Authentic-caller: Self-enforcing authentication in a next generation network

Journal article

Azad, Muhammad Ajmal, Bag, Samiran, Perera, Charith, Barhamgi, Mahmoud and Hao, Feng 2019. Authentic-caller: Self-enforcing authentication in a next generation network. IEEE Transactions on Industrial Informatics. https://doi.org/10.1109/tii.2019.2941724
AuthorsAzad, Muhammad Ajmal, Bag, Samiran, Perera, Charith, Barhamgi, Mahmoud and Hao, Feng
Abstract

The Internet of Things (IoT) or the Cyber-Physical System (CPS) is the network of connected devices, things and people which collect and exchange information using the emerging telecommunication networks (4G, 5G IP-based LTE). These emerging telecommunication networks can also be used to transfer critical information between the source and destination, informing the control system about the outage in the electrical grid, or providing information about the emergency at the national express highway. This sensitive information requires authorization and authentication of source and destination involved in the communication. To protect the network from unauthorized access and to provide authentication, the telecommunication operators have to adopt the mechanism for seamless verification and authorization of parties involved in the communication. Currently, the next-generation telecommunication networks use a digest-based authentication mechanism, where the call-processing engine of the telecommunication operator initiates the challenge to the request-initiating client or caller, which is being solved by the client to prove his credentials. However, the digest-based authentication mechanisms are vulnerable to many forms of known attacks e.g., the Man-In-The-Middle (MITM) attack and the password guessing attack. Furthermore, the digest-based systems require extensive processing overheads. Several Public-Key Infrastructure (PKI) based and identity-based schemes have been proposed for the authentication and key agreements. However, these schemes generally require smart-card to hold long-term private keys and authentication credentials. In this paper, we propose a novel self-enforcing authentication protocol for the SIPbased next-generation network based on a low-entropy shared password without relying on any PKI or trusted third party system. The proposed system shows effective resistance against various attacks e.g., MITM, replay attack, password guessing attack, etc. We analyze the security properties of the proposed scheme in comparison to the state of the art.

KeywordsControl and Systems Engineering; Electrical and Electronic Engineering; Information Systems; Computer Science Applications; Network Security
Year2019
JournalIEEE Transactions on Industrial Informatics
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
ISSN15513203
19410050
Digital Object Identifier (DOI)https://doi.org/10.1109/tii.2019.2941724
Web address (URL)http://hdl.handle.net/10545/624446
hdl:10545/624446
Publication dates19 Sep 2019
Publication process dates
Deposited04 Feb 2020, 16:51
AcceptedSep 2019
ContributorsUniversity of Derby, University of Warwick, Computational Informatics, CSIRO, Canberra, Australian Capital Territory Australia and Universite Claude Bernard, Lyon, France
File
File Access Level
Open
Permalink -

https://repository.derby.ac.uk/item/9336x/authentic-caller-self-enforcing-authentication-in-a-next-generation-network

Log in to edit

Download files

  • 33
    total views
  • 0
    total downloads
  • 1
    views this month
  • 0
    downloads this month

Export as

Related outputs

Large-scale Data Integration Using Graph Probabilistic Dependencies (GPDs)
Zada, Muhammad Sadiq Hassan, Yuan, Bo, Anjum, Ashiq, Azad, Muhammad Ajmal, Khan, Wajahat Ali and Reiff-Marganiec, Stephan 2020. Large-scale Data Integration Using Graph Probabilistic Dependencies (GPDs). IEEE. https://doi.org/10.1109/bdcat50828.2020.00028
Persation: an IoT based personal safety prediction model aided solution
Alofe, Olasunkanmi Matthew, Fatema, Kaniz, Azad, Muhammad Ajmal and Kurugollu, Fatih 2020. Persation: an IoT based personal safety prediction model aided solution. International Journal of Computing and Digital Systems.
Privacy-preserving crowd-sensed trust aggregation in the user-centeric internet of people networks
Azad, Muhammad, Perera, Charith, Bag, Samiran, Barhamgi, Mahmoud and Hao, Feng 2020. Privacy-preserving crowd-sensed trust aggregation in the user-centeric internet of people networks. ACM Transactions on Cyber-Physical Systems. https://doi.org/10.1145/3446431
Designing privacy-aware internet of things applications
Perera, Charith, Barhamgi, Mahmoud, Bandara, Arosha K., Ajmal, Muhammad, Price, Blaine and Nuseibeh, Bashar 2019. Designing privacy-aware internet of things applications. Elsevier Information Sciences. https://doi.org/10.1016/j.ins.2019.09.061
CRT-BIoV: A cognitive radio technique for blockchain-enabled internet of vehicles
Rathee, Geetanjali, Ahmad, F., Kurugollu, Fatih, Azad, Muhammad, Iqbal, Razi and Imran, Muhammad 2020. CRT-BIoV: A cognitive radio technique for blockchain-enabled internet of vehicles. IEEE Transactions on Intelligent Transportation Systems. https://doi.org/10.1109/TITS.2020.3004718
A first look at privacy analysis of COVID-19 contact tracing mobile applications
Azad, Muhammad Ajmal, Arshad, Junaid, Akmal, Syed Muhammad Ali, Riaz, Farhan, Abdullah, Sidrah, Imran, Muhammad and Ahmad, F. 2020. A first look at privacy analysis of COVID-19 contact tracing mobile applications. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2020.3024180
PriVeto: a fully private two round veto protocol.
Samiran, Bag, Muhammad Ajmal, Azad and Feng, Hao 2018. PriVeto: a fully private two round veto protocol. IET Information Security. https://doi.org/10.1049/iet-ifs.2018.5115
M2M-REP: Reputation system for machines in the internet of things.
Azad, Muhammad Ajmal, Bag, Samiran, Hao, Feng and Salah, Khaled 2018. M2M-REP: Reputation system for machines in the internet of things. Computers & Security. 79, pp. 1-16. https://doi.org/10.1016/j.cose.2018.07.014
Consumer-facing technology fraud: Economics, attack methods and potential solutions
Mohammed Aamir, Ali, Muhammad AJmal, Azad, Mario Parreno, Centeno, Feng, Hao and Aad Van, Moorsel 2019. Consumer-facing technology fraud: Economics, attack methods and potential solutions. Future Generation Computer Systems. https://doi.org/10.1016/j.future.2019.03.041
TrustVote: Privacy-preserving node ranking in vehicular networks
Muhammad AJmal, Azad, Samiran, Bag, Simon, Parkinson and Feng, Hao 2018. TrustVote: Privacy-preserving node ranking in vehicular networks. IEEE Internet of Things Journal. https://doi.org/10.1109/JIOT.2018.2880839
Pervasive blood pressure monitoring using Photoplethysmogram (PPG) Sensor
Riaz, Farhan, Azad, Muhammad, Arshad, Junaid, Imran, Muhammad, Hassan, Ali and Rehmad, Saad 2019. Pervasive blood pressure monitoring using Photoplethysmogram (PPG) Sensor. Future Generation Computer Systems. https://doi.org/10.1016/j.future.2019.02.032