A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles
Abstract
:1. Introduction
1.1. Key Security Issues in IoV
- Illegitimate identities where it is imperative to conduct a verification of key identities during authentication.
- Unauthorized access where it is important to verify the authenticity of a use accessing the cloud server or IoT device.
1.2. Contributions
- The paper proposes a Multi-Factor Blockchain-based authentication model that uses an embedded Digital Signature (MFBC_eDS) for vehicular clouds and Cloud-enabled IoV.
- The suggested MFA Scheme combines and integrates a number of aspects in order to harden key authentication techniques. For example, SSO and SAML are key aspects that have been used to enhance authentication of IoT systems in the cloud. The security strength of the proposed approach shows that it satisfies the principle of data confidentiality and integrity, two cardinal components of the security of IoV.
- An embedded probabilistic polynomial Time Algorithm (ePPTA) with an additional hash function has been suggested that not only compliments the existing schemes but also hardens based on existing weaknesses, while it is applicable in an IoV-based environment.
- This study concentrates on addressing the degree of resistant-precisely on the possible failure of the mutual authentication phase, once is generated.
1.3. Organization
2. Background
2.1. Multi-Factor Authentication
2.2. Single-Sign On
2.3. Vehicular Cloud
3. Related Work
4. Methodology
- a set of connected smart vehicles;
- a peer-to-peer (blockchain-based topology) and IoT-to-Cloud network connected by multiple cloud service providers;
- a public Cloud infrastructure.
- 1.
- Initial Registration: when a vehicle joins the network and first participates in the system, it is asked to generate a hash-chain for the initial registration.
- 2.
- Update the hash-chain Information: using one-time passwords, the vehicle periodically changes their hash-chains, so they need to contact the service provider to generate a new chain to establish a communication with the cloud.
- 3.
- Communication establishes: a secure data channel is established (authenticated), V2V and V2C take place.
Approaches Based on Karla and Sood’s Scheme
- Registration: submits
- Pre-Computation Time PhaseOnce obtains the authenticating key CK, it becomes paramount that this can be used in the message computation that is required to be authenticated. A random number is selected, which uses the authentication key CK for computation as follows:
- Authentication PhaseAfter the server, , it proceeds to such using , and it can find the desired record using the private key and expiration time and the computation is as follows:
5. Proposed Lightweight MFA Scheme
5.1. Assumptions Based on the Dolev–Yao Adversary Model
- Confidential or secret information being transmitted can be obtained through a passive attack process such as eavesdropping.
- An adversary can easily interfere with communication between two parties in a connected smart city or IoT environment.
- Sensor nodes can be interfered with or compromised in a bid to extract sensor data which can further compromise the confidentiality.
- Modification/tampering of digital information, a process which can compromise the integrity, potentially, and the availability of the data.
5.2. MFA Scheme
- First: check the .P. If it matches, continues if the condition is satisfied. It rejects the request and cancels the authentication process.
- Second: now retrieves as and generates , where the current timestamp is , to send a key to establish a request to .
5.2.1. MFA Key-Agreement Phases
- Step 1: Authentication Request. User P (IoT device) instantiates a communication link to the server, S, by sending the requisite identification parameters ().
- Step 2: Registration with ePPTA and Computation. Server generates and , which acts as a private key based on the following ePPTA mechanism.
- –
- An embedded Probabilistic polynomial Time Algorithm is applied to the and a new Hash for every
- –
- A common session key is generated by both parties by relying on
- Step 3: Authentication Phase. Server transmits to ID and it is able to get any record
5.2.2. MFA Based on ePPTA
6. Discussion
6.1. Confidentiality
6.2. Data Integrity
6.3. Distributed Attacks
7. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Acknowledgments
Conflicts of Interest
Abbreviations
ICT | Information and Communication Technology |
IoV | Internet-of-Vehicle |
Multi-Factor Blockchain-based authentication model that uses an embedded Digital Signature | |
MFA | Multi-Factor Authentication |
SAML | Security Assertion Mark-up Language |
SSO | Single Sign-On |
VC | Vehicular Cloud |
IoT | Internet of Things |
BYOD | Bring Your Own Device |
OAuth | open authentication |
SOPs | Standard Operating Procedures |
ISPs | Internet Service Providers |
SSL | Secure Socket Layer |
MiTM | Man in the Middle |
VANET | Vehicular Ad Hoc Networks |
V2I | Vehicle to Infrastructure |
PSO | Particle Swarm Optimization |
WSN | Wireless Sensor Network |
TA | Trusted Authority |
RSU | Road Side Unit |
ECC | Elliptic Curve Cryptography |
Vehicle | |
Vehicle to Vehicle | |
S | Server |
Embedded Device | |
Identity | |
N | Randomized Number |
Authenticating Key | |
Key | |
Public Key | |
Private Key | |
Hash function | |
Real Identification | |
Secret Identification | |
Timestamp | |
size of the input for the | |
Embedded Probabilistic Polynomial Time Algorithm | |
Expiration Time | |
Proof of Work | |
New Digital Signature | |
Digital Signature |
References
- Li, Y. Emerging blockchain-based applications and techniques. Serv. Oriented Comput. Appl. 2019, 13, 279–285. [Google Scholar] [CrossRef] [Green Version]
- Kebande, V.R.; Karie, N.M.; Venter, H. A generic Digital Forensic Readiness model for BYOD using honeypot technology. In Proceedings of the 2016 IST-Africa Week Conference, Durban, South Africa, 11–13 May 2016; pp. 1–12. [Google Scholar]
- Alshehri, M.D.; Hussain, F.K. A centralized trust management mechanism for the internet of things (CTM-IoT). In Proceedings of the International Conference on Broadband and Wireless Computing, Communication and Applications, Barcelona, Spain, 8–10 November 2017; pp. 533–543. [Google Scholar]
- Alshehri, M.D.; Hussain, F.; Elkhodr, M.; Alsinglawi, B.S. A Distributed Trust Management Model for the Internet of Things (DTM-IoT). In Recent Trends and Advances in Wireless and IoT-Enabled Networks; Springer: Cham, Switzerland, 2019; pp. 1–9. [Google Scholar]
- Ouaddah, A.; Abou Elkalam, A.; Ait Ouahman, A. FairAccess: A new Blockchain-based access control framework for the Internet of Things. Secur. Commun. Netw. 2016, 9, 5943–5964. [Google Scholar] [CrossRef]
- Huang, J.; Kong, L.; Chen, G.; Cheng, L.; Wu, K.; Liu, X. B-IoT: Blockchain driven Internet of Things with credit-based consensus mechanism. In Proceedings of the 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), Richardson, TX, USA, 7–9 July 2019; pp. 1348–1357. [Google Scholar]
- Gupta, M.; Awaysheh, F.M.; Benson, J.; Alazab, M.; Patwa, F.; Sandhu, R. An Attribute-Based Access Control for Cloud Enabled Industrial Smart Vehicles. IEEE Trans. Ind. Inform. 2020, 17, 4288–4297. [Google Scholar] [CrossRef]
- Awaysheh, F.; Cabaleiro, J.C.; Pena, T.F.; Alazab, M. Big data security frameworks meet the intelligent transportation systems trust challenges. In Proceedings of the 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), Rotorua, New Zealand, 5–8 August 2019; pp. 807–813. [Google Scholar]
- Aladwan, M.; Awaysheh, F.; Cabaleiro, J.; Pena, T.; Alabool, H.; Alazab, M. Common security criteria for vehicular clouds and internet of vehicles evaluation and selection. In Proceedings of the 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), Rotorua, New Zealand, 5–8 August 2019; pp. 814–820. [Google Scholar]
- Aladwan, M.N.; Awaysheh, F.M.; Alawadi, S.; Alazab, M.; Pena, T.F.; Cabaleiro, J.C. TrustE-VC: Trustworthy evaluation framework for industrial connected vehicles in the cloud. IEEE Trans. Ind. Inform. 2020, 16, 6203–6213. [Google Scholar] [CrossRef]
- Elkhodr, M.; Alsinglawi, B.; Alshehri, M. A privacy risk assessment for the Internet of Things in healthcare. In Applications of Intelligent Technologies in Healthcare; Springer: Cham, Switzerland, 2019; pp. 47–54. [Google Scholar]
- Alshehri, M.D.; Hussain, F.K. A comparative analysis of scalable and context-aware trust management approaches for internet of things. In Proceedings of the International Conference on Neural Information Processing, Istanbul, Turkey, 9–12 November 2015; pp. 596–605. [Google Scholar]
- Kebande, V.R.; Alawadi, S.; Awaysheh, F.M.; Persson, J.A. Active Machine Learning Adversarial Attack Detection in the User Feedback Process. IEEE Access 2021, 9, 36908–36923. [Google Scholar] [CrossRef]
- Awaysheh, F.M.; Aladwan, M.N.; Alazab, M.; Alawadi, S.; Cabaleiro, J.C.; Pena, T.F. Security by Design for Big Data Frameworks Over Cloud Computing. IEEE Trans. Eng. Manag. 2021, 1–18. [Google Scholar] [CrossRef]
- Chaturvedi, K.; Matheus, A.; Nguyen, S.H.; Kolbe, T.H. Securing spatial data infrastructures for distributed smart city applications and services. Future Gener. Comput. Syst. 2019, 101, 723–736. [Google Scholar] [CrossRef]
- Karie, N.M.; Kebande, V.R.; Ikuesan, R.A.; Sookhak, M.; Venter, H. Hardening SAML by Integrating SSO and Multi-Factor Authentication (MFA) in the Cloud. In Proceedings of the 3rd International Conference on Networking, Information Systems & Security, Marrakech, Morocco, 31 March–2 April 2020; pp. 1–6. [Google Scholar]
- Ramatsakane, K.I.; Leung, W.S. Pick location security: Seamless integrated multi-factor authentication. In Proceedings of the 2017 IST-Africa Week Conference (IST-Africa), Windhoek, Namibia, 31 May–2 June 2017; pp. 1–10. [Google Scholar]
- Rehman, F.; Akram, S.; Shah, M.A. The framework for efficient passphrase-based multifactor authentication in cloud computing. In Proceedings of the 2016 22nd International Conference on Automation and Computing (ICAC), Colchester, UK, 7–8 September 2016; pp. 37–41. [Google Scholar]
- Furnell, S. The usability of security–revisited. Comput. Fraud Secur. 2016, 2016, 5–11. [Google Scholar] [CrossRef]
- Zhu, H.H.; He, Q.H.; Tang, H.; Cao, W.H. Voiceprint-biometric template design and authentication based on cloud computing security. In Proceedings of the 2011 International Conference on Cloud and Service Computing, Hong Kong, China, 12–14 December 2011; pp. 302–308. [Google Scholar]
- An, Y.; Zaaba, Z.; Samsudin, N. Reviews on security issues and challenges in cloud computing. IOP Conf. Ser. Mater. Sci. Eng. 2016, 160, 012106. [Google Scholar] [CrossRef]
- Radha, V.; Reddy, D.H. A survey on single sign-on techniques. Procedia Technol. 2012, 4, 134–139. [Google Scholar] [CrossRef] [Green Version]
- Awaysheh, F.M.; Cabaleiro, J.C.; Pena, T.F.; Alazab, M. Poster: A pluggable authentication module for big data federation architecture. In Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, Toronto, ON, Canada, 4–6 June 2019; pp. 223–225. [Google Scholar]
- Awaysheh, F.M.; Alazab, M.; Gupta, M.; Pena, T.F.; Cabaleiro, J.C. Next-generation big data federation access control: A reference model. Future Gener. Comput. Syst. 2020, 108, 726–741. [Google Scholar] [CrossRef] [Green Version]
- Awaysheh, F.M.; Alazab, M.; Garg, S.; Niyato, D.; Verikoukis, C. Big Data Resource Management & Networks: Taxonomy, Survey, and Future Directions. IEEE Commun. Surv. Tutor. 2021, 1. [Google Scholar] [CrossRef]
- Elkhodr, M.; Alsinglawi, B.; Alshehri, M. Data provenance in the internet of things. In Proceedings of the 2018 32nd International Conference on Advanced Information Networking and Applications Workshops (WAINA), Krakow, Poland, 16–18 May 2018; pp. 727–731. [Google Scholar]
- Elhoseny, M.; Shankar, K.; Lakshmanaprabu, S.; Maseleno, A.; Arunkumar, N. Hybrid optimization with cryptography encryption for medical image security in Internet of Things. Neural Comput. Appl. 2018, 32, 10979–10993. [Google Scholar] [CrossRef]
- Xu, L.; Wu, F. A lightweight authentication scheme for multi-gateway wireless sensor networks under IoT conception. Arab. J. Sci. Eng. 2019, 44, 3977–3993. [Google Scholar] [CrossRef]
- Wu, F.; Xu, L.; Kumari, S.; Li, X.; Shen, J.; Choo, K.K.R.; Wazid, M.; Das, A.K. An efficient authentication and key agreement scheme for multi-gateway wireless sensor networks in IoT deployment. J. Netw. Comput. Appl. 2017, 89, 72–85. [Google Scholar] [CrossRef]
- Melki, R.; Noura, H.N.; Chehab, A. Lightweight multi-factor mutual authentication protocol for IoT devices. Int. J. Inf. Secur. 2019, 19, 679–694. [Google Scholar] [CrossRef]
- Dhillon, P.K.; Kalra, S. Multi-factor user authentication scheme for IoT-based healthcare services. J. Reliab. Intell. Environ. 2018, 4, 141–160. [Google Scholar] [CrossRef]
- Sharma, G.; Kalra, S. A lightweight multi-factor secure smart card based remote user authentication scheme for cloud-IoT applications. J. Inf. Secur. Appl. 2018, 42, 95–106. [Google Scholar] [CrossRef]
- Xu, Z.; Liang, W.; Li, K.C.; Xu, J.; Jin, H. A blockchain-based roadside unit-assisted authentication and key agreement protocol for internet of vehicles. J. Parallel Distrib. Comput. 2021, 149, 29–39. [Google Scholar] [CrossRef]
- Mendiboure, L.; Chalouf, M.A.; Krief, F. Survey on blockchain-based applications in internet of vehicles. Comput. Electr. Eng. 2020, 84, 106646. [Google Scholar] [CrossRef]
- Hu, W.; Hu, Y.; Yao, W.; Li, H. A blockchain-based Byzantine consensus algorithm for information authentication of the Internet of vehicles. IEEE Access 2019, 7, 139703–139711. [Google Scholar] [CrossRef]
- Wang, X.; Zeng, P.; Patterson, N.; Jiang, F.; Doss, R. An improved authentication scheme for internet of vehicles based on blockchain technology. IEEE Access 2019, 7, 45061–45072. [Google Scholar] [CrossRef]
- Bagga, P.; Sutrala, A.K.; Das, A.K.; Vijayakumar, P. Blockchain-based batch authentication protocol for Internet of Vehicles. J. Syst. Archit. 2021, 113, 101877. [Google Scholar] [CrossRef]
- Eddine, M.S.; Ferrag, M.A.; Friha, O.; Maglaras, L. EASBF: An efficient authentication scheme over blockchain for fog computing-enabled internet of vehicles. J. Inf. Secur. Appl. 2021, 59, 102802. [Google Scholar]
- Kamal, M.; Srivastava, G.; Tariq, M. Blockchain-based lightweight and secured v2v communication in the internet of vehicles. IEEE Trans. Intell. Transp. Syst. 2020, 22, 3997–4004. [Google Scholar] [CrossRef]
- Kalra, S.; Sood, S.K. Secure authentication scheme for IoT and cloud servers. Pervasive Mob. Comput. 2015, 24, 210–223. [Google Scholar] [CrossRef]
- Herzog, J. A computational interpretation of Dolev–Yao adversaries. Theor. Comput. Sci. 2005, 340, 57–81. [Google Scholar] [CrossRef] [Green Version]
- Adeyemi, I.R.; Razak, S.A.; Salleh, M. A Conceptual Model for Holistic Classification of Insider. arXiv 2017, arXiv:1706.05402. [Google Scholar] [CrossRef] [Green Version]
- Kebande, V.R.; Bugeja, J.; Persson, J.A. Internet of threats introspection in dynamic intelligent virtual sensing. arXiv 2020, arXiv:2006.11801. [Google Scholar]
- Kasar, S.; Kshirsagar, M. Open Challenges in Smart Cities: Privacy and Security. In Security and Privacy Applications for Smart City Development; Springer: Cham, Switzerland, 2021; pp. 25–36. [Google Scholar]
- Liang, W.; Ji, N. Privacy challenges of IoT-based blockchain: A systematic review. Cluster Comput. 2021, 1–19. [Google Scholar] [CrossRef]
- Khorashadizadeh, S.; Ikuesan, A.R.; Kebande, V.R. Generic 5g infrastructure for iot ecosystem. In Proceedings of the International Conference of Reliable Information and Communication Technology, Johor, Malaysia, 22–23 September 2019; pp. 451–462. [Google Scholar]
- Theofanos, M. Is Usable Security an Oxymoron? Computer 2020, 53, 71–74. [Google Scholar] [CrossRef]
- Craggs, B.; Rashid, A. Smart cyber-physical systems: Beyond usable security to security ergonomics by design. In Proceedings of the 2017 IEEE/ACM 3rd International Workshop on Software Engineering for Smart Cyber-Physical Systems (SEsCPS), Buenos Aires, Argentina, 21 May 2017; pp. 22–25. [Google Scholar]
- Kebande, V.R.; Karie, N.M.; Ikuesan, R.A. Real-time monitoring as a supplementary security component of vigilantism in modern network environments. Int. J. Inf. Technol. 2021, 13, 5–17. [Google Scholar]
- Mocnej, J.; Miškuf, M.; Papcun, P.; Zolotová, I. Impact of edge computing paradigm on energy consumption in IoT. IFAC-PapersOnLine 2018, 51, 162–167. [Google Scholar] [CrossRef]
- Kiani, F. A survey on management frameworks and open challenges in IoT. Wirel. Commun. Mob. Comput. 2018, 2018, 9857026. [Google Scholar] [CrossRef] [Green Version]
- Agbehadji, I.E.; Frimpong, S.O.; Millham, R.C.; Fong, S.J.; Jung, J.J. Intelligent energy optimization for advanced IoT analytics edge computing on wireless sensor networks. Int. J. Distrib. Sens. Netw. 2020, 16, 1550147720908772. [Google Scholar] [CrossRef]
- Ning, Z.; Huang, J.; Wang, X.; Rodrigues, J.J.; Guo, L. Mobile edge computing-enabled Internet of vehicles: Toward energy-efficient scheduling. IEEE Netw. 2019, 33, 198–205. [Google Scholar] [CrossRef]
- Sharma, V. An energy-efficient transaction model for the blockchain-enabled internet of vehicles (IoV). IEEE Commun. Lett. 2018, 23, 246–249. [Google Scholar] [CrossRef] [Green Version]
- Zheng, Z.; Xie, S.; Dai, H.N.; Chen, X.; Wang, H. Blockchain challenges and opportunities: A survey. Int. J. Web Grid Serv. 2018, 14, 352–375. [Google Scholar] [CrossRef]
- Singh, S.; Hosen, A.S.; Yoon, B. Blockchain security attacks, challenges, and solutions for the future distributed iot network. IEEE Access 2021, 9, 13938–13959. [Google Scholar]
- Magnani, A.; Calderoni, L.; Palmieri, P. Feather forking as a positive force: Incentivising green energy production in a blockchain-based smart grid. In Proceedings of the 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems, Munich, Germany, 15 June 2018; pp. 99–104. [Google Scholar]
- Singh, R.; Tanwar, S.; Sharma, T.P. Utilization of blockchain for mitigating the distributed denial of service attacks. Secur. Priv. 2020, 3, e96. [Google Scholar] [CrossRef]
Basic Sets and Functions
|
Effective Authentication, MFA Based on ePPTA (Derived Functions)
|
Authorization Functions and Decision Made
|
Attributes | Proposed | Karla and Sood | Melki et al. | Wu et al. | Sharma | Xu et al. | Chin |
---|---|---|---|---|---|---|---|
MFA | ✓ | X | ✓ | X | ✓ | ✓ | X |
SAML-SSO | ✓ | X | X | X | X | X | X |
Confidentiality | ✓ | ✓ | ✓ | X | ✓ | ✓ | ✓ |
Integrity | ✓ | X | ✓ | ✓ | ✓ | ✓ | ✓ |
Anonymity | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
IoV-centered | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
Blockchain | ✓ | X | X | X | X | X | X |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2021 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Kebande, V.R.; Awaysheh, F.M.; Ikuesan, R.A.; Alawadi, S.A.; Alshehri, M.D. A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles. Sensors 2021, 21, 6018. https://doi.org/10.3390/s21186018
Kebande VR, Awaysheh FM, Ikuesan RA, Alawadi SA, Alshehri MD. A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles. Sensors. 2021; 21(18):6018. https://doi.org/10.3390/s21186018
Chicago/Turabian StyleKebande, Victor R., Feras M. Awaysheh, Richard A. Ikuesan, Sadi A. Alawadi, and Mohammad Dahman Alshehri. 2021. "A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles" Sensors 21, no. 18: 6018. https://doi.org/10.3390/s21186018
APA StyleKebande, V. R., Awaysheh, F. M., Ikuesan, R. A., Alawadi, S. A., & Alshehri, M. D. (2021). A Blockchain-Based Multi-Factor Authentication Model for a Cloud-Enabled Internet of Vehicles. Sensors, 21(18), 6018. https://doi.org/10.3390/s21186018