A mutual authentication scheme for establishing secure device-to-device communication sessions in the edge-enabled smart cities

Abstract

Internet of Things (IoT) and edge-enabled networking infrastructures have been used to provide data processing capabilities at the edge rather than transferring it to the concerned cloud in the smart cities. However, security and privacy of both data and device $C_i$ are among common issues associated with the edge-enabled IoT networking paradigm. Numerous edge-enabled mechanisms have been presented in literature to resolve these issues, but device-to-device authentication (preferably in multi-hop enabled networking) to resolve the black-hole issue is not addressed yet. In this paper, a mutual authentication scheme, a hybrid of Medium Access Control (MAC) address and EAODV-enabled scheme, for establishing secure device-to-device communication sessions in IoT networks is presented to make edge-enabled smart cities safe and secure. Every device $C_i$ is bounded to register its Mac address with the concerned base station or edge module $S_j$ in an off-line phase to prevent entry of the intruder device(s) in the operational edge-enabled IoT network. Moreover, the initiation of a proper communication session with both device $C_i$ and edge or base station $S_j$ is subjected to the authentication process. Only those devices $C_i$ are allowed to initiate a communication session which are already registered in the off-line phase where entry of the intruder node(s) at any stage is not possible. Apart from it, a well-known encryption and decryption mechanism is used to guarantee a secure communication session. Simulation results have verified that the proposed mutual authentication scheme performance is better than existing schemes specifically in terms of processing and communication overheads.

Introduction

Due to the technological advancements in the development and miniaturization of numerous electronic devices $C_i$, researcher organizations are focused on the realization of the edge-enabled smart cities to make lives easier. For this purpose, Internet of Things (IoT) which is defined as the networks of physical objects or things [1]. These objects or devices $C_i$ are embedded with application dependent sensors, actuators and software module to enable these devices to form an operational communication networks where every member device $C_i$ has the capacity to connect and share data with other member devices or things. Moreover, IoT-enabled networks are used in numerous application area such as development of the smart cities, smart buildings and smart transportation where member devices $C_i$ interact directly with environments via the embedded sensors and forward the collected data to a centralized location, i.e., an edge-node $S_j$, either directly or through multi-hop mechanisms [2], [3]. However, due to the limited processing and communication capacities of these devices $C_i$, IoT networks are delay sensitive specifically in application time critical application areas such as traffic control in the smart cities which becomes worst if the concerned data is needed to be transferred to a cloud. Moreover, the situation becomes worse if each and every decision related to the IoT-enabled smart cities is subjected to the processing of the collected data on cloud which is usually located in remote and secure areas [4].

To resolve the aforementioned issues associated with IoT-enabled smart cities, edge-enabled IoT networks is presented in literature where majority of the operations (which are needed to perform important decisions) related to an operational IoT networks are performed at the nearest edge rather than at centralized cloud [5]. Although, edge-enabled IoT networks have resolved the aforementioned issues that is data processing is performed at the local edge-node $S_j$, but these networks are more vulnerable & exposed to numerous security and privacy breaches. Therefore, the embedded security and privacy schemes, both in devices $C_i$ and edge-node $S_j$, should be smart enough to provide a reliable and secure communication infrastructure for device-to-device and device-to-edge or server module communications and vice versa without compromising on the performance metrics of IoT and edge-enabled networks [6]. To ensure security and privacy of both information and devices $C_i$ or edge-node $S_j$ in IoT and edge-enabled networks, blockchain and ad hoc on-demand vector (AODV) are among the common security and privacy mechanisms where researcher are attracted due to their reliability and transparent nature and are ideal solutions particularly for IoT and edge-enabled smart cities [7]. A blockchain-enabled IoT architecture is presented by S.k. Sing et al. [8] where smart artificial intelligence mechanisms are utilized to provide an efficient blockchain converging way. Moreover, this mechanism is focused on how artificial intelligence and blockchain are used in IoT networks in both scenarios i.e., blockchain-enabled AI and AI-enabled blockchain. Likewise, a secure support vector machine (SVM)-enabled privacy preserving scheme is presented to develop a blockchain enabled secure data exchange platform for the IoT [9]. However, slightly higher communication, computational cost and application specificity are among the common issues associated with these schemes.

Furthermore, numerous authentication schemes have been presented in literature to provide a secure and reliable communication infrastructure for IoT and Edge-enabled networks such as [10], [11], [12], [13]. Although, these mechanisms have resolved the security and privacy issues related to the resource constraint networks such as IoT, these approaches incur a relatively higher communication and computational cost. Similarly, a trust-enabled authentication scheme that is based on the extended ad hoc on demand distance vector (EAODV) routing is presented which is focused on how to resolve the black-hole attack issue associated with the resource constraint networks [13]. Additionally, to address the black-hole issue, a two tier-enabled mechanism is presented for the IoT [14]. Although, these mechanisms have resolved privacy and authenticity issues specifically in device-to-device communication in the operational IoT networks, but complexity and unresolved black-hole attack scenarios are among the common issues associated with these approaches. Security and authenticity of numerous devices $C_i$ is among the common issues associated with the edge-enabled IoT networks. The proposed techniques should have the capacity to provide a reliable and secure communication infrastructure for the edge-enabled IoT networks in both scenarios i.e., device-to-device communication (preferably in multi-hop networks) and device-to-edge node $S_j$ (in scenarios where every device resides within wireless communication range of the edge-node).

In this paper, a mutual authentication and privacy scheme is presented that enabled each and every device $C_i$ to establish a secure device-to-device and device-to-edge communication sessions in the edge-enabled smart cities. This scheme has the capacity to resolve the black-hole issue in multi-hop and edge-enabled IoT networks. Contribution of this research work are

• A novel mutual authentication algorithm for the edge-enabled IoT networks.

• Ensure reliable communication among numerous devices $C_i$ or edge-node $S_j$ in multi-hop edge-enabled IoT networks.

• Secure device-to-device communication for edge-enabled IoT in smart cities.

The rest of the is organized as follows. In subsequent Section 2, a brief literature review preferably of those scheme which are related to the proposed authentication scheme is presented. In Section 3, the proposed mutual authentication scheme is described in detail such as phases, working mechanism and algorithm whereas informal security analysis is presented in the subsequent section. In Section 5, implementation and results of the proposed mutual authentication scheme against existing schemes are described in detail. Finally, concluding remarks and future directions are given.