Opportunistic Sensor-Based Authentication Factors in and for the Internet of Things
Marc Saideh, Jean-Paul Jamont, Laurent Vercouter
TL;DR
The paper addresses securing IoT communications by introducing opportunistic authentication factors derived from data already collected by existing sensors in a System of Systems (SoS). The approach repurposes sensor streams to create supplementary authentication signals that augment existing MFA without adding hardware. Illustrative parking-entry experiments with mobile robots and cars show feasible engine-sound and visual signatures enabling high recognition accuracy, even under outdoor noise. The authors discuss context-dependence, potential benefits, and future work to formalize evaluation and compare with existing techniques.
Abstract
Communication between connected objects in the Internet of Things (IoT) often requires secure and reliable authentication mechanisms to verify identities of entities and prevent unauthorized access to sensitive data and resources. Unlike other domains, IoT offers several advantages and opportunities, such as the ability to collect real-time data through numerous sensors. These data contains valuable information about the environment and other objects that, if used, can significantly enhance authentication processes. In this paper, we propose a novel idea to building opportunistic sensor-based authentication factors by leveraging existing IoT sensors in a system of systems approach. The objective is to highlight the promising prospects of opportunistic authentication factors in enhancing IoT security. We claim that sensors can be utilized to create additional authentication factors, thereby reinforcing existing object-to-object authentication mechanisms. By integrating these opportunistic sensor-based authentication factors into multi-factor authentication schemes, IoT security can be substantially improved. We demonstrate the feasibility and effectivenness of our idea through illustrative experiments in a parking entry scenario, involving both mobile robots and cars, achieving high identification accuracy. We highlight the potential of this novel method to improve IoT security and suggest future research directions for formalizing and comparing our approach with existing techniques.