A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System
碩士 === 國立臺中科技大學 === 資訊工程系碩士班 === 104 === Recently, Yang et al. enhanced the IoT control system by adding the backup terminal device, the status monitor device and the alarm module for availability and security. Service is provided by the backup terminal device when the main terminal device malfuncti...
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Others |
| Language: | en_US |
| Published: |
2016
|
| Online Access: | http://ndltd.ncl.edu.tw/handle/nsd7xb |
| id |
ndltd-TW-104NTTI5392015 |
|---|---|
| record_format |
oai_dc |
| spelling |
ndltd-TW-104NTTI53920152019-09-24T03:34:13Z http://ndltd.ncl.edu.tw/handle/nsd7xb A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System 於IoT控制系統中建立提供可用性及安全性的驗證模組之研究 Ya-Ling Lo 羅雅齡 碩士 國立臺中科技大學 資訊工程系碩士班 104 Recently, Yang et al. enhanced the IoT control system by adding the backup terminal device, the status monitor device and the alarm module for availability and security. Service is provided by the backup terminal device when the main terminal device malfunctions or its status is not correct. Their authentication model uses hash function to protect identifiers of terminal devices and the challenge-response mechanism to resist synchronization attack, and parameters for authentication are stored in the distributed database for reliability. They claimed that their model ensured mutual authentication. After analyzing their model, we find that their authentication model possesses the following drawbacks: (1) In their model, mutual authentication is between the database and the terminal device. The reader device is not authenticated. (2) Default search is needed when the database wants to find the matched terminal device’s identifier. This approach places a heavy burden on the database. (3) An attacker can send a forged device-switching request because the origin of this request is not authenticated. In this thesis, we adjust the operation and requirements of the IoT control system and take user anonymity into consideration to propose an authentication model for the IoT control system. The proposed authentication model complies with the following requirements. (1) The computational load is light. (2) Default search is not needed. (3) The terminal device’s identifier is protected. (4) User anonymity is ensured. (5) The origin of a device-switching request can be authenticated. (6) A user (RFID tag), the reader, and the terminal device can authenticate each other. Via the proposed model, the IoT control system’s security can be ensured. 張雅芬 2016 學位論文 ; thesis 23 en_US |
| collection |
NDLTD |
| language |
en_US |
| format |
Others
|
| sources |
NDLTD |
| description |
碩士 === 國立臺中科技大學 === 資訊工程系碩士班 === 104 === Recently, Yang et al. enhanced the IoT control system by adding the backup terminal device, the status monitor device and the alarm module for availability and security. Service is provided by the backup terminal device when the main terminal device malfunctions or its status is not correct. Their authentication model uses hash function to protect identifiers of terminal devices and the challenge-response mechanism to resist synchronization attack, and parameters for authentication are stored in the distributed database for reliability. They claimed that their model ensured mutual authentication. After analyzing their model, we find that their authentication model possesses the following drawbacks:
(1) In their model, mutual authentication is between the database and the terminal device. The reader device is not authenticated.
(2) Default search is needed when the database wants to find the matched terminal device’s identifier. This approach places a heavy burden on the database.
(3) An attacker can send a forged device-switching request because the origin of this request is not authenticated.
In this thesis, we adjust the operation and requirements of the IoT control system and take user anonymity into consideration to propose an authentication model for the IoT control system. The proposed authentication model complies with the following requirements. (1) The computational load is light. (2) Default search is not needed. (3) The terminal device’s identifier is protected. (4) User anonymity is ensured. (5) The origin of a device-switching request can be authenticated. (6) A user (RFID tag), the reader, and the terminal device can authenticate each other. Via the proposed model, the IoT control system’s security can be ensured.
|
| author2 |
張雅芬 |
| author_facet |
張雅芬 Ya-Ling Lo 羅雅齡 |
| author |
Ya-Ling Lo 羅雅齡 |
| spellingShingle |
Ya-Ling Lo 羅雅齡 A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System |
| author_sort |
Ya-Ling Lo |
| title |
A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System |
| title_short |
A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System |
| title_full |
A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System |
| title_fullStr |
A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System |
| title_full_unstemmed |
A Research on Designing an Availability and Security-ensured Authentication Model of IoT Control System |
| title_sort |
research on designing an availability and security-ensured authentication model of iot control system |
| publishDate |
2016 |
| url |
http://ndltd.ncl.edu.tw/handle/nsd7xb |
| work_keys_str_mv |
AT yalinglo aresearchondesigninganavailabilityandsecurityensuredauthenticationmodelofiotcontrolsystem AT luóyǎlíng aresearchondesigninganavailabilityandsecurityensuredauthenticationmodelofiotcontrolsystem AT yalinglo yúiotkòngzhìxìtǒngzhōngjiànlìtígōngkěyòngxìngjíānquánxìngdeyànzhèngmózǔzhīyánjiū AT luóyǎlíng yúiotkòngzhìxìtǒngzhōngjiànlìtígōngkěyòngxìngjíānquánxìngdeyànzhèngmózǔzhīyánjiū AT yalinglo researchondesigninganavailabilityandsecurityensuredauthenticationmodelofiotcontrolsystem AT luóyǎlíng researchondesigninganavailabilityandsecurityensuredauthenticationmodelofiotcontrolsystem |
| _version_ |
1719256541764255744 |