Next Article in Journal
An Integrated Software-Defined Networking–Network Function Virtualization Architecture for 5G RAN–Multi-Access Edge Computing Slice Management in the Internet of Industrial Things
Previous Article in Journal
Application of Proximal Policy Optimization for Resource Orchestration in Serverless Edge Computing
 
 
Article
Peer-Review Record

SLACPSS: Secure Lightweight Authentication for Cyber–Physical–Social Systems

Computers 2024, 13(9), 225; https://doi.org/10.3390/computers13090225
by Ahmed Zedaan M. Abed *, Tamer Abdelkader * and Mohamed Hashem
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Reviewer 3: Anonymous
Computers 2024, 13(9), 225; https://doi.org/10.3390/computers13090225
Submission received: 2 June 2024 / Revised: 10 July 2024 / Accepted: 16 July 2024 / Published: 9 September 2024

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

1. Although the authors tried to show that Metaverse is same as CPSS, they were unable to provide an easy explanation to convince the reviewer. 

2. The first perception of the paper was Metaverse and one wonder why metaverse is not the title of the paper? If CPSS was the goal, then the Metaverse content of the paper were irrelevant and distracting. 

3. There was no evidence in the paper to show that existing authentication for CPSS were not lightweight. Is the author proposing a lightweight to solve the problem of the need for a lightweight systems? This question begs for answer in the paper. 

4. Lines 448 to 642 can not be understood by a reader and thus, difficult to appreciate why it was in the paper. An extensive English revision is needed. 

5. Table 7 can not be verified. The fact that the authors included Table 7 does not justified the novelty of the work as readers can not confirm such claims. 

6. All abbreviations should be properly arranged at the back of the paper as appendix. 

7. All other corrections are added in the attached file. 

 

Comments for author File: Comments.pdf

Comments on the Quality of English Language

paper is not properly written and needed to be rejected or major rejection. See attached PDf file. 

Author Response

Comments and Suggestions for Authors

  1. Although the authors tried to show that Metaverse is same as CPSS, they were unable to provide an easy explanation to convince the reviewer.

We have modified the abstract and introduction to clarify that Metaverse is an implementation of CPSS. (Modifications are highlighted)

 

 

  1. The first perception of the paper was Metaverse and one wonder why metaverse is not the title of the paper? If CPSS was the goal, then the Metaverse content of the paper were irrelevant and distracting.

If the Journal allows the change of the title, We will change it to (SLAMCPSS: Secure Lightweight Authentication for Metaverse as a Cyber Physical Social System).

CPSS is a base class and the metaverse represents an expanded version of CPSS consists of three basic components (cyber space - physical space - social space). We have proven that the Metaverse is an element derived from the CPSS system and consists of the same components that CPSS is composed of, therefore; the Metaverse is an example of CPSS.

  1. There was no evidence in the paper to show that existing authentication for CPSS were not lightweight. Is the author proposing a lightweight to solve the problem of the need for a lightweight systems? This question begs for answer in the paper.

CPSS is an abstract concept for a range of applications that require diverse security requirements. Among these applications, Metaverse is a CPSS that requires lightweight authentication. We already included previous works on Metaverse authentication and focused our work on it. Sometimes the user tries to log in from a laptop, tablet, or mobile phone, and the devices differ in terms of processor capacity and capabilities. Devices with weak capabilities struggle with authentication processes. We are here trying to help these devices and reduce the burden on processing operations by simplifying the authentication steps while maintaining the integrity of the data.

  1. Lines 448 to 642 can not be understood by a reader and thus, difficult to appreciate why it was in the paper. An extensive English revision is needed.

It is an approach to explain the proposed protocol that has been tackled in many previous papers. We have also designed an image showing the proposed protocol and a table showing the abbreviations so that it is easy for the reader to understand the proposal. The steps are detailed and explained. It consists of five steps:

  • Initialization step
  • User setup step
  • Creating an avatar step
  • Login and Authentication step
  • Avatar authentication step
  1. Table 7 can not be verified. The fact that the authors included Table 7 does not justify the novelty of the work as readers can not confirm such claims.

Siddhartha et al. [76], proposed A Lightweight Authentication Protocol using Implicit Certificates for Securing IoT Systems (LAPIC) and they evaluated their proposed protocol against several existing protocols. (LAPIC) is resistant to vairous attacks. We compared our proposed protocol (SLACPSS) with (LAPIC) and previous protocols used in [76] by the same attacks as presented in Table 7.

 Modification are highlighted

 

 

 

  1. All abbreviations should be properly arranged at the back of the paper as appendix.

The table of abbreviations is presented before using them in the proposal to help the reader understand the proposal.

(This approach has been tackled in many papers before.)

  1. All other corrections are added in the attached file.

We did almost all the required modifications and they are highlighted in the new version.

 

Reviewer 2 Report

Comments and Suggestions for Authors

This study proposes a new protocol for secure lightweight authentication in CPSS to provide secure communication and avatar interaction between platform servers and users, and shows the safety and lightness of the proposed protocol through security analysis. It is judged that the technical contribution of the proposed article in the field of lightweight protocols related to metaverse can be recognized, but the following revisions are necessary for publication of the paper.

1. What is the difference from the protocol in [43], which satisfies all of the most important safety evaluations in the protocol?

2. Lightweightness must be proven by adding a comparison of the protocol's performance.

3. The protocol must be organized more formally to improve reader understanding.

4. Please organize the notations carefully to avoid confusion.

Comments on the Quality of English Language

Minor editing of English language required

Author Response

  1. What is the difference from the protocol in [43], which satisfies all of the most important safety evaluations in the protocol?

After making the modifications, the reference location changed from [43] to [55]. Although the word in [55] satisfies all of the important security requirements, it lacks the lightweight property which is needed in applications like Metaverse. Our contribution is to achieve the same security requirements in addition to being lightweight. 

  1. Lightweightness must be proven by adding a comparison of the protocol's performance.

In this paper, we were concerned in informal security analysis, which is the first step in proving the protocol performance. We are now working on the practical analysis to be published later.

 

  1. The protocol must be organized more formally to improve reader understanding.

We did our best to clarify the proposed protocol. This approach has been tackled in many papers before. We followed the same approach as in:

  • ECC-PDGPP: ECC-Based Parallel Dependency RFID-Grouping-Proof Protocol Using Zero-Knowledge Property in the Internet of Things Environment. (DOI:10.1109/OJCS.2024.3406142).
  • Private Blockchain Envisioned Access Control System for Securing Industrial IoT-Based Pervasive Edge Computing. (DOI: 1109/ACCESS.2023.3333441).
  • A Secure Content Trading for Cross-Platform in the Metaverse With Blockchain and Searchable Encryption. (DOI: 10.1109/ACCESS.2023.3328232).
  • Design of Secure and Lightweight Authentication Scheme for UAV-Enabled Intelligent Transportation Systems Using Blockchain and PUF. (DOI: 1109/ACCESS.2023.3286016)
  • An Effective Privacy-Preserving Blockchain-Assisted Security Protocol for Cloud-Based Digital Twin Environment. (DOI: 1109/ACCESS.2023.3249116).
  1. Please organize the notations carefully to avoid confusion.

Done and modifications are highlighted.

 

 

 

Reviewer 3 Report

Comments and Suggestions for Authors

The paper describes an innovative security solution for cyber-physical social systems. The claimed novelty is the proposed solution allows a lightweight authentication. The proposal is technically sound in general terms.

The claims in the introduction are justified and the problem is correctly described. Description are OK. I would not say they are exhaustive, but figures and algorithms are provided. I think this is enough to ensure future replicability and readability. 

References are timely and the topic matches the scope of the journal. 

However, in my opinion, some improvements need to be done to the experiemental section:

The current evaluation is just formal. But there is not experimental evidence or quantitative results. You need to show the proposed system is better through some scientific experiment. It could be a simulation or a real application or prototype. You need to select the correct independen variable and analyze under different circumstances how the system behaves. Later, analyzing the results, you could conclude if your system is lighyweight or not. Now it's unclear.

Please, improve the manuscript before the acceptance

Author Response

The current evaluation is just formal. But there is not experimental evidence or quantitative results. You need to show the proposed system is better through some scientific experiment. It could be a simulation or a real application or prototype. You need to select the correct independen variable and analyze under different circumstances how the system behaves. Later, analyzing the results, you could conclude if your system is lighyweight or not. Now it's unclear.

In this paper, we were concerned in informal security analysis, which is the first step in proving the protocol performance. We are now working on the practical analysis to be published later.

Please, improve the manuscript before the acceptance

We did some improvements to clarify the unclear parts.

Round 2

Reviewer 1 Report

Comments and Suggestions for Authors

Issues have been addressed. The editor can decide on the title change. 

Reviewer 2 Report

Comments and Suggestions for Authors

Although the authors were not able to resolve all of the problems raised by the reviewer, they responded faithfully, and it is believed that the article can be published at the current level. 

Comments on the Quality of English Language

A final check of English corrections is required prior to publication.

Back to TopTop