A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry
Connected vehicles have emerged as the latest revolution in the automotive industry, utilizing the advent of the Internet of Things (IoT). However, most IoT-connected cars mechanisms currently depend on available network services and need continuous network connections to allow users to connect to t...
Guardado en:
| Autores principales: | , , , , |
|---|---|
| Formato: | article |
| Lenguaje: | EN |
| Publicado: |
MDPI AG
2021
|
| Materias: | |
| Acceso en línea: | https://doaj.org/article/e98d7b5b54d1444881da5ceddd599aa4 |
| Etiquetas: |
Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
|
| id |
oai:doaj.org-article:e98d7b5b54d1444881da5ceddd599aa4 |
|---|---|
| record_format |
dspace |
| spelling |
oai:doaj.org-article:e98d7b5b54d1444881da5ceddd599aa42021-11-11T16:08:46ZA New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry10.3390/en142174371996-1073https://doaj.org/article/e98d7b5b54d1444881da5ceddd599aa42021-11-01T00:00:00Zhttps://www.mdpi.com/1996-1073/14/21/7437https://doaj.org/toc/1996-1073Connected vehicles have emerged as the latest revolution in the automotive industry, utilizing the advent of the Internet of Things (IoT). However, most IoT-connected cars mechanisms currently depend on available network services and need continuous network connections to allow users to connect to their vehicles. Nevertheless, the connectivity availability shortcoming in remote or rural areas with no network coverage makes vehicle sharing or any IoT-connected device problematic and undesirable. Furthermore, IoT-connected cars are vulnerable to various passive and active attacks (e.g., replay attacks, MiTM attacks, impersonation attacks, and offline guessing attacks). Adversaries could all use these attacks to disrupt networks posing a threat to the entire automotive industry. Therefore, to overcome this issue, we propose a hybrid online and offline multi-factor authentication cross-domain authentication method for a connected car-sharing environment based on the user’s smartphone. The proposed scheme lets users book a vehicle using the online booking phase based on the secured and trusted Kerberos workflow. Furthermore, an offline authentication phase uses the OTP algorithm to authenticate registered users even if the connectivity services are unavailable. The proposed scheme uses the AES-ECC algorithm to provide secure communication and efficient key management. The formal SOV logic verification was used to demonstrate the security of the proposed scheme. Furthermore, the AVISPA tool has been used to check that the proposed scheme is secured against passive and active attacks. Compared to the previous works, the scheme requires less computation due to the lightweight cryptographic algorithms utilized. Finally, the results showed that the proposed system provides seamless, secure, and efficient authentication operation for the automotive industry, specifically car-sharing systems, making the proposed system suitable for applications in limited and intermittent network connections.Haqi KhalidShaiful Jahari HashimSharifah Mumtazah Syed AhmadFazirulhisyam HashimMuhammad Akmal ChaudharyMDPI AGarticleIoT applicationsautomotive industryoffline authenticationIoT-connected vehiclescross-domain authenticationTechnologyTENEnergies, Vol 14, Iss 7437, p 7437 (2021) |
| institution |
DOAJ |
| collection |
DOAJ |
| language |
EN |
| topic |
IoT applications automotive industry offline authentication IoT-connected vehicles cross-domain authentication Technology T |
| spellingShingle |
IoT applications automotive industry offline authentication IoT-connected vehicles cross-domain authentication Technology T Haqi Khalid Shaiful Jahari Hashim Sharifah Mumtazah Syed Ahmad Fazirulhisyam Hashim Muhammad Akmal Chaudhary A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry |
| description |
Connected vehicles have emerged as the latest revolution in the automotive industry, utilizing the advent of the Internet of Things (IoT). However, most IoT-connected cars mechanisms currently depend on available network services and need continuous network connections to allow users to connect to their vehicles. Nevertheless, the connectivity availability shortcoming in remote or rural areas with no network coverage makes vehicle sharing or any IoT-connected device problematic and undesirable. Furthermore, IoT-connected cars are vulnerable to various passive and active attacks (e.g., replay attacks, MiTM attacks, impersonation attacks, and offline guessing attacks). Adversaries could all use these attacks to disrupt networks posing a threat to the entire automotive industry. Therefore, to overcome this issue, we propose a hybrid online and offline multi-factor authentication cross-domain authentication method for a connected car-sharing environment based on the user’s smartphone. The proposed scheme lets users book a vehicle using the online booking phase based on the secured and trusted Kerberos workflow. Furthermore, an offline authentication phase uses the OTP algorithm to authenticate registered users even if the connectivity services are unavailable. The proposed scheme uses the AES-ECC algorithm to provide secure communication and efficient key management. The formal SOV logic verification was used to demonstrate the security of the proposed scheme. Furthermore, the AVISPA tool has been used to check that the proposed scheme is secured against passive and active attacks. Compared to the previous works, the scheme requires less computation due to the lightweight cryptographic algorithms utilized. Finally, the results showed that the proposed system provides seamless, secure, and efficient authentication operation for the automotive industry, specifically car-sharing systems, making the proposed system suitable for applications in limited and intermittent network connections. |
| format |
article |
| author |
Haqi Khalid Shaiful Jahari Hashim Sharifah Mumtazah Syed Ahmad Fazirulhisyam Hashim Muhammad Akmal Chaudhary |
| author_facet |
Haqi Khalid Shaiful Jahari Hashim Sharifah Mumtazah Syed Ahmad Fazirulhisyam Hashim Muhammad Akmal Chaudhary |
| author_sort |
Haqi Khalid |
| title |
A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry |
| title_short |
A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry |
| title_full |
A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry |
| title_fullStr |
A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry |
| title_full_unstemmed |
A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry |
| title_sort |
new hybrid online and offline multi-factor cross-domain authentication method for iot applications in the automotive industry |
| publisher |
MDPI AG |
| publishDate |
2021 |
| url |
https://doaj.org/article/e98d7b5b54d1444881da5ceddd599aa4 |
| work_keys_str_mv |
AT haqikhalid anewhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT shaifuljaharihashim anewhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT sharifahmumtazahsyedahmad anewhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT fazirulhisyamhashim anewhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT muhammadakmalchaudhary anewhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT haqikhalid newhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT shaifuljaharihashim newhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT sharifahmumtazahsyedahmad newhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT fazirulhisyamhashim newhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry AT muhammadakmalchaudhary newhybridonlineandofflinemultifactorcrossdomainauthenticationmethodforiotapplicationsintheautomotiveindustry |
| _version_ |
1718432447568281600 |