Field of the Invention
The present invention relates to a system for authentication of things and a method of performing authentication of things.
Discussion of the Related Art
The Internet of Things (IoT) corresponds to a thing space connection network where all things form an intelligent relation using an information communication technology. In particular, the IoT corresponds to a technology and a service capable of being connected with each other via the Internet without being restricted by time, a place, and a type. The IoT corresponds to a technology and a service capable of appropriately processing and controlling information by monitoring surrounding situation, communicating and cooperating with each other without explicit human involvement. In this case, a thing corresponding to a main configuration element of the IoT can include not only a communication device (end-device) in wired/wireless network but also a physical thing consisting of a human, a vehicle, a bridge, various electronic devices, cultural assets, and natural environment, and the like.
The consumer electronics industry is witnessing a surge in Internet of Things (IoT) devices, ranging from mundane artifacts to complex biosensors connected across disparate networks. In particular, the Internet of Things (IoT) is now part of our daily lives. Projections suggest that we will soon be surrounded by billions of IoT-enabled devices. Yet, legacy authentication and access control mechanisms do not meet the growing needs of IoT.
In particular, as the demand for IoT devices grows, the need for stronger authentication and access control mechanisms is greater than ever. In particular, there is a dire need for a holistic authentication mechanism throughout the IoT device life-cycle, namely from the manufacturing to the retirement of the device.
Since sensors used for IoT have subminiature and low-power characteristic, it is required to have an authentication and access control mechanism smoothly operating in low power environment where computing power is not sufficient.
IoT combines physical objects (e.g., vehicles and appliances) with sensors and actuators in a cyber-physical system (e.g., smart cities, grids, and homes).
Authentication mechanisms enable parties to distinguish between forged and legitimate data, as well as to know with certainty who originated a message. Authentication is paramount to security.
For IoT, in particular, authentication enables access control, prevents sybil attacks attacking a system or a network with a plurality of identifiers, and mitigates Denial of Service (DoS) attempts. Authentication mechanism makes authentication a key security property for IoT.
Even though IoT security has received attention from the research community, existing approaches are not appropriate for IoT.
First, traditional schemes based on PM (public key infrastructure) and certificates incur significant CPU, memory, storage, communication, and management overheads unfit for IoT devices.
Second, IoT often requires devices from a given domain to safely interoperate with other devices belonging to multiple and different domains. Many authentication schemes that target resource-constrained devices assume devices belong to a single domain and thus cannot be directly applied to IoT.
Third, there is no mechanism able to provide authentication throughout the entire IoT device life-cycle.
As a result, there is a need for a system for authenticating things and a method of authenticating things exclusively tailored to meet IoT authentication requirements.
Although it is able to perform authentication and access control on IoT devices using PKS (public-key cryptosystem), since the PKS is very expensive, it is difficult to practically apply the PKS to the IoT devices.
Hence, it is required to develop a system for authenticating things and a method of authenticating things from which the problem of the related art is resolved.