Abstract
The need to establish a secure communication for most applications of Internet of Things (IoT) has become increasingly crucial. Nevertheless, one of the major issues of such networks is how to establish cryptographic keys between all IoT objects to ensure secure data exchange. Several key management schemes have been suggested in the literature to achieve this goal, but they must be revised and innovated, while taking into account the limited resources of IoT objects. Likewise, the IoT presents a system where objects belonging to the physical world, are connected to the Internet, and have the capacity to measure, communicate, and act around all over the world. Nevertheless, some information available to IoT objects is private, hence the need to ensure an access control whose aim is to guarantee that the information be accessible only to those whose the access is allowed. In this paper, we propose a scheme involving two basic modules, namely key management, and access control. The key management module is designed to ensure both the generation and storage of symmetric keys for IoT objects in a completely distributed manner without resorting to a central authority. In contrast, the access control module is used to impose an access control policy so as to prevent unauthorized access to services provided by a particular IoT object. The latter is ensured thanks to the existing cooperation between the TGOs servers of different domains in the IoT. Through assessments based on security analysis, we demonstrate that the proposed scheme is more secure than the existing ones. Simulations were also performed to validate the proposed solution by comparing it with some relevant concurrent schemes. The obtained results are not only encouraging, but also very favorable for the proposed scheme.
Similar content being viewed by others
References
Abdmeziem, R., Tandjaoui, D.: A lightweight key management scheme for e-health applications in the context of Internet of Things. In: Proceedings of the International Conference on Next Generation Computing and Communication Technologies, pp. 47–52 (2014)
Abdmeziem, R., Tandjaoui, D.: A cooperative end to end key management scheme for e-health applications in the context of Internet of Things. Comput. Electr. Eng. 44, 184–197 (2015)
Anggorojati, B., Mahalle, P.N., Prasad, N.R., Prasad, R.: Capability-based access control delegation model on the federated IoT network. In: Proceedings of the 15th International Symposium on Wireless Personal Multimedia Communications, pp. 604–608 (2012)
Bairagi, A.K., Chakroborti, D.: Trust based d2d communications for accessing services in Internet of Things. In: Proceedings of the 18th International Conference on Computer and Information Technology, pp. 50–54 (2015)
Billet, B., Issarny, V.: From task graphs to concrete actions: a new task mapping algorithm for the future Internet of Things. In: Proceedings of the 11th International Conference on Mobile Ad Hoc and Sensor Systems, pp. 470–478 (2014)
Bin, S., Yuan, L., Xiaoyi, W.: Research on data mining models for the internet of things. In: Proceedings of the International Conference on Image Analysis and Signal Processing, pp. 127–132 (2010)
Borgia, E., Gomes, D.G., Legesse, B., Lead, R., Puccinelli, D.: Special issue on internet of things: research challenges and solutions. Comput. Commun. 89-90, 1–4 (2016)
Cao, Q., Li, Y., Wu, Z., Miao, Y., Liu, J.: Privacy-preserving conjunctive keyword search on encrypted data with enhanced fine-grained access control. World Wide Web 23, 959–989 (2020)
Capkun, S., Buttyán, L., Hubaux, J.P.: Small worlds in security systems: an analysis of the PGP certificate graph. In: Proceedings of the 2002 Workshop on New Security Paradigms, pp. 28–35 (2002)
Challal, Y.: Sécurité de l’Internet des Objets : vers une approche cognitive et systémique. Réseaux et télécommunications [cs.NI]. Université de Technologie de Compiègne, <tel-00866052>(2012)
Chen, D., Chang, G., Sun, D., Jia, J., Wang, X.: Lightweight key management scheme to enhance the security of Internet of Things. Wireless and Mobile Computing 5(2), 191–198 (2012)
Chen, S., Xu, H., Liu, D., Hu, B., Wang, H.: A vision of iot: applications, challenges, and opportunities with China perspective. IEEE Internet Things J. 1(4), 349–359 (2014)
Conti, F., Palossi, D., Andri, R., Magno, M., Benini, L.: Accelerated visual context classification on a low-power smartwatch. IEEE Transactions on Human-Machine Systems 47(1), 19–30 (2017)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions in Information Theory 22(6), 644–654 (1976)
Esposito, C., Ficco, M., Castiglione, A., Palmieri, F., De Santis, A.: Distributed group key management for event notification confidentiality among sensors. IEEE Transactions on Dependable and Secure Computing 17(3), 566–580 (2020)
Ferraiolo, D., Cugini, J., Kuhn, R.: Role-based access control (RBAC): features and motivations. In: Proceedings of the 11th Annual Computer Security Application Conference, pp. 241–248 (1995)
Haripriya, A.P., Kulothungan, K.: ECC based self-certified key management scheme for mutual authentication in Internet of Things. In: Proceedings of the International Conference on Emerging Technological Trends, pp. 1–6 (2016)
Heinzelman, W., Chandrakasan, A., Balakrishnan, H.: Energy-efficient communication protocol for wireless microsensor networks. In: Proceedings of the 33rd Annual Hawaii International Conference on System Sciences, pp. 3005–3014 (2000)
Hong, S., Kim, H.I., Chang, J.W.: An efficient key management scheme for user access control in outsourced databases. World Wide Web 20(3), 467–490 (2016)
Hong, S., Kim, H., Chang, J.: An efficient key management scheme for user access control in outsourced databases. World Wide Web 20, 467–490 (2017)
Iqbal, A., Bayoumi, M.: Secure end-to-end key establishment protocol for resourceconstrained healthcare sensors in the context of IoT. In: Proceedings of the International Conference on High Performance Computing and Simulation, vol. 85, pp. 523–530 (2016)
Islam, S.H., Biswas, G.P.: Design of improved password authentication and update scheme based on elliptic curve cryptography. Math. Comput. Model 57 (11-12), 2703–2717 (2011)
Jisha, C.T., Mamatha, B., Derroll, D.: Survey on internet of things (IoT): security issues and countermeasures. Int. J. Engineering Trends Technol. 46(5), 273–277 (2017)
Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48, 203–209 (1987)
Li, M., Sun, X., Wang, H., Zhang, Y., Zhang, J.: Privacy-aware access control with trust management in web service. World Wide Web 14, 407–430 (2011)
Li, S., Tryfonas, T., Li, H.: The internet of things: a security point of view. Internet Research 26(2), 337–359 (2016)
Miller, V.: Uses of elliptic curves in cryptography. In: Advances in Cryptology, Crypto 85, Springer Verlag LNCS, vol. 218, pp. 417–426 (1986)
Miloslavskaya, N., Tolstoy, A.: Internet of things: information security challenges and solutions. Clust. Comput., 1–17 (2018)
Nasiraee, H., Ashouri-Talouki, M.: Anonymous decentralized attribute-based access control for cloud-assisted IoT. Futur. Gener. Comput. Syst. 110, 45–56 (2020)
Nguyen, K.T., Laurent, M., Oualha, N.: Survey on secure communication protocols for the Internet of Things. Ad Hoc Netw. 32, 17–31 (2015)
Palma, D., Agudo, J.E., Sánchez, H., Macías, M.M.: An Internet of Things example: classrooms access control over near field communication. Sensors 14(4), 6998–7012 (2014)
Patel, S., Patel, D.R., Navik, A.P.: Energy efficient integrated authentication and access control mechanisms for Internet of Things. In: Proceedings of the International Conference on Internet of Things and Applications, pp. 304–309 (2016)
Pereira, C.S., Augusto, A.B., Correia, R.C., Correia, M.E.: A secure RBAC mobile agent access control model for healthcare institutions. In: Proceedings of the 26th IEEE International Symposium on Computer-Based Medical Systems, pp. 349–354 (2013)
Porambage, P., Braeken, A., Kumar, P., Gurtov, A., Ylianttila, M.: Efficient key establishment for constrained IoT devices with collaborative HIPbased approach. In: Proceedings of IEEE Global Communications Conference (GLOBECOM), pp. 1–6 (2015)
Porambage, P., Braeken, A., Schmitt, C., Gurtov, A., Ylianttila, M., Stiller, B.: Group key establishment for enabling secure multicast communication in wireless sensor networks deployed for IoT applications. IEEE Journals and Magazines 24, 1–8 (2015)
Ramos, J.L.H., Jara, A.J., Marín, L., Skarmeta, A.F.: Distributed capability-based access control for the Internet of Things. Journal of Internet Services and Information Security 3(3/4), 1–16 (2013)
Ren, K., Li, T., Wan, Z., Bao, F., Deng, R.H., Kim, K.: Highly reliable trust establishment scheme in ad hoc networks. Comput. Netw. 45(6), 687–699 (2004)
Rivera, D., Piris, L.C., Civera, G.L., Hoz, E.D.L., Maestre, I.M.: Applying an unified access control for IoT-based intelligent agent systems. In: Proceedings of the 8th International Conference on Service-Oriented Computing and Applications, pp. 247–251 (2015)
Salunke, D., Upadhyay, A., Sarwade, A., Marde, V., Kandekar, S.: A survey paper on role based access control. International Journal of Advanced Research in Computer and Communication Engineering 2(3), 1340–1342 (2013)
Sciancalepore, S., Capossele, A., Piro, G., Boggia, G., Bianchi, G.: Key management protocol with implicit certificates for IoT systems. In: Proceedings of the 2015 Workshop on IoT challenges in Mobile and Industrial Systems, vol. 2, pp. 37–42. ACM (2015)
Seitz, L., Selander, G., Gehrmann, C.: Authorization framework for the Internet of Things. In: Proceedings of the 14th International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 1–6 (2013)
Shafagh, H., Hithnawi, A.: Poster abstract: security comes first, a public-key cryptography framework for the Internet of Things. In: Proceedings of the IEEE International Conference on Distributed Computing in Sensor Systems, pp. 135–136 (2014)
Singh, S., Malik, M.: Iot with advance uses and limitations of smart object. International Journal of Engineering Applied Sciences and Technology 1 (10), 48–50 (2016)
Tseng, Y.M., Yang, C.C., Liao, D.R.: A secure group communication protocol for ad hoc wireless networks. In: Advances in Wireless Ad Hoc and Sensor Networks. Signals and Communication Technology, pp. 103–131. Springer, Boston (2008)
Veltri, L., Cirani, S., Busanelli, S., Ferrari, G.: A novel batch-based group key management protocol applied to the Internet of Things. Ad Hoc Networks, 2724–2737 (2013)
Xue, N., Liang, L., Zhang, J., Huang, X.: An access control system for intelligent buildings. In: Proceedings of the 9th EAI International Conference on Mobile Multimedia Communications, pp. 11–17 (2016)
Yan, H., Wang, Y., Jia, C., Li, J., Xiang, Y., Pedrycz, W.: IoT-FBAC: function-based access control scheme using identity-based encryption in IoT. Futur. Gener. Comput. Syst. 95, 344–353 (2019)
Ye, N., Zhu, Y., Wang, R.C., Reza, M., Lin, Q.M.: An efficient authentication and access control scheme for perception layer of Internet of Things. Applied Mathematics & Information Sciences 8(4), 1617–1624 (2014)
Yu, H., He, J., Zhang, T., Xiao, P.: A group key distribution scheme for wireless sensor networks in the Internet of Things scenario. International Journal of Distributed Sensor Networks. Article ID 813594, 1–12 (2012)
Yu, J., Kim, M., Bang, H.C., Bae, S.H., Kim, S.J.: Iot as a applications: cloud-based building management systems for the internet of things. Multimedia Tools and Applications 75(22), 14583–14596 (2016)
Zhang, G., Tian, J.: An extended role based access control model for the Internet of Things. In: Proceedings of the International Conference on Information. Networking and Automation, vol. 1, pp. 319–323 (2010)
Acknowledgments
This work was carried out in the framework of the research activities of the LIMED (laboratory of Medical Computing) laboratory, which is affiliated to the faculty of exact sciences of the university of Bejaia and the LIGM laboratory of the University of Gustave Eiffel, France. It has been sponsored by the General Directorate for Scientific Research and Technological Development, Ministry of Higher Education and Scientific Research (DGRSDT), Algeria.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article belongs to the Topical Collection: Special Issue on Security and Privacy in Network Computing
Guest Editors: Xiaohong Jiang, Yongzhi Wang, Tarik Taleb, and Hua Wang
Rights and permissions
About this article
Cite this article
Mohammedi, M., Omar, M., Zamouche, D. et al. Energy-aware key management and access control for the Internet of things. World Wide Web 24, 1089–1120 (2021). https://doi.org/10.1007/s11280-020-00861-4
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11280-020-00861-4