A contextual authentication framework for smart home environments

Abstract

A smart home is one equipped with connected Internet-of-Things (IoT) devices that can be remotely accessed and controlled. Access to smart home devices is mostly achieved through smartphones and tablet computers, but this comes with security challenges such as unauthorized access and interception of data transmission. Although smart home devices are critical, many examples of security challenges, such as unauthorized access to home devices and interception of data transmission, are reported. Furthermore, many home IoT devices are still shipped with default credentials even though it is widely known that these settings are used in attacks. A number of cryptographic schemes have been proposed for securing communication among home IoT devices. However, the ability to handle such schemes, especially by devices with constrained computing resources, can be challenging. To address the above issues, this thesis introduces a contextual authentication framework for smart home environments that integrates a context-based user authentication method, a device-to-device message authentication scheme, and an app-based user authentication model. A proof of concept prototype of context-based authentication has been constructed. An identity-based signcryption scheme for securing data transmission between home IoT devices has been designed, and an app-based user authentication model has been developed. The results demonstrate that considerable contextual information can be retrieved and such information can be used in providing seamless, usable, and secure authentication. Furthermore, analysis and evaluation of the proposed signcryption scheme demonstrate that, in addition to providing authentication, it provides integrity and confidentiality as well as the ability to protect communication against possible attacks. The evaluation of the app-based user authentication model is performed on three datasets, and the results show that the model has the ability to authenticate users with high accuracy in terms of low false positive, false negative and equal error rates.