Comparison of total communication costs.

Comparison of total communication costs.

<div><p>Authentication is a crucial challenge for Internet of Things (IoT) security, especially in open, distributed and resource-constrained environments. Current methods have significant shortcomings in terms of efficiency, adaptability, and ability to cope with complicated security th...

وصف كامل

محفوظ في:
التفاصيل البيبلوغرافية
المؤلف الرئيسي: Zhanfei Ma (12506951) (author)
مؤلفون آخرون: Hui Wei (126971) (author), Jing Jiang (130103) (author), Bisheng Wang (832675) (author), Hefei Wang (491208) (author), Zhong Di (14104491) (author)
منشور في: 2025
الموضوعات:
Biophysics
Molecular Biology
Science Policy
Biological Sciences not elsewhere classified
Information Systems not elsewhere classified
scheme reduces latency
experimental results show
enhance runtime protection
architectural optimization reduces
xlink "> authentication
secure identity authentication
organically integrating authentication
meanwhile ensuring security
complicated security threats
simplifies trust negotiation
lightweight authentication framework
trust authentication architecture
enhanced fast authentication
authentication </ p
authentication techniques
signature trust
lightweight zero
windowed based
significant shortcomings
signature processes
session hijacking
sensitive tokens
paper proposes
otp seeds
incorporating multi
feasible path
factor attributes
energy consumption
encryption mechanisms
efficiently defend
current methods
crucial challenge
credential leakage
constrained environments
communication rounds
الوسوم: إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
الوصف
الملخص:<div><p>Authentication is a crucial challenge for Internet of Things (IoT) security, especially in open, distributed and resource-constrained environments. Current methods have significant shortcomings in terms of efficiency, adaptability, and ability to cope with complicated security threats. Therefore, this paper proposes a lightweight authentication framework for Cloud-Edge-End, which integrates the enhanced Fast Authentication and Signature Trust for SM9 (FAST-SM9) algorithm and zero-trust Dynamic Re-authentication (zero-trust-DRA) mechanism. First, FAST-SM9 effectively reduces protocol overhead, and meanwhile ensuring security by organically integrating authentication and signature processes. Its architectural optimization reduces the number of communication rounds by 40% and simplifies trust negotiation between heterogeneous layers without affecting the integrity of encryption mechanisms. To enhance runtime protection, the designed zero-trust-DRA mechanism also introduces context-aware, time-windowed based re-authentication techniques so as to efficiently defend against risks such as session hijacking and credential leakage. In addition, the Dynamic Identity Token Generation Mechanism (DITGM) enhances the security and flexibility of the system by incorporating multi-factor attributes such as fingerprints and OTP seeds into time-sensitive tokens. Experimental results show that this scheme reduces latency by 56.6% and energy consumption by 63% compared to traditional PKI edge authentication methods, and effectively resists related attacks. The formal tool AVISPA verification further confirms its security. The scalability testing also proves its applicability in IoT. A feasible path is provided for efficient and secure identity authentication in distributed systems, which helps to promote the development of zero-trust security systems.</p></div>

مواد مشابهة