Sadique Kazi Masum, Rahmani Rahim, Johannesson Paul
Department of Computer and Systems Sciences, Stockholm University, 16407 Stockholm, Sweden.
Sensors (Basel). 2020 Nov 16;20(22):6546. doi: 10.3390/s20226546.
The Internet of things (IoT) will accommodate several billions of devices to the Internet to enhance human society as well as to improve the quality of living. A huge number of sensors, actuators, gateways, servers, and related end-user applications will be connected to the Internet. All these entities require identities to communicate with each other. The communicating devices may have mobility and currently, the only main identity solution is IP based identity management which is not suitable for the authentication and authorization of the heterogeneous IoT devices. Sometimes devices and applications need to communicate in real-time to make decisions within very short times. Most of the recently proposed solutions for identity management are cloud-based. Those cloud-based identity management solutions are not feasible for heterogeneous IoT devices. In this paper, we have proposed an edge-fog based decentralized identity management and authentication solution for IoT devices (IoTD) and edge IoT gateways (EIoTG). We have also presented a secure communication protocol for communication between edge IoT devices and edge IoT gateways. The proposed security protocols are verified using Scyther formal verification tool, which is a popular tool for automated verification of security protocols. The proposed model is specified using the PROMELA language. SPIN model checker is used to confirm the specification of the proposed model. The results show different message flows without any error.
物联网(IoT)将数十亿设备接入互联网,以提升人类社会并改善生活质量。大量的传感器、执行器、网关、服务器及相关终端用户应用将连接到互联网。所有这些实体相互通信都需要身份标识。通信设备可能具有移动性,目前,唯一主要的身份解决方案是基于IP的身份管理,而这不适用于异构物联网设备的认证和授权。有时,设备和应用需要实时通信,以便在极短时间内做出决策。最近提出的大多数身份管理解决方案都是基于云的。那些基于云的身份管理解决方案对于异构物联网设备不可行。在本文中,我们为物联网设备(IoTD)和边缘物联网网关(EIoTG)提出了一种基于边缘 - 雾的去中心化身份管理和认证解决方案。我们还提出了一种用于边缘物联网设备与边缘物联网网关之间通信的安全通信协议。所提出的安全协议使用Scyther形式验证工具进行了验证,Scyther是一种用于自动验证安全协议的流行工具。所提出的模型使用PROMELA语言进行了指定。使用SPIN模型检查器来确认所提出模型的规范。结果显示了不同的消息流且没有任何错误。