Internet Of Things-oriented Continuous Identity Authentication Based On Behavioral Biometrics And Context Information

The Internet of things,defined as the next logical phase of the Internet and its extension into the physical world,is a broad connection between devices that can interact with users and share data.But the development of the Io T can not escape the constraints of security problems.As the basic premise of guaranteeing the safe operation of the Io T,the identity authentication technology has received more and more attention.However,traditional identity authentication systems based on knowledge and physiological features(such as passwords,face recognition and fingerprints)are vulnerable to various attacks,and the one-time static identity authentication puts the Io T environment at great risk.Due to the openness of “Smart objects” in Io T environment,the security of node devices has become a serious problem in IOT infrastructure deployment.Aiming at the security problems mentioned above,we researche on continuous identity authentication based on behavior biometrics and context information to enhance the security of Internet of things.The behavior-based and context-based continuous authentication are discussed respectively in this paper,then,an overall system architecture including continuous authentication between device and device and continuous authentication between user and device is proposed.In continuous authentication between devices,we proposes the concept of effective authentication time interval,which uses token technology and the current battery capacity of Io T devices as context information,by computing and transmitting device identification,secret value and random number between device and gateway,the computation complexity during session establishment is reduced,and the time consumption of continuous authentication is reduced,it enhances the robustness of authentication between Io T devices.In the continuous authentication between users and Io T devices,this paper presents the concept of trustworthiness,at the same time,we use context modeling and reasoning technology to analyze the contextual information such as location context,activity context,time context,relationship context,and so on,in order to get the aggregation credibility.The credibility of the end user is determined by the model matching degree and the aggregate credibility degree.This also enables context information to interact with user behavior biometrics for selflearning in an iot environment.Experimental results show that the proposed continuous authentication system plays an important role in resisting network attacks between Io T devices and improving Equal Error Rate(EER)between users and devices,thus enhancing the security of IoT.