A new hybrid online and offline multi-factor cross-domain authentication method for IoT applications in the automotive industry

Citation

Khalid, Haqi and Hashim, Shaiful Jahari and Syed Ahmad Abdul Rahman, Sharifah Mumtazah and Hashim, Fazirulhisyam and Chaudhary, Muhammad Akmal (2021) A new hybrid online and offline multi-factor cross-domain authentication method for IoT applications in the automotive industry. Energies, 14 (21). art. no. 7437. pp. 1-34. ISSN 1996-1073

Abstract

Connected vehicles have emerged as the latest revolution in the automotive industry, utilizing the advent of the Internet of Things (IoT). However, most IoT-connected cars mechanisms currently depend on available network services and need continuous network connections to allow users to connect to their vehicles. Nevertheless, the connectivity availability shortcoming in remote or rural areas with no network coverage makes vehicle sharing or any IoT-connected device problematic and undesirable. Furthermore, IoT-connected cars are vulnerable to various passive and active attacks (e.g., replay attacks, MiTM attacks, impersonation attacks, and offline guessing attacks). Adversaries could all use these attacks to disrupt networks posing a threat to the entire automotive industry. Therefore, to overcome this issue, we propose a hybrid online and offline multi-factor authentication cross-domain authentication method for a connected car-sharing environment based on the user’s smartphone. The proposed scheme lets users book a vehicle using the online booking phase based on the secured and trusted Kerberos workflow. Furthermore, an offline authentication phase uses the OTP algorithm to authenticate registered users even if the connectivity services are unavailable. The proposed scheme uses the AES-ECC algorithm to provide secure communication and efficient key management. The formal SOV logic verification was used to demonstrate the security of the proposed scheme. Furthermore, the AVISPA tool has been used to check that the proposed scheme is secured against passive and active attacks. Compared to the previous works, the scheme requires less computation due to the lightweight cryptographic algorithms utilized. Finally, the results showed that the proposed system provides seamless, secure, and efficient authentication operation for the automotive industry, specifically car-sharing systems, making the proposed system suitable for applications in limited and intermittent network connections.

Download File

Full text not available from this repository.

Official URL or Download Paper: https://www.mdpi.com/1996-1073/14/21/7437

Additional Metadata

Item Type:	Article
Divisions:	Faculty of Engineering
DOI Number:	https://doi.org/10.3390/en14217437
Publisher:	Multidisciplinary Digital Publishing Institute
Keywords:	IoT applications; Automotive industry; Offline authentication; IoT-connected vehicles; Cross-domain authentication
Depositing User:	Ms. Nuraida Ibrahim
Date Deposited:	28 Mar 2023 04:08
Last Modified:	28 Mar 2023 04:08
Altmetrics:	http://www.altmetric.com/details.php?domain=psasir.upm.edu.my&doi=10.3390/en14217437
URI:	http://psasir.upm.edu.my/id/eprint/95841
Statistic Details:	View Download Statistic

Actions (login required)

View Item