RESUMO
In the IoT environment, many terminal devices are deployed in unattended areas. If these devices are moved elsewhere by an attacker, the wrong environmental sensing values are obtained, which causes a major disaster. In this paper, we propose an ambient authentication mechanism based on audio to be used in multi-factor authentication by using the ambient sensors equipped with a smart phone. An ultrasonic signal that is not detectable by the human ear was transmitted by the authenti-cator, and the attenuated signal received by the user being authenticated was transmitted back to the authentication server. The transmitted and received decoded symbol sequences of the audio signal are used to calculated the bit error rate, which is used to measure the relative distance. Our proposed method can narrow the authentication distance to less than 0.5 meters, which can greatly improve the security of the authentication system.
RESUMO
Modern societies are moving toward an information-oriented environment. To gather and utilize information around people's modern life, tiny devices with all kinds of sensing devices and various sizes of gateways need to be deployed and connected with each other through the Internet or proxy-based wireless sensor networks (WSNs). Within this kind of Internet of Things (IoT) environment, how to authenticate each other between two communicating devices is a fundamental security issue. As a lot of IoT devices are powered by batteries and they need to transmit sensed data periodically, it is necessary for IoT devices to adopt a lightweight authentication protocol to reduce their energy consumption when a device wants to authenticate and transmit data to its targeted peer. In this paper, a lightweight continuous authentication protocol for sensing devices and gateway devices in general IoT environments is introduced. The concept of valid authentication time period is proposed to enhance robustness of authentication between IoT devices. To construct the proposed lightweight continuous authentication protocol, token technique and dynamic features of IoT devices are adopted in order to reach the design goals: the reduction of time consumption for consecutive authentications and energy saving for authenticating devices through by reducing the computation complexity during session establishment of continuous authentication. Security analysis is conducted to evaluate security strength of the proposed protocol. In addition, performance analysis has shown the proposed protocol is a strong competitor among existing protocols for device-to-device authentication in IoT environments.
RESUMO
The development of information technology has paved the way for faster and more convenient payment process flows and new methodology for the design and implementation of next generation payment systems. The growth of smartphone usage nowadays has fostered a new and popular mobile payment environment. Most of the current generation smartphones support Bluetooth Low Energy (BLE) technology to communicate with nearby BLE-enabled devices. It is plausible to construct an Over-the-Air BLE-based mobile payment system as one of the payment methods for people living in modern societies. In this paper, a secure indoor positioning-based mobile payment authentication protocol with BLE technology and the corresponding mobile payment system design are proposed. The proposed protocol consists of three phases: initialization phase, session key construction phase, and authentication phase. When a customer moves toward the POS counter area, the proposed mobile payment system will automatically detect the position of the customer to confirm whether the customer is ready for the checkout process. Once the system has identified the customer is standing within the payment-enabled area, the payment system will invoke authentication process between POS and the customer's smartphone through BLE communication channel to generate a secure session key and establish an authenticated communication session to perform the payment transaction accordingly. A prototype is implemented to assess the performance of the proposed design for mobile payment system. In addition, security analysis is conducted to evaluate the security strength of the proposed protocol.
RESUMO
Medication error can easily cause serious health damage to inpatients in hospital. Consequently, the whole society has to spend huge amount of extra resources for additional therapies and medication on those affected inpatients. In order to prevent medication errors, secure inpatient medication administration system is required in a hospital. Using RFID technology, such administration system provides automated medication verification for inpatient's medicine doses and generates corresponding medication evidence, which may be audited later for medical dispute. Recently, Peris-Lopez et al. (Int. J. Med. Inform., 2011) proposed an IS-RFID system to enhance inpatient medication safety. Nevertheless, IS-RFID system does not detect the denial of proof attack efficiently and the generated medication evidence cannot defend against counterfeit evidence generated from the hospital. That is, the hospital possesses enough privilege from the design of IS-RFID system to modify generated medication evidence whenever it is necessary. Hence, we design two lightweight RFID-based solutions for secure inpatient medication administration, one for online verification environment and the other for offline validation situation, to achieve system security on evidence generation and provide early detection on denial of proof attack.