TCpC: a graphical password scheme ensuring authentication for IoT resources

In last few years, information world has come across one of the most appealing paradigms, namely Internet-of-Things (IoT). Both the industry as well as the academia is fascinated by the open issues and research challenges of Internet-of-Things. The enormity in the development, expansion, and advantages of the paradigm is unbelievable, and this results in the transition of the information world to this paradigm. At the same time, it raises the security concerns along with many other open issues towards the paradigm. This paper specifically focuses on the confidentiality component out of the three components of security triad, namely confidentiality, integrity and availability. Although researchers have high interest towards all the three components, but the questions posed by many researchers, academicians and end users raise major issues over ‘confidentiality’. Confidentiality is all about guaranteeing the authentic access to a piece of information or a service or even a resource, to a particular individual or computing device. The resource in question may be one of the resources of an IoT system. This can be achieved by deploying some authentication techniques. Here we discuss various types of authentication techniques, purposely putting our emphasis on one of the well-known authentication technique, viz. passwords. This work reviews the existing techniques, their drawbacks and claimed advantages of the upcoming password techniques. It also surveys some of the supportive methods for the naïve users of password techniques. This paper aims at classifying, comparing and encapsulating the problems, demanded solutions and suggestions from relevant published technical and review articles in the field of authentication. This paper particularly highlights graphical password schemes. This proposes a naïve graphical password scheme to assure the authentic access of IoT resources, namely TCpC. At the end we have mentioned the advantages of TCpC over other authentication schemes. We have also compared and analyzed the different proposed password schemes with our technique. © 2018, Bharati Vidyapeeth's Institute of Computer Applications and Management.