A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions
Abstract
:1. Introduction
1.1. Enabling Technologies
1.2. Related Surveys
- We explore and discuss smart city layered architectures for employing authentication schemes in various smart city scenarios.
- We review and analyze the existing security services and their related challenges and issues in smart cities.
- We provide insightful reviews and discussions on the early adoption of traditional state-of-the-art authentication schemes for IoT-enabled smart assets to reveal their full potential in smart cities.
- We present a comprehensive classification and detailed reviews of the latest authentication schemes for IoT-enabled smart assets in smart cities.
- Furthermore, we categorically reviewed, evaluated, and analyzed IoT-enabled authentication schemes based on centralized and distributed blockchain-enabled smart city architectures.
- We present and elaborate on an emerging concept of Blockchain-as-a-Service as a result of reviewing existing solutions and discussing the related challenges and issues in smart cities.
- We identified and discussed the pros and cons of existing authentication schemes in smart city architectures.
- Finally, we provide the recent advances and future recommendations for IoT-enabled authentication schemes in smart cities and conclude the paper in the final section.
1.3. Paper Organization
2. Smart City Layered Architecture
2.1. Application Layer
2.2. Transmission Layer
2.3. Sensing Layer
3. Smart City Layered Adversaries
3.1. Application Layer Adversaries
3.1.1. Injection Attacks
3.1.2. Cross-Site Scripting Attacks
3.1.3. Parameter Tampering Attacks
3.1.4. Botnet Attacks
3.1.5. Buffer Overflow Attacks
3.2. Transmission Layer Adversaries
3.2.1. Trojan Attacks
3.2.2. Worm Attacks
3.2.3. Denial-of-Service (DoS) Attacks
3.2.4. Distributed Denial-of-Service (DoS) Attacks
3.2.5. Man-in-the-Middle (MITM) Attacks
3.2.6. Meet-in-the-Middle (MeetITM) Attacks
3.2.7. Repudiation Attacks
3.3. Sensing Layer Adversaries
3.3.1. Physical Attacks
3.3.2. Port Scanning Attacks
3.3.3. Eavesdropping Attacks
3.3.4. Data Spoofing Attacks
3.3.5. Replay Attacks
4. Smart City Layered Security Services
- Confidentiality refers to protecting data from unauthorized disclosure means the information sent by the sender should be received by the correct recipient (user), which ensures message confidentiality.
- Integrity refers to protecting data from unauthorized alterations and changes, and the content should be transmitted untampered, which ensures message integrity
- Availability refers to protecting data from unauthorized access by transmitting data to the authentic user to ensure message availability.
- Authentication is an important process ensuring the identity of the assets or objects. In contrast, it is also of immense importance for a CPS in a smart city to have all the assets identified and authenticated to mitigate the attack vector within a system.
- Authorization works side-by-side with authentication. Once the assets are authenticated, these assets need the authorization to carry out a specific task, which means not all authenticated assets will be able to carry out all tasks rather than authorized tasks only.
5. Smart City Layered Security Issues
5.1. Security Issues in Internet Infrastructures
5.2. Security Issues in Cyber-Physical Systems
5.2.1. Security Issues in Industrial Cyber-Physical System
5.2.2. Security Issues in Health Care
5.3. Security Issues in IoT-Enabled Smart Devices
5.4. Security Issues in Heterogeneous IoT-Enabled Smart Devices
6. IoT-Enabled Smart Device Authentication Architectures in Smart Cities
6.1. State of the Art Authentication Models
6.1.1. Single-Factor Authentication (SFA)
6.1.2. Two-Factor Authentication (2FA)
6.1.3. Multi-Factor Authentication (MFA)
6.1.4. Biometrics
6.1.5. Token-Based Authentication
6.1.6. Certificate-Based Authentication
6.1.7. Hardware Security Module
6.1.8. Trusted Platform Module
7. Authentication Schemes Based on Centralized Architectures in Smart Cities
7.1. Smart Offices and Smart Houses
7.2. IoT Embedded Assets
7.3. Cryptosystem-Based IoT Authentication Schemes
7.4. E-Governance in a Smart City
7.5. Smart Grid in Smart City
7.6. Physical Layer Authentication in Smart City
- The authentication mechanisms based on centralized architecture depend on the server machine for processing every authentication request, which poses a single point of failure and contact as far as the attack vector is concerned.
- For token-based authentication schemes, the registration server (RS) is responsible for generating tokens on the internet in a centralized architecture which causes security and data privacy issues.
- The client-server environment is prone to spoofing attacks with the exposed share session key.
- In the case of a hardware-based authentication mechanism, a hardware upgrade is required, which needs the manufacturer’s intervention and can be costly to implement.
- PUFs, in this case, are the current trend that enhances the security of the assets from a physical standpoint as PUFs result from the manufacturing process of Integrated Circuits (ICs), which introduces random physical variations into the ICs microstructure, making it unique.
- PUFs utilize the SRAM of the edge node, which increases the operational and computational overhead resulting in delayed operations.
- In the case of Smart Card-based authentication mechanisms, the communication between the applications and the smart city is carried out using an advanced multi-factor user authentication scheme which can be utilized for the smart e-governance applications in smart cities.
- Other schemes utilize a central server-based XOR and hash operations for the password, user anonymity, mutual authentication, shared session key, and key freshness. It is an easy target for attacks such as replay, password guessing, message forgery, and brute force attacks.
- The mechanisms are Smart Card dependent, as the public, private, and session keys are stored on it for registration, login, and authentication. However, a central registration center (RC) provides the parameters to the participants during the registration phase. In case of compromised session keys at RC, the whole system would be at risk of being attacked.
- In case of card loss or theft, the system’s security would be at stake.
- Sharing session keys using public and private keys infrastructure in centralized architecture would be a single point of failure and contact for the attack vector. The scheme depends on a centralized server to generate the public and private session keys.
- In the case of power grids and VANETs, the risk of compromised communication between the corporate network of the power grid and the edge server deployed in the cloud via the internet has to be considered.
- The identification and authentication of devices and the system must be taken care of. In the case of an adversary, the power grid system behind the corporate network would be at risk.
8. Authentication Schemes Based on Distributed Architectures in Smart Cities
8.1. Blockchain-Enabled Smart Houses and Smart District
8.2. Blockchain-Enabled Federated Mechanisms
8.3. Blockchain-Enabled IoT Embedded Assets
8.4. Blockchain-Enabled E-Voting Mechanism in Smart City
8.5. Blockchain-Enabled Authentication Mechanisms
- The authentication and authorization solution have been proposed based on trusted third-party (TTP) distributed platforms such as FIWARE, which offers a rich set of open standard APIs to acquire data from the IoT of the smart city but not on the blockchain itself. In contrast, blockchain has been utilized merely as a distributed data repository.
- The reliance on TTP distributed platform for authentication and authorization mechanism opens doors to adversaries on IoT-enabled smart devices.
- The communication overheads (in terms of traffic, processing time, and energy consumption) are significantly higher than the base models concerning its security and privacy gains which would need to be considered in time-critical IoT applications.
- Different techniques can extract useful knowledge from big data by filtering, normalizing, and compressing IoT data. The IoT-enabled smart devices involve embedded devices, communication, and target services (blockchain, cloud); thus, savings in the amount of data that the IoT provides can benefit multiple layers.
- A local storage device for backup data has been introduced in some of the proposed solutions whose security risks must be considered in authentication schemes open to attack vectors and may jeopardize the network security.
- Smart contracts (SC) define applications that are distributed in nature and are special entities that provide real-world data in a trusted manner. The validation process of these smart contracts could be compromised since the IoT-enabled smart devices can be unbalanced.
- SC in proposed solutions is not designed considering the heterogeneity and constraints present in the IoT-enabled smart devices in the smart city concept.
- Functions and events in the SCs enable the actuation mechanisms to be employed directly on the IoT-enabled smart devices much faster.
- Smart contract deployment with defined authentication functions may provide security, so authentication schemes with smart contacts/distributed apps (dApps) should be considered.
- The IoT-enabled smart devices have security issues from the manufacturer’s perspective as the asset’s firmware is not fully equipped with a security mechanism by default.
- Especially authentication, access control schemes, and firmware updates are commonly found unattended, posing these assets’ exploitation.
- Strong and lightweight encryption schemes such as one round cipher, etc., would help mitigate the authentication and access control issues based on communication and computational costs.
- Running applications can be updated using partial upgrades, but the network stack must be updated by updating the firmware.
- Heterogeneity among the assets is yet another issue at the network layer that poses a security threat. Many heterogeneous devices with weak or default security mechanisms operate, send, and receive data. At the same time, the adoption of BC for obvious reasons has proposed BC as a key technology to provide a much-needed security mechanism for IoT-enabled smart devices and the network.
9. Recent Advances and Future Research Challenges
9.1. Blockchain-as-a-Service (BaaS)
9.1.1. Blockchain Tokenization
9.1.2. Non-Fungible Tokens (NFTs)
9.1.3. Research Challenges in BaaS
- Security Services: Weaknesses and Threats
- Anonymity and Data Privacy
- IoT-Enabled Assets Firmware Upgrade
- Storage Capacity and Scalability
- Integration of IoT-Enabled Assets to Blockchain
- Smart Contracts
- Digital Representation of Assets
9.2. Cryptosystems
9.2.1. Research Challenges in Cryptosystems
- The new generation of cryptographic algorithms with low latency to generate the hashes has been introduced with one-round cipher algorithms. It utilizes the dynamic key approach. A dynamic key (that depends on a secret key and a nonce and generates different cipher text for the same plain text) is generated for each input, such as audio, image, or video. The proposed lightweight cipher algorithms are based on a dynamic structure with a single round of simple operations. They can help provide security for time-critical applications for resourced-constraints devices [112,113].
9.2.2. Decentralized Key Management System
- Cryptosystems that are CCA (security against chosen-ciphertext attacks) secure, while notions of CPA-security (security against chosen-plaintext attacks) and CCA-security apply to proxy re-encryption.
- An example in this context is NuCypher, which enables sharing of sensitive data for distributed and centralized applications, providing security infrastructure for applications from healthcare to identity management to decentralized content marketplaces. It will be an essential part of distributed applications, just as SSL/TLS is essential for every secure web application; thus, security services based on distributed KMS need to be explored based on blockchain solutions [114].
10. Artificial Intelligence-Enabled Security Solutions
10.1. Artificial Intelligence-Enabled Blockchain-Based Security Solutions
10.1.1. Machine Learning
- Machine Learning for Authentication of IoT-Enabled Smart Devices
- Machine Learning and Deep Learning-Based Solutions
10.1.2. Tiny Machine Learning and Deep Learning
10.1.3. Research Challenges in Artificial Intelligence
- Tiny Machine Learning for IoT-Enabled Smart Devices
- Efficient Resource Allocation for IoT-Enabled Assets
- Digital Keywords Improvement
- Data Pruning for Tiny ML-Based Solutions
11. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Cisco. Cisco: 2020 CISO Benchmark Report; Cisco: San Jose, CA, USA, 2020; Volume 2020. [Google Scholar]
- Chaabouni, N.; Mosbah, M.; Zemmari, A.; Sauvignac, C.; Faruki, P. Network Intrusion Detection for IoT Security Based on Learning Techniques. IEEE Commun. Surv. Tutor. 2019, 21, 2671–2701. [Google Scholar] [CrossRef]
- Hussain, F.; Hussain, R.; Hassan, S.A.; Hossain, E. Machine Learning in IoT Security: Current Solutions and Future Challenges. IEEE Commun. Surv. Tutor. 2020, 22, 1686–1721. [Google Scholar] [CrossRef] [Green Version]
- Farooq, M.U.; Waseem, M.; Mazhar, S.; Khairi, A.; Kamal, T. A Review on Internet of Things (IoT). Int. J. Comput. Appl. 2015, 113, 1–7. [Google Scholar] [CrossRef]
- El-Hajj, M.; Fadlallah, A.; Chamoun, M.; Serhrouchni, A. A survey of internet of things (IoT) authentication schemes. Sensors 2019, 19, 1141. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Rana, M.M.; Bo, R. IoT-based cyber-physical communication architecture: Challenges and research directions. IET Cyber-Phys. Syst. Theory Appl. 2020, 5, 25–30. [Google Scholar] [CrossRef]
- Yaacoub, J.P.A.; Salman, O.; Noura, H.N.; Kaaniche, N.; Chehab, A.; Malli, M. Cyber-physical systems security: Limitations, issues and future trends. Microprocess. Microsyst. 2020, 77, 103201. [Google Scholar] [CrossRef] [PubMed]
- Majeed, U.; Khan, L.U.; Yaqoob, I.; Kazmi, S.M.A.; Salah, K.; Hong, C.S. Blockchain for IoT-based smart cities: Recent advances, requirements, and future challenges. J. Netw. Comput. Appl. 2021, 181, 103007. [Google Scholar] [CrossRef]
- Yu, Z.; Song, L.; Jiang, L.; Khold Sharafi, O. Systematic literature review on the security challenges of blockchain in IoT-based smart cities. Kybernetes 2022, 51, 323–347. [Google Scholar] [CrossRef]
- Bhushan, B.; Khamparia, A.; Sagayam, K.M.; Sharma, S.K.; Ahad, M.A.; Debnath, N.C. Blockchain for smart cities: A review of architectures, integration trends and future research directions. Sustain. Cities Soc. 2020, 61, 102360. [Google Scholar] [CrossRef]
- Theodorou, S.; Sklavos, N. Blockchain-based security and privacy in smart cities. In Smart Cities Cybersecurity and Privacy; Elsevier: Amsterdam, The Netherlands, 2018; pp. 21–37. ISBN 9780128150320. [Google Scholar]
- Burhan, M.; Rehman, R.A.; Khan, B.; Kim, B.S. IoT elements, layered architectures and security issues: A comprehensive survey. Sensors 2018, 18, 2796. [Google Scholar] [CrossRef] [Green Version]
- Silva, B.N.; Khan, M.; Han, K. Towards sustainable smart cities: A review of trends, architectures, components, and open challenges in smart cities. Sustain. Cities Soc. 2018, 38, 697–713. [Google Scholar] [CrossRef]
- Reyna, A.; Martín, C.; Chen, J.; Soler, E.; Díaz, M. On blockchain and its integration with IoT. Challenges and opportunities. Futur. Gener. Comput. Syst. 2018, 88, 173–190. [Google Scholar] [CrossRef]
- Hakak, S.; Khan, W.Z.; Gilkar, G.A.; Imran, M.; Guizani, N. Securing Smart Cities through Blockchain Technology: Architecture, Requirements, and Challenges. IEEE Netw. 2020, 34, 8–14. [Google Scholar] [CrossRef]
- Lee, I.; Lee, K. The Internet of Things (IoT): Applications, investments, and challenges for enterprises. Bus. Horiz. 2015, 58, 431–440. [Google Scholar] [CrossRef]
- Khalil, S.H.U.; Mueen-Uddin; Malik, O.A.; Hong, O.W. A Blockchain Footprint for Authentication of IoT-Enabled Smart Devices in Smart Cities: State-of-the-art, Advancement, Challenges and Future Research Directions. IEEE Access 2022, 1–20. [Google Scholar] [CrossRef]
- Perera, C.; Zaslavsky, A.; Christen, P.; Georgakopoulos, D. Sensing as a service model for smart cities supported by Internet of Things. Trans. Emerg. Telecommun. Technol. 2014, 25, 81–93. [Google Scholar] [CrossRef] [Green Version]
- Gubbi, J.; Buyya, R.; Marusic, S.; Palaniswami, M. Internet of Things (IoT): A vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 2013, 29, 1645–1660. [Google Scholar] [CrossRef] [Green Version]
- Keshk, M.; Moustafa, N.; Sitnikova, E.; Turnbull, B.; Vatsalan, D. Privacy-preserving techniques for protecting large-scale data of cyber-physical systems. In Proceedings of the 2020 16th International Conference on Mobility, Sensing and Networking (MSN), Tokyo, Japan, 17–19 December 2020; pp. 711–717. [Google Scholar] [CrossRef]
- Keshk, M.; Turnbull, B.; Moustafa, N.; Vatsalan, D.; Choo, K.K.R. A Privacy-Preserving-Framework-Based Blockchain and Deep Learning for Protecting Smart Power Networks. IEEE Trans. Ind. Inform. 2020, 16, 5110–5118. [Google Scholar] [CrossRef]
- Khojasteh, M.J.; Khina, A.; Franceschetti, M.; Javidi, T. Authentication of cyber-physical systems under learning-based attacks. IFAC-PapersOnLine 2019, 52, 369–374. [Google Scholar] [CrossRef]
- Wardak, H.; Zhioua, S.; Almulhem, A. PLC access control: A security analysis. In Proceedings of the 2016 World Congress on Industrial Control Systems Security, WCICSS 2016, London, UK, 12–14 December 2016; pp. 56–61. [Google Scholar]
- IETF. RFC6749-The.OAuth.2; IETF: Fremont, CA, USA, 2012. [Google Scholar]
- Weise, K. Brian Krebs: The cybersecurity blogger hackers love to hate. Bloomberg, 17 January 2014. [Google Scholar]
- Krebs, B. Security Fix—Brian Krebs on computer and Internet security. Voices blogs. The Washington Post, 24 December 2009. [Google Scholar]
- Doshi, R.; Apthorpe, N.; Feamster, N. Machine learning DDoS detection for consumer internet of things devices. In Proceedings of the 2018 IEEE Security and Privacy Workshops (SPW), San Francisco, CA, USA, 24 May 2018; pp. 29–35. [Google Scholar] [CrossRef] [Green Version]
- Xiao, L.; Wan, X.; Lu, X.; Zhang, Y.; Wu, D. IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security? IEEE Signal Process. Mag. 2018, 35, 41–49. [Google Scholar] [CrossRef]
- Ashok, A.; Govindarasu, M.; Wang, J. Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid. Proc. IEEE 2017, 105, 1389–1407. [Google Scholar] [CrossRef]
- Li, Z.; Wei, L.; Li, W.; Wei, L.; Chen, M.; Lv, M.; Zhi, X.; Wang, C.; Gao, N. Research on DDoS attack detection based on ELM in IoT environment. In Proceedings of the 2019 IEEE 10th International Conference on Software Engineering and Service Science (ICSESS), Beijing, China, 18–20 October 2019; pp. 144–148. [Google Scholar] [CrossRef]
- Ferrag, M.A.; Maglaras, L.; Derhab, A.; Bernabe, J.B. Authentication and Authorization for Mobile IoT Devices Using Biofeatures: Recent Advances and Future Trends. Secur. Commun. Netw. 2019, 2019, 5452870. [Google Scholar] [CrossRef] [Green Version]
- Sepranos, D.; Wolf, M. Challenges and Opportunities in VLSI IoT Devices and Systems. IEEE Des. Test 2019, 36, 24–30. [Google Scholar] [CrossRef]
- KumarGoutam, R. Importance of Cyber Security. Int. J. Comput. Appl. 2015, 111, 14–17. [Google Scholar] [CrossRef]
- Choi, M.K.; Yeun, C.Y.; Seong, P.H. A Novel Monitoring System for the Data Integrity of Reactor Protection System Using Blockchain Technology. IEEE Access 2020, 8, 118732–118740. [Google Scholar] [CrossRef]
- Kelley, M.B. The Stuxnet Attack on Iran’s Nuclear Plant Was “Far More Dangerous” Than Previously Thought. Business insider, 21 November 2013; p. 1. [Google Scholar]
- Cavelty, M.D. Cyber-Security; ResearchGate: Berlin, Germany, 2014; p. 18. [Google Scholar]
- Bhayo, J.; Hameed, S.; Shah, S.A. An Efficient Counter-Based DDoS Attack Detection Framework Leveraging Software Defined IoT (SD-IoT). IEEE Access 2020, 8, 221612–221631. [Google Scholar] [CrossRef]
- Ferreira, C.M.S.; Garrocho, C.T.B.; Oliveira, R.A.R.; Silva, J.S.á.; da Cavalcanti, C.F.M.C. IoT registration and authentication in smart city applications with blockchain. Sensors 2021, 21, 1323. [Google Scholar] [CrossRef]
- Heightened DDoS Threat Poised by Mirai and Other Botnets. Alert TA16-288A. 2016. Available online: https://www.us-cert.gov/ncas/alerts/TA16-288A (accessed on 15 April 2020).
- Rajesh, S.; Paul, V.; Menon, V.G.; Khosravi, M.R. A secure and efficient lightweight symmetric encryption scheme for transfer of text files between embedded IoT devices. Symmetry 2019, 11, 293. [Google Scholar] [CrossRef] [Green Version]
- OWASP Code Injection Software Attack|OWASP Foundation. 2021. Available online: https://owasp.org/www-community/attacks/Repudiation_Attack (accessed on 31 January 2022).
- Siddiqui, A.S.; Gui, Y.; Lawrence, D.; Laval, S.; Plusquellic, J.; Manjrekar, M.; Chowdhury, B.; Saqib, F. Hardware assisted security architecture for smart grid. In Proceedings of the IECON 2018—44th Annual Conference of the IEEE Industrial Electronics Society, Washington, DC, USA, 21–23 October 2018; pp. 2890–2895. [Google Scholar] [CrossRef]
- Gope, P.; Sikdar, B. Lightweight and Privacy-Preserving Two-Factor Authentication Scheme for IoT Devices. IEEE Internet Things J. 2019, 6, 580–589. [Google Scholar] [CrossRef]
- Khashan, O.A.; Ahmad, R.; Khafajah, N.M. An automated lightweight encryption scheme for secure and energy-efficient communication in wireless sensor networks. Ad Hoc Netw. 2021, 115, 102448. [Google Scholar] [CrossRef]
- Syahla, H.D.; Ogi, D. Implementation of Secure Parking Based on Cyber-Physical System using One-time Password Gong et al. Scheme to Overcome Replay Attack. In Proceedings of the 2021 International Conference on ICT for Smart Society (ICISS), Bandung, Indonesia, 2–4 August 2021; pp. 1–6. [Google Scholar] [CrossRef]
- Noura, H.; Martin, S.; Al Agha, K.; Chahine, K. ERSS-RLNC: Efficient and robust secure scheme for random linear network coding. Comput. Netw. 2014, 75, 99–112. [Google Scholar] [CrossRef]
- Ghosh, S.; Mishra, A.; Mishra, B.K. Cyber-Security Techniques in Distributed Systems, SLAs and other Cyber Regulations. In Cyber Security in Parallel and Distributed Computing; Wiley: Hoboken, NJ, USA, 2019; pp. 109–127. [Google Scholar] [CrossRef]
- Ghosh, S. Distributed Systems. Distrib. Syst. 2014, 25, 39–52. [Google Scholar] [CrossRef]
- Sandoval, K. OAuth 2.0—Why It’s Vital to IoT Security. 2017. Available online: https://nordicapis.com/why-oauth-2-0-is-vital-to-iot-security/ (accessed on 27 May 2021).
- IBM X-Force. Mirai Botnet Loader Campaign. 2017. Available online: https://exchange.xforce.ibmcloud.com/collection/Mirai-Botnet-Loader-Campaign-7e8131a283d50a0f13d43ae5f1d0058b (accessed on 15 April 2020).
- Dorri, A.; Kanhere, S.S.; Jurdak, R.; Gauravaram, P. Blockchain for IoT security and privacy: The case study of a smart home. In Proceedings of the 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops), Kona, HI, USA, 13–17 March 2017; pp. 618–623. [Google Scholar]
- Rehman, Z.U.; Altaf, S.; Iqbal, S. Survey of Authentication Schemes for Health Monitoring: A Subset of Cyber Physical System. In Proceedings of the 2019 16th International Bhurban Conference on Applied Sciences and Technology, IBCAST 2019, Islamabad, Pakistan, 8–12 January 2019; pp. 653–660. [Google Scholar]
- United States Department of the Army. Supervisory Control and Data Acquisition (SCADA) Systems for Command, Control, Communications, Computer, Intelligence, Surveillance, and Reconnaissance (C4ISR) Facilities; United States Department of the Army: Arlington, VA, USA, 2006. [Google Scholar]
- Finkle, J.; Skariachan, D. Target Cyber Breach Hits 40 Million Payment Cards at Holiday Peak. 2013. Available online: https://www.reuters.com/news/technology/article/201 (accessed on 11 October 2021).
- German Steel Plant Suffers Significant Damage from Targeted Attack—Nouvelles de Sécurité—Trend Micro FR. 2015. Available online: https://www.trendmicro.com/vinfo/fr/security/news/cyber-attacks/german-steel-plant-suffers-significant-damage-from-targeted-attack (accessed on 11 October 2021).
- Wang, Z.; Dong, X.; Li, Y.; Fang, L.; Chen, P. IoT Security Model and Performance Evaluation: A Blockchain Approach. In Proceedings of the 2018 International Conference on Network Infrastructure and Digital Content (IC-NIDC), Guiyang, China, 22–24 August 2018; pp. 260–264. [Google Scholar] [CrossRef]
- Alrawi, O.; Lever, C.; Antonakakis, M.; Monrose, F. SoK: Security Evaluation of Home-Based IoT Deployments. In Proceedings of the IEEE Symposium on Security and Privacy, San Francisco, CA, USA, 19–23 May 2019; pp. 1362–1380. [Google Scholar]
- Esposito, C.; Ficco, M.; Gupta, B.B. Blockchain-based authentication and authorization for smart city applications. Inf. Process. Manag. 2021, 58, 102468. [Google Scholar] [CrossRef]
- Fotiou, N.; Pittaras, I.; Siris, V.A.; Voulgaris, S.; Polyzos, G.C. OAuth 2.0 Authorization using Blockchain-based Tokens. arXiv 2021, arXiv:2001.10461. [Google Scholar] [CrossRef]
- Raible, M. What the Heck is OAuth?|Okta Developer. Available online: https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth (accessed on 27 May 2021).
- Shepherd, J. The Ultimate Authentication Playbook. 2019. Available online: https://www.okta.com/blog/2019/02/the-ultimate-authentication-playbook/ (accessed on 1 June 2021).
- Tahir, M.; Sardaraz, M.; Muhammad, S.; Khan, M.S. A lightweight authentication and authorization framework for blockchain-enabled IoT network in health-informatics. Sustainability 2020, 12, 6960. [Google Scholar] [CrossRef]
- Punia, A.; Gupta, D.; Jaiswal, S. A perspective on available security techniques in IoT. In Proceedings of the 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT), Bangalore, India, 19–20 May 2017; pp. 1553–1559. [Google Scholar] [CrossRef]
- Kaaniche, N.; Laurent, M. Data security and privacy preservation in cloud storage environments based on cryptographic mechanisms. Comput. Commun. 2017, 111, 120–141. [Google Scholar] [CrossRef]
- Ibrokhimov, S.; Hui, K.L.; Abdulhakim Al-Absi, A.; Lee, H.J.; Sain, M. Multi-Factor Authentication in Cyber Physical System: A State of Art Survey. In Proceedings of the 2019 21st International Conference on Advanced Communication Technology (ICACT), Pyeongchang, Korea, 17–20 February 2019; pp. 279–284. [Google Scholar] [CrossRef]
- Vegh, L. Cyber-physical systems security through multi-factor authentication and data analytics. In Proceedings of the 2018 IEEE International Conference on Industrial Technology (ICIT), Lyon, France, 20–22 February 2018; pp. 1369–1374. [Google Scholar] [CrossRef]
- Hriez, S.; Obeid, N.; Awajan, A. User authentication on smartphones using keystroke dynamics. In Proceedings of the Pervasive Health: Pervasive Computing Technologies for Healthcare, Trento, Italy, 20–23 May 2019; pp. 2–5. [Google Scholar]
- Dammak, M.; Boudia, O.R.M.; Messous, M.A.; Senouci, S.M.; Gransart, C. Token-Based Lightweight Authentication to Secure IoT Networks. In Proceedings of the 2019 16th IEEE Annual Consumer Communications and Networking Conference, CCNC 2019, Las Vegas, NV, USA, 11–14 January 2019. [Google Scholar]
- What Is Token-Based Authentication? 2021. Available online: https://www.okta.com/identity-101/what-is-token-based-authentication/ (accessed on 15 September 2021).
- WorkOS A Developer’s History of Authentication. 2020. Available online: https://workos.com/blog/a-developers-history-of-authentication (accessed on 11 January 2022).
- Mumtaz, M.; Akram, J.; Ping, L. An RSA based authentication system for smart IoT environment. In Proceedings of the 2019 IEEE 21st International Conference on High Performance Computing and Communications; IEEE 17th International Conference on Smart City; IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS), Zhangjiajie, China, 10–12 August 2019; pp. 758–765. [Google Scholar] [CrossRef]
- Arcenegui, J.; Arjona, R.; Román, R.; Baturone, I. Secure combination of iot and blockchain by physically binding iot devices to smart non-fungible tokens using pufs. Sensors 2021, 21, 3119. [Google Scholar] [CrossRef]
- Lampson, B.; Abadi, M.; Burrows, M.; Wobber, E. Authentication in distributed systems: Theory and practice. In Proceedings of the 13th ACM Symposium on Operating Systems Principles, Pacific Grove, CA, USA, 13–16 October 1991; pp. 165–182. [Google Scholar]
- Lampson, B.; Abadi, M.; Burrows, M.; Wobber, E. Authentication in distributed systems. ACM Trans. Comput. Syst. 1992, 10, 265–310. [Google Scholar] [CrossRef]
- Sánchez Sánchez, P.M.; Huertas Celdrán, A.; Fernández Maimó, L.; Martínez Pérez, G.; Wang, G. Securing smart offices through an intelligent and multi-device continuous authentication system. Commun. Comput. Inf. Sci. 2019, 1122 CCIS, 73–85. [Google Scholar] [CrossRef]
- Igorevich, R.R.; Park, P.; Choi, J.; Min, D. iVision based context-aware smart home system. In Proceedings of the 1st IEEE Global Conference on Consumer Electronics 2012, Tokyo, Japan, 2–5 October 2012; pp. 542–546. [Google Scholar] [CrossRef]
- Aman, M.N.; Chua, K.C.; Sikdar, B. Mutual Authentication in IoT Systems Using Physical Unclonable Functions. IEEE Internet Things J. 2017, 4, 1327–1340. [Google Scholar] [CrossRef]
- Jonsson, F.; Tornkvist, M. RSA Authentication in Internet of Things Technical Limitations and Industry Expectations. 2017. [Google Scholar]
- Sharma, G.; Kalra, S. A secure remote user authentication scheme for smart cities e-governance applications. J. Reliab. Intell. Environ. 2017, 3, 177–188. [Google Scholar] [CrossRef]
- Alotaibi, S.S. Registration Center Based User Authentication Scheme for Smart E-Governance Applications in Smart Cities. IEEE Access 2019, 7, 5819–5833. [Google Scholar] [CrossRef]
- Shrestha, B.; Lin, H. Data-Centric Edge Computing to Defend Power Grids against IoT-Based Attacks. Computer 2020, 53, 35–43. [Google Scholar] [CrossRef]
- Jadoon, A.K.; Li, J.; Wang, L. Physical layer authentication for automotive cyber physical systems based on modified HB protocol. Front. Comput. Sci. 2021, 15, 153809. [Google Scholar] [CrossRef]
- Melki, R.; Noura, H.N.; Mansour, M.M.; Chehab, A. A survey on OFDM physical layer security. Phys. Commun. 2019, 32, 1–30. [Google Scholar] [CrossRef]
- Seepers, R.M.; Weber, J.H.; Erkin, Z.; Sourdis, I.; Strydis, C. Secure key-exchange protocol for implants using heartbeats. In Proceedings of the 2016 ACM International Conference on Computing Frontiers, Como, Italy, 16–19 May 2016; pp. 119–126. [Google Scholar]
- Halperin, D.; Clark, S.S.; Fu, K.; Heydt-Benjamin, T.S.; Defend, B.; Kohno, T.; Ransford, B.; Morgan, W.; Maisel, W.H. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the IEEE Symposium on Security and Privacy, Washington, DC, USA, 18–21 May 2008; pp. 129–142. [Google Scholar]
- Rushanan, M.; Rubin, A.D.; Kune, D.F.; Swanson, C.M. SoK: Security and privacy in implantable medical devices and body area networks. In Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 18–21 May 2014; pp. 524–539. [Google Scholar]
- Tim Hinrichs Centralized vs. Distributed Authorization: The CAP Theorem. 2019. Available online: https://blog.styra.com/blog/centralized-vs.-distributed-authorization-the-cap-theorem (accessed on 28 July 2021).
- Rathee, G.; Iqbal, R.; Waqar, O.; Bashir, A.K. On the Design and Implementation of a Blockchain Enabled E-Voting Application within IoT-Oriented Smart Cities. IEEE Access 2021, 9, 34165–34176. [Google Scholar] [CrossRef]
- Wright, K.L.; Martinez, M.; Chadha, U.; Krishnamachari, B. SmartEdge: A Smart Contract for Edge Computing. In Proceedings of the 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada, 30 July–3 August 2018; pp. 1685–1690. [Google Scholar]
- Khalid, U.; Asim, M.; Baker, T.; Hung, P.C.K.; Tariq, M.A.; Rafferty, L. A decentralized lightweight blockchain-based authentication mechanism for IoT systems. Cluster Comput. 2020, 23, 2067–2087. [Google Scholar] [CrossRef]
- Gong, L.; Alghazzawi, D.M.; Cheng, L. Bcot sentry: A blockchain-based identity authentication framework for IoT devices. Information 2021, 12, 203. [Google Scholar] [CrossRef]
- Zhaofeng, M.; Jialin, M.; Jihui, W.; Zhiguang, S. Blockchain-Based Decentralized Authentication Modeling Scheme in Edge and IoT Environment. IEEE Internet Things J. 2021, 8, 2116–2123. [Google Scholar] [CrossRef]
- Armando, A.; Carbone, R.; Compagna, L.; Cuellar, J.; Tobarra, L. Formal analysis of SAML 2.0 web browser single sign-on: Breaking the SAML-based single sign-on for google apps. In Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering, Alexandria, VA, USA, 27 October 2008; pp. 1–9. [Google Scholar] [CrossRef]
- Mir, O.; Roland, M.; Mayrhofer, R. DAMFA: Decentralized anonymous multi-factor authentication. In Proceedings of the 2nd ACM International Symposium on Blockchain and Secure Critical Infrastructure, Taipei, Taiwan, 6 October 2020; pp. 10–19. [Google Scholar] [CrossRef]
- Hammi, M.T.; Bellot, P.; Serhrouchni, A. BCTrust: A decentralized authentication blockchain-based mechanism. In Proceedings of the IEEE Wireless Communications and Networking Conference, WCNC, Barcelona, Spain, 15–18 April 2018; pp. 1–6. [Google Scholar]
- Almadhoun, R.; Kadadha, M.; Alhemeiri, M.; Alshehhi, M.; Salah, K. A User Authentication Scheme of IoT Devices using Blockchain-Enabled Fog Nodes. In Proceedings of the IEEE/ACS International Conference on Computer Systems and Applications, AICCSA, Aqaba, Jordan, 28 October–1 November 2018. [Google Scholar]
- Vivekanandan, M.; Sastry, V.N.; Srinivasulu, R.U. BIDAPSCA5G: Blockchain based Internet of Things (IoT) device to device authentication protocol for smart city applications using 5G technology. Peer-to-Peer Netw. Appl. 2021, 14, 403–419. [Google Scholar] [CrossRef]
- Kumar, P.; Kumar, R.; Srivastava, G.; Gupta, G.P.; Tripathi, R.; Gadekallu, T.R.; Xiong, N.N. PPSF: A Privacy-Preserving and Secure Framework Using Blockchain-Based Machine-Learning for IoT-Driven Smart Cities. IEEE Trans. Netw. Sci. Eng. 2021, 8, 2326–2341. [Google Scholar] [CrossRef]
- Yetis, R.; Sahingoz, O.K. Blockchain Based Secure Communication for IoT Devices in Smart Cities. In Proceedings of the 2019 7th International Istanbul Smart Grids and Cities Congress and Fair (ICSG), Istanbul, Turkey, 25–26 April 2019; pp. 134–138. [Google Scholar] [CrossRef]
- Gong, S.; Tcydenova, E.; Jo, J.; Lee, Y.; Park, J.H. Blockchain-based secure device management framework for an Internet of Things network in a smart city. Sustainability 2019, 11, 3889. [Google Scholar] [CrossRef] [Green Version]
- Zhang, W.; Wu, Z.; Han, G.; Feng, Y.; Shu, L. LDC: A lightweight dada consensus algorithm based on the blockchain for the industrial Internet of Things for smart city applications. Futur. Gener. Comput. Syst. 2020, 108, 574–582. [Google Scholar] [CrossRef]
- Lazaroiu, C.; Roscia, M. Smart district through IoT and blockchain. In Proceedings of the 2017 6th International Conference on Renewable Energy Research and Applications, ICRERA 2017, San Diego, CA, USA, 5–8 November 2017; pp. 454–461. [Google Scholar]
- Ruckebusch, P.; De Poorter, E.; Fortuna, C.; Moerman, I. GITAR: Generic extension for Internet-of-Things ARchitectures enabling dynamic updates of network and application modules. Ad Hoc Netw. 2016, 36, 127–151. [Google Scholar] [CrossRef]
- Taherkordi, A.; Loiret, F.; Rouvoy, R.; Eliassen, F. Optimizing sensor network reprogramming via in situ reconfigurable components. ACM Trans. Sens. Netw. 2013, 9, 14. [Google Scholar] [CrossRef] [Green Version]
- Song, J.; Zhang, P.; Alkubati, M.; Bao, Y.; Yu, G. Research advances on blockchain-as-a-service: Architectures, applications and challenges. Digit. Commun. Netw. 2021. [Google Scholar] [CrossRef]
- Zheng, W.; Zheng, Z.; Chen, X.; Dai, K.; Li, P.; Chen, R. NutBaaS: A Blockchain-As-A-Service Platform. IEEE Access 2019, 7, 134422–134433. [Google Scholar] [CrossRef]
- Davis, S.; Diemers, D.; Henri Arsianian, G.D. 4 th ICO/STO Report—A Strategic Perspective; PWC Report; 2019. [Google Scholar]
- Cryptopedia What Is Tokenization? Blockchain Token Types. Available online: https://www.gemini.com/cryptopedia/what-is-tokenization-definition-crypto-token (accessed on 15 September 2021).
- Opensea OpenSea, the Largest NFT Marketplace. 2021. Available online: https://opensea.io/ (accessed on 27 May 2022).
- NBA NBA Top Shot | Officially Licensed Digital Collectibles. 2021. Available online: https://nbatopshot.com/ (accessed on 27 May 2022).
- Weingärtner, T. Tokenization of physical assets and the impact of IoT and AI. Eur. Union Blockchain Obs. Forum 2019, 10, 1–16. [Google Scholar]
- Noura, H.; Chehab, A.; Sleem, L.; Noura, M.; Couturier, R.; Mansour, M.M. One round cipher algorithm for multimedia IoT devices. Multimed. Tools Appl. 2018, 77, 18383–18413. [Google Scholar] [CrossRef]
- Noura, H.; Sleem, L.; Noura, M.; Mansour, M.M.; Chehab, A.; Couturier, R. A new efficient lightweight and secure image cipher scheme. Multimed. Tools Appl. 2018, 77, 15457–15484. [Google Scholar] [CrossRef] [Green Version]
- Egorov, M.; Nuñez, D.; Wilkison, M. NuCypher: A proxy re-encryption network to empower privacy in decentralized systems. arXiv 2018, arXiv:0706.3639. [Google Scholar]
- Legg, S.; Hutter, M. A Collection of Definitions of Intelligence. arXiv 2007, arXiv:0706.3639. [Google Scholar]
- Das, A.K.; Bera, B.; Saha, S.; Kumar, N.; You, I.; Chao, H.-C. AI-Envisioned Blockchain-Enabled Signature-Based Key Management Scheme for Industrial Cyber-Physical Systems. IEEE Internet Things J. 2021, 9, 6374–6388. [Google Scholar] [CrossRef]
- Redman, J. Babelchain “Partially Replaces POW” for IoT Solutions. 2016. Available online: https://news.bitcoin.com/babelchain-replaces-pow-power-iot/ (accessed on 12 July 2021).
- Xiao, L.; Member, S.; Yan, Q.; Member, S.; Lou, W.; Member, S.; Chen, G.; Member, S.; Hou, Y.T.; Member, S. Proximity-Based Security Techniques for Mobile Users in Wireless Networks. IEEE Trans. Inf. Forensics Secur. 2013, 8, 2089–2100. [Google Scholar] [CrossRef] [Green Version]
- Kavakiotis, I.; Tsave, O.; Salifoglou, A.; Maglaveras, N.; Vlahavas, I.; Chouvarda, I. Machine Learning and Data Mining Methods in Diabetes Research. Comput. Struct. Biotechnol. J. 2017, 15, 104–116. [Google Scholar] [CrossRef] [PubMed]
- Fang, H.; Qi, A.; Wang, X. Fast Authentication and Progressive Authorization in Large-Scale IoT: How to Leverage AI for Security Enhancement. IEEE Netw. 2020, 34, 24–29. [Google Scholar] [CrossRef]
- Senigagliesi, L.; Baldi, M.; Gambi, E. Statistical and machine learning-based decision techniques for physical layer authentication. In Proceedings of the 2019 IEEE Global Communications Conference (GLOBECOM), Waikoloa, HI, USA, 9–13 December 2019. [Google Scholar] [CrossRef] [Green Version]
- Xiao, L.; Member, S.; Wan, X.; Member, S.; Han, Z. PHY-Layer Authentication with Multiple Landmarks with Reduced Overhead. IEEE Trans. Wirel. Commun. 2017, 17, 1676–1687. [Google Scholar] [CrossRef]
- Shi, C.; Liu, J.; Liu, H.; Chen, Y. Smart User authentication through actuation of daily activities leveraging wifi-enabled IoT. In Proceedings of the International Symposium on Mobile Ad Hoc Networking and Computing (MobiHoc), Chennai, India, 10–14 July 2017. [Google Scholar]
- Canedo, J.; Skjellum, A. Using machine learning to secure IoT systems. In Proceedings of the 2016 14th Annual Conference on Privacy, Security and Trust, Auckland, New Zealand, 12–14 December 2016; pp. 219–222. [Google Scholar]
- Liao, R.; Wen, H.; Member, S.; Chen, S.; Xie, F.; Pan, F.; Tang, J. Multi-user Physical Layer Authentication in Internet of Things with Data Augmentation. IEEE Internet Things J. 2020, 7, 2077–2088. [Google Scholar] [CrossRef]
- Zemlyanikin, M.; Smorkalov, A.; Khanova, T.; Petrovicheva, A.; Serebryakov, G. 512KiB RAM is enough! Live camera face recognition DNN on MCU. In Proceedings of the 2019 IEEE/CVF International Conference on Computer Vision Workshop (ICCVW), Seoul, Korea, 27–28 October 2019; pp. 2493–2500. [Google Scholar] [CrossRef]
RP | Solution | Scheme | Issues |
---|---|---|---|
[57] | Smart Home-based IoT assets evaluation |
|
|
[42] | Hardware-Assisted PKI infrastructure |
|
|
[43] | PUF-based authentication mechanism |
|
|
[68] | TBLUA |
|
|
[71] | RSA Authentication for Smart IoT |
|
|
[75] | Smart Offices ML-based Authentication Schemes |
|
|
[76] | Smart Home-based Device Identification Schemes |
|
|
[77] | PUF-based authentication mechanism |
|
|
[78] | RSA Authentication for IoT |
|
|
[79] | E-Governance XOR and hash-based operations |
|
|
[80] | E-Governance |
|
|
[81] | Data-Centric Edge Computing |
|
|
RP | Solution | Scheme | Issues |
---|---|---|---|
[51] | The Case Study of a Smart Home. |
|
|
[58] | Federated BC-based Solution Hyperledger Fabric 1.4 |
|
|
[72] | NFT-based authentication mechanism utilizing PUF |
|
|
[88] | E-Voting in Smart Cities |
|
|
[89] | SmartEdge-Ethereum |
|
|
[90] | BC-based authentication mechanism Ethereum |
|
|
[91] | BCoT Sentry-Ethereum |
|
|
[92] | BlockAuth |
|
|
[94] | DAMFA-Bitcoin and Namecoin |
|
|
[95] | BCTrust-Ethereum |
|
|
[96] | User Authentication using Fog Nodes |
|
|
[102] | Smart District Model |
|
|
[97] | BIDAPSCA5G for Smart Cities |
|
|
[98] | PPSF for Smart Cities |
|
|
[99] | Authentication System for IoT Devices |
|
|
[100] | Device Mgmt Framework |
|
|
[101] | Security Schemes for IIoT |
|
|
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Khalil, U.; Malik, O.A.; Uddin, M.; Chen, C.-L. A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions. Sensors 2022, 22, 5168. https://doi.org/10.3390/s22145168
Khalil U, Malik OA, Uddin M, Chen C-L. A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions. Sensors. 2022; 22(14):5168. https://doi.org/10.3390/s22145168
Chicago/Turabian StyleKhalil, Usman, Owais Ahmed Malik, Mueen Uddin, and Chin-Ling Chen. 2022. "A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions" Sensors 22, no. 14: 5168. https://doi.org/10.3390/s22145168
APA StyleKhalil, U., Malik, O. A., Uddin, M., & Chen, C. -L. (2022). A Comparative Analysis on Blockchain versus Centralized Authentication Architectures for IoT-Enabled Smart Devices in Smart Cities: A Comprehensive Review, Recent Advances, and Future Research Directions. Sensors, 22(14), 5168. https://doi.org/10.3390/s22145168