Research On The Security Authentication Scheme For IoT Devices In The Cloud Service Environment

With the rapid development of Internet of Things(Io T),Io T-enabled devices have been widely used in people's life.People are able to access Io T-enabled devices remotely,which not only improves people's work efficiency,but also makes people's life more convenient.The Internet of things technology brings convenience to people's life.At the same time,the security problems attract people's attention.Nowadays,Io T-enabled devices are deployed in personal and public environments.Sensor devices can continuously collect all kinds of data,but these data may contain important sensitive information of individuals or enterprises.If these privacy data are obtained by malicious attackers,it may cause huge losses to the society.Identity authentication is the first line of defense to protect data security.It can effectively prevent the disclosure of sensitive information by controlling the access of sensitive data.However,due to the computation and storage of Io T-enabled devices being limited,the traditional authentication schemes are not suitable for Io T-enabled devices.In recent years,many lightweight authentication schemes have been proposed for the Internet of things environment.These schemes have the characteristics of low computation and simple authentication process.They are more suitable for Io T-enabled devices.In view of the above problems and challenges,this paper systematically studies and analyzes the existing lightweight authentication schemes applied in the Internet of Things environment in recent years,and completes the following work:1.Find that the smart card based identity authentication scheme proposed by Banerjee et al.in 2018 is vulnerable to counterfeiting attacks,which cannot achieve their claimed security,and propose an improved authentication scheme.Through security analysis,the improved authentication scheme overcomes the weakness of Banerjee et al.'s scheme which can't resist the impersonation attack.2.Find that the authentication scheme for Io T-enabled devices in distributed cloud computing environment proposed by Zhou et al.in 2019 is vulnerable to denial of service attack,and propose a three-factor lightweight authentication scheme for Io T-enabled devices in cloud computing environment.In the authentication phase,the new scheme uses the user's biometrics to reduce the computation cost of the control server.By comparing the security and computation cost,the new three factor authentication scheme overcomes the shortcomings of Zhou et al.proposed scheme can't resist the denial of service attack,and the computation cost is smaller than Zhou et al.'s scheme.3.Find that a lightweight anonymous user authentication and session key agreement scheme proposed by Gupta et al.in 2019 is vulnerable to offline guessing attack,session key disclosure attack and impersonation attack.This paper proposes a new lightweight authentication scheme for wearable sensor devices in the cloud computing environment.The authentication scheme can resist well-known attacks through the proof of Dolev-Yao security model and BAN logic.Compared with other related schemes,it has the advantage of small computation cost.