TY - JOUR
T1 - GCACS-IoD
T2 - A certificate based generic access control scheme for Internet of drones
AU - Chaudhry, Shehzad Ashraf
AU - Yahya, Khalid
AU - Karuppiah, Marimuthu
AU - Kharel, Rupak
AU - Bashir, Ali Kashif
AU - Zikria, Yousaf Bin
N1 - Publisher Copyright:
© 2021 Elsevier B.V.
PY - 2021/5/22
Y1 - 2021/5/22
N2 - Internet of drones (IoD) has gained significant importance in recent times due to its applications in several critical domains ranging from commercial to defense and rescue operations. With several drones flying in different zones to carry out specified tasks, the IoD can be beneficial to gather the real time data for interpretation by the users. However, the data access is carried out through an open channel and battery operated drones. Therefore, the drones’ security and privacy are crucial for accomplishing mission-critical, safety-critical, or surveillance operations. In 2020, Bera et al. presented a certificate based access control scheme for securing the IoD access and argued the scheme's security through formal and informal methods. However, the analysis presented in this paper shows that the scheme of Bera et al. does not provide anonymity and is insecure against multiple threats, including drone impersonation, the man in the middle, and replay attacks. We then designed a generic certificate based access control scheme to provide inter-drone and drone to ground station access control/authentication in the IoD domain (GCACS-IoD). The GCACS-IoD is provably secure against the known attacks and provides anonymity. GCACS-IoD extends security while preserving computation and communication efficiencies.
AB - Internet of drones (IoD) has gained significant importance in recent times due to its applications in several critical domains ranging from commercial to defense and rescue operations. With several drones flying in different zones to carry out specified tasks, the IoD can be beneficial to gather the real time data for interpretation by the users. However, the data access is carried out through an open channel and battery operated drones. Therefore, the drones’ security and privacy are crucial for accomplishing mission-critical, safety-critical, or surveillance operations. In 2020, Bera et al. presented a certificate based access control scheme for securing the IoD access and argued the scheme's security through formal and informal methods. However, the analysis presented in this paper shows that the scheme of Bera et al. does not provide anonymity and is insecure against multiple threats, including drone impersonation, the man in the middle, and replay attacks. We then designed a generic certificate based access control scheme to provide inter-drone and drone to ground station access control/authentication in the IoD domain (GCACS-IoD). The GCACS-IoD is provably secure against the known attacks and provides anonymity. GCACS-IoD extends security while preserving computation and communication efficiencies.
KW - Device access control
KW - IoD
KW - Key establishment
KW - Stolen IoT device
KW - UAV
UR - http://www.scopus.com/inward/record.url?scp=85102901331&partnerID=8YFLogxK
U2 - 10.1016/j.comnet.2021.107999
DO - 10.1016/j.comnet.2021.107999
M3 - Article
AN - SCOPUS:85102901331
VL - 191
JO - Computer Networks
JF - Computer Networks
SN - 1389-1286
M1 - 107999
ER -