210094, Peoples R China
[3] Wuyi Univ, Sch Intelligent Mfg, Hangmen 529020, Peoples R China
[4] Warsaw Univ Technol, Inst Comp Sci, PL-00661 Warsaw, Poland
[5] Univ Texas San Antonio, Dept Informat Syst & Cyber Secur, San Antonio, TX 78249 USA
[6] Natl Inst Technol, Dept Comp Engn, Kurukshetra 136119, Haryana, India
[7] Asia Univ, Dept Comp Sci & Informat Engn, Taichung 413, Taiwan
[8] Staffordshire Univ, Sch Digital Technol & Arts, Stoke On Trent ST4 2DE, Staffs, England
[9] Univ Padua, Dept Math, I-35131 Padua, Italy
[10] Delft Univ Technol, Fac Elect Engn Math & Comp Sci, NL-2628 CD Delft, Netherlands
来源
IEEE INTERNET OF THINGS JOURNAL | 2022年 / 9卷 / 10期
关键词
Internet of Things; Passwords; Smart phones; Electronic mail; Intelligent sensors; Computer crime; Servers; Authentication schemes (ASs); biometrics; cracking attacks; graphical passwords; Internet of Things (IoT); password security; ONE-TIME PASSWORD; USER AUTHENTICATION; LIGHTWEIGHT AUTHENTICATION; BIOMETRIC AUTHENTICATION; MULTIMODAL APPROACH; SMART ENVIRONMENTS; DEFENSE-MECHANISMS; LIVENESS DETECTION; REPLAY ATTACKS; INTERNET;
D O I
10.1109/JIOT.2021.3138073
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, Web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardware and/or software constraints of IoT devices. The increasing popularity and pervasiveness of IoT equipment in a broad range of settings reinforces the importance of ensuring the security and privacy of IoT devices. Therefore, in this article, we conduct a comprehensive literature review and an empirical study to gain an in-depth understanding of the different authentication schemes as well as their vulnerabilities and deficits against various types of cyberattacks when applied in IoT-based systems. Based on the identified limitations, we recommend several mitigation strategies and discuss the practical implications of our findings.
引用
收藏
页码:7639 / 7663
页数:25
相关论文
共 207 条
[51]  
databreachtoday, DTSCH TELEKOM ROUTER
[52]   True2F: Backdoor-resistant authentication tokens [J].
Dauterman, Emma ;
Corrigan-Gibbs, Henry ;
Mazieres, David ;
Boneh, Dan ;
Rizzo, Dominic .
2019 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2019), 2019, :398-416
[53]   Securing web applications from injection and logic vulnerabilities: Approaches and challenges [J].
Deepa, G. ;
Thilagam, P. Santhi .
INFORMATION AND SOFTWARE TECHNOLOGY, 2016, 74 :160-180
[54]   A lightweight biometrics based remote user authentication scheme for IoT services [J].
Dhillon, Parwinder Kaur ;
Kalra, Sheetal .
JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, 2017, 34 :255-270
[55]  
distributed, PROJEKT RC5 72
[56]   The governance of smart mobility [J].
Docherty, Iain ;
Marsden, Greg ;
Anable, Jillian .
TRANSPORTATION RESEARCH PART A-POLICY AND PRACTICE, 2018, 115 :114-125
[57]   A Survey of Internet of Things (IoT) Authentication Schemes [J].
El-hajj, Mohammed ;
Fadlallah, Ahmad ;
Chamoun, Maroun ;
Serhrouchni, Ahmed .
SENSORS, 2019, 19 (05)
[58]  
elie, OVH DDOS ATTACK
[59]   OTPaaS-One Time Password as a Service [J].
Erdem, Emir ;
Sandikkaya, Mehmet Tahir .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2019, 14 (03) :743-756
[60]   Blockchain-based authentication and authorization for smart city applications [J].
Esposito, Christian ;
Ficco, Massimo ;
Gupta, Brij Bhooshan .
INFORMATION PROCESSING & MANAGEMENT, 2021, 58 (02)
12345678910