Enhancement of Security in the Internet of Things (IoT) by Using X.509 Authentication Mechanism

  • S. KarthikeyanEmail author
  • Rizwan Patan
  • B. Balamurugan
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 524)


Internet of Things (IoT) is the interconnection of physical entities to be combined with embedded devices like sensors, activators connected to the Internet which can be used to communicate from human to things for the betterment of the life. Information exchanged among the entities or objects, intruders can attack and change the sensitive data. The authentication is the essential requirement for security giving them access to the system or the devices in IoT for the transmission of the messages. IoT security can be achieved by giving access to authorized and blocking the unauthorized people from the internet. When using traditional methods, it is not guaranteed to say the interaction is secure while communicating. Digital certificates are used for the identification and integrity of devices. Public key infrastructure uses certificates for making the communication between the IoT devices to secure the data. Though there are mechanisms for the authentication of the devices or the humans, it is more reliable by making the authentication mechanism from X.509 digital certificates that have a significant impact on IoT security. By using X.509 digital certificates, this authentication mechanism can enhance the security of the IoT. The digital certificates have the ability to perform hashing, encryption and then signed digital certificate can be obtained that assures the security of the IoT devices. When IoT devices are integrated with X.509 authentication mechanism, intruders or attackers will not be able to access the system, that ensures the security of the devices.


Internet of Things Authentication Security Digital certificates X.509 digital certificate Authentication 


  1. 1.
    Heer, T., Garcia-Morchon, O., Hummen, R., Keoh, S. L., Kumar, S. S., & Wehrle, K. (2011). Security Challenges in the IP-based Internet of Things. Wireless Personal Communications, 61(3), 527–542.CrossRefGoogle Scholar
  2. 2.
    Liu, J., Yang, X., & Philip Chen, C. L. (2012). Authentication and access control in the internet of things. In 2012 32nd International Conference on Distributed Computing Systems Workshops (ICDCSW), (pp. 588–592). IEEE.Google Scholar
  3. 3.
    Suo, H., Wan, J., Zou, C., Liu, J. (2012). Security in the internet of things: A review. In 2012 International Conference on Computer Science and Electronics Engineering.Google Scholar
  4. 4.
    Alrawais, A., Abdulrahman A., & Xiuzhen C. (2015). X. 509 Check: A Tool to Check the Safety and Security of Digital Certificates. In 2015 International Conference on Identification, Information, and Knowledge in the Internet of Things (IIKI) (pp. 130–133). IEEE.Google Scholar
  5. 5.
    Ranjan, A. K., Kumar, V., & Hussain, M. (2014). Security analysis of TLS authentication. In Proceedings of the International Conference on Contemporary Computing and Informatics (IC3I) (pp. 1356–1360), November 2014.Google Scholar
  6. 6.
    Sciancalepore, S., Student Member, IEEE, Piro, G., Member, IEEE, Boggia, G., Senior Member, IEEE, & Bianchi, G., Public Key Authentication and Key agreement in IoT devices with minimal airtime consumption.Google Scholar
  7. 7.
    Zhao, K., & Lina G. (2013). A survey on the internet of things security. In 2013 9th International Conference on Computational Intelligence and Security (CIS) (pp. 663–667). IEEE.Google Scholar
  8. 8.
    Zhang, Z. K., Cho, M. C. Y., Wang, C. W., Hsu, C. W., Chen, C. K. & Shieh, S. (2014, November) IoT security: ongoing challenges and research opportunities. In 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications (SOCA), (pp. 230–234). IEEE.Google Scholar
  9. 9.
    Xu, X. (2013). Study on security problems and key technologies of the internet of things. In 2013 Fifth International Conference on Computational and Information Sciences (ICCIS) (pp. 407–410), 21–23 June 2013.
  10. 10.
    Zolanvari, M., & Jain, R. (2015). IoT Security: A Survey.Google Scholar
  11. 11.
    Gurpreet Singh, M., Upadhyay, P., & Chaudhary, L. (2014). The internet of things: challenges & security issues. In 2014 International Conference on Emerging Technologies (ICET) (pp. 54–59). IEEE.Google Scholar
  12. 12.
    Kim, E., Kaspar, D., Chevrollier, N., & Vasseur, J. P. (2011). Design and application spaces for 6LoWPANs draft-ietf-6lowpan-usecases-09, January 2011.Google Scholar
  13. 13.
    Perrig, A., Szewczyk, R., Wen, V., Culler, D., & Tygar, J. D. (2002). Spins: Security protocols for sensor networks. Wireless Networks Journal (2002).Google Scholar
  14. 14.
    Park, Chang-Seop. (2017). A secure and efficient ECQV implicit certificate issuance protocol for the internet of things applications. IEEE Sensors Journal, 17(7), 2215–2223.CrossRefGoogle Scholar
  15. 15.
    Roman, R., Najera, P., & Lopez, J. (2011). Securing the internet of things. Computer, 44(9), 51–58.CrossRefGoogle Scholar
  16. 16.
  17. 17.
    Sanyal, S., Tiwari, A., Sanyal, S. (2010). A multifactor secure authentication system for wireless payment. In Emergent web intelligence: Advanced information retrieval, C. Richard et al. (Ed.) 1st ed. Chapter 13, (Vol. XVI, pp. 341–369). Springer Verlag London Limited. Scholar
  18. 18.
    Granlund, D., Åhlund, C., Holmlund, P. (2015). EAP-Swift: An efficient authentication and key generation mechanism for resource constrained WSNs. International Journal of Distributed Sensor Networks, 2015 Article ID 460914.Google Scholar
  19. 19.
    Borgohain, T., Amardeep, B., Kumar, U., & Sanyal, S. (2015). Authentication systems in Internet of Things. arXiv:1502.00870.
  20. 20.
    Acharya, S., Polawar, A., Pawar, P. (2013). Two factor authentication using smartphone generated one time password. IOSR Journal of Computer Engineering (IOSR-JCE), 11(2), 85–90.CrossRefGoogle Scholar
  21. 21.
    Chau, S.Y., Omar, C., Endadul, H., Huangyi, G., Aniket, K., Cristina, N.-R., et al. (2017). SymCerts: practical symbolic execution for exposing noncompliance in X. 509 certificate validation implementations. In 2017 IEEE Symposium on Security and Privacy (SP) (pp. 503–520). IEEE.Google Scholar
  22. 22.
    Blake, I., Seroussi, G., & Smart, N. (1999). Elliptic curves in cryptography. Cambridge University Press.Google Scholar
  23. 23.
  24. 24.
    Suresh, K., Rizwan, P. & RajasekharaBabu, M. (2016). EEIoT: Energy efficient mechanism to leverage the internet of things (IoT). In IEEE International Conference on Emerging Technological Trends, Kollam, India (pp. 14–22).Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.School of Computing Science and EngineeringGalgotias UniversityGreater NoidaIndia

Personalised recommendations