Challenges of Multi-Factor Authentication for Securing Advanced IoT (A-IoT) Applications
Aleksandr Ometov, Vitaly Petrov, Sergey Bezzateev, Sergey Andreev, Yevgeni Koucheryavy, Mario Gerla
TL;DR
This work advocates for the adoption of multi-factor authentication for A-IoT, such that multiple heterogeneous methods -- both well established and emerging -- are combined intelligently to grant or deny access reliably.
Abstract
The unprecedented proliferation of smart devices together with novel communication, computing, and control technologies have paved the way for the Advanced Internet of Things~(A-IoT). This development involves new categories of capable devices, such as high-end wearables, smart vehicles, and consumer drones aiming to enable efficient and collaborative utilization within the Smart City paradigm. While massive deployments of these objects may enrich people's lives, unauthorized access to the said equipment is potentially dangerous. Hence, highly-secure human authentication mechanisms have to be designed. At the same time, human beings desire comfortable interaction with their owned devices on a daily basis, thus demanding the authentication procedures to be seamless and user-friendly, mindful of the contemporary urban dynamics. In response to these unique challenges, this work advocates for the adoption of multi-factor authentication for A-IoT, such that multiple heterogeneous methods - both well-established and emerging - are combined intelligently to grant or deny access reliably. We thus discuss the pros and cons of various solutions as well as introduce tools to combine the authentication factors, with an emphasis on challenging Smart City environments. We finally outline the open questions to shape future research efforts in this emerging field.