IDEAS home Printed from https://ideas.repec.org/a/gam/jeners/v14y2021i21p7437-d674548.html
   My bibliography  Save this article

A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry

Author

Listed:
  • Haqi Khalid

    (Department of Computer and Communication Systems Engineering, Faculty of Engineering, Universiti Putra Malaysia, Serdang 43400, Malaysia)

  • Shaiful Jahari Hashim

    (Department of Computer and Communication Systems Engineering, Faculty of Engineering, Universiti Putra Malaysia, Serdang 43400, Malaysia)

  • Sharifah Mumtazah Syed Ahmad

    (Department of Computer and Communication Systems Engineering, Faculty of Engineering, Universiti Putra Malaysia, Serdang 43400, Malaysia)

  • Fazirulhisyam Hashim

    (Department of Computer and Communication Systems Engineering, Faculty of Engineering, Universiti Putra Malaysia, Serdang 43400, Malaysia)

  • Muhammad Akmal Chaudhary

    (Department of Electrical and Computer Engineering, College of Engineering and Information Technology, Ajman University, Ajman 346, United Arab Emirates)

Abstract

Connected vehicles have emerged as the latest revolution in the automotive industry, utilizing the advent of the Internet of Things (IoT). However, most IoT-connected cars mechanisms currently depend on available network services and need continuous network connections to allow users to connect to their vehicles. Nevertheless, the connectivity availability shortcoming in remote or rural areas with no network coverage makes vehicle sharing or any IoT-connected device problematic and undesirable. Furthermore, IoT-connected cars are vulnerable to various passive and active attacks (e.g., replay attacks, MiTM attacks, impersonation attacks, and offline guessing attacks). Adversaries could all use these attacks to disrupt networks posing a threat to the entire automotive industry. Therefore, to overcome this issue, we propose a hybrid online and offline multi-factor authentication cross-domain authentication method for a connected car-sharing environment based on the user’s smartphone. The proposed scheme lets users book a vehicle using the online booking phase based on the secured and trusted Kerberos workflow. Furthermore, an offline authentication phase uses the OTP algorithm to authenticate registered users even if the connectivity services are unavailable. The proposed scheme uses the AES-ECC algorithm to provide secure communication and efficient key management. The formal SOV logic verification was used to demonstrate the security of the proposed scheme. Furthermore, the AVISPA tool has been used to check that the proposed scheme is secured against passive and active attacks. Compared to the previous works, the scheme requires less computation due to the lightweight cryptographic algorithms utilized. Finally, the results showed that the proposed system provides seamless, secure, and efficient authentication operation for the automotive industry, specifically car-sharing systems, making the proposed system suitable for applications in limited and intermittent network connections.

Suggested Citation

  • Haqi Khalid & Shaiful Jahari Hashim & Sharifah Mumtazah Syed Ahmad & Fazirulhisyam Hashim & Muhammad Akmal Chaudhary, 2021. "A New Hybrid Online and Offline Multi-Factor Cross-Domain Authentication Method for IoT Applications in the Automotive Industry," Energies, MDPI, vol. 14(21), pages 1-34, November.
    • Handle: RePEc:gam:jeners:v:14:y:2021:i:21:p:7437-:d:674548
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1996-1073/14/21/7437/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1996-1073/14/21/7437/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Fu, Xiuwen & Yang, Yongsheng, 2021. "Analysis on invulnerability of wireless sensor networks based on cellular automata," Reliability Engineering and System Safety, Elsevier, vol. 212(C).
    2. Adnan Mahmood & Wei Emma Zhang & Quan Z. Sheng, 2019. "Software-Defined Heterogeneous Vehicular Networking: The Architectural Design and Open Challenges," Future Internet, MDPI, vol. 11(3), pages 1-17, March.
    3. Fotios Zantalis & Grigorios Koulouras & Sotiris Karabetsos & Dionisis Kandris, 2019. "A Review of Machine Learning and IoT in Smart Transportation," Future Internet, MDPI, vol. 11(4), pages 1-23, April.
    4. Manar Abu Talib & Sohail Abbas & Qassim Nasir & Mohamad Fouzi Mowakeh, 2018. "Systematic literature review on Internet-of-Vehicles communication security," International Journal of Distributed Sensor Networks, , vol. 14(12), pages 15501477188, December.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Duggal, Angel Swastik & Singh, Rajesh & Gehlot, Anita & Gupta, Lovi Raj & Akram, Sheik Vaseem & Prakash, Chander & Singh, Sunpreet & Kumar, Raman, 2021. "Infrastructure, mobility and safety 4.0: Modernization in road transportation," Technology in Society, Elsevier, vol. 67(C).
    2. Nasser Kimbugwe & Tingrui Pei & Moses Ntanda Kyebambe, 2021. "Application of Deep Learning for Quality of Service Enhancement in Internet of Things: A Review," Energies, MDPI, vol. 14(19), pages 1-27, October.
    3. Fu, Xiuwen & Wang, Ye & Yang, Yongsheng & Postolache, Octavian, 2022. "Analysis on cascading reliability of edge-assisted Internet of Things," Reliability Engineering and System Safety, Elsevier, vol. 223(C).
    4. Konstantinos Ntafloukas & Liliana Pasquale & Beatriz Martinez-Pastor & Daniel P. McCrum, 2023. "A Vulnerability Assessment Approach for Transportation Networks Subjected to Cyber–Physical Attacks," Future Internet, MDPI, vol. 15(3), pages 1-23, February.
    5. Zhang, Changzhen & Yang, Jun & Wang, Ning, 2023. "Timely reliability modeling and evaluation of wireless sensor networks with adaptive N-policy sleep scheduling," Reliability Engineering and System Safety, Elsevier, vol. 235(C).
    6. Wu, Chao, 2024. "Data privacy: From transparency to fairness," Technology in Society, Elsevier, vol. 76(C).
    7. Heidary Dahooie, Jalil & Mohammadian, Ayoub & Qorbani, Ali Reza & Daim, Tugrul, 2023. "A portfolio selection of internet of things (IoTs) applications for the sustainable urban transportation: A novel hybrid multi criteria decision making approach," Technology in Society, Elsevier, vol. 75(C).
    8. Wang, Chaonan & Liu, Qiongyang & Xing, Liudong & Guan, Quanlong & Yang, Chunhui & Yu, Min, 2022. "Reliability analysis of smart home sensor systems subject to competing failures," Reliability Engineering and System Safety, Elsevier, vol. 221(C).
    9. Nadine Bachmann & Shailesh Tripathi & Manuel Brunner & Herbert Jodlbauer, 2022. "The Contribution of Data-Driven Technologies in Achieving the Sustainable Development Goals," Sustainability, MDPI, vol. 14(5), pages 1-33, February.
    10. Abderahman Rejeb & John G. Keogh & Horst Treiblmaier, 2019. "Leveraging the Internet of Things and Blockchain Technology in Supply Chain Management," Future Internet, MDPI, vol. 11(7), pages 1-22, July.
    11. Zhang, Pei & Zhang, Zhen-Ji & Gong, Da-Qing, 2024. "An improved failure mode and effect analysis method for group decision-making in utility tunnels construction project risk evaluation," Reliability Engineering and System Safety, Elsevier, vol. 244(C).
    12. Mariusz Kostrzewski & Magdalena Marczewska & Lorna Uden, 2023. "The Internet of Vehicles and Sustainability—Reflections on Environmental, Social, and Corporate Governance," Energies, MDPI, vol. 16(7), pages 1-20, April.
    13. Zhang, Wuxia & Wu, Yupeng & Calautit, John Kaiser, 2022. "A review on occupancy prediction through machine learning for enhancing energy efficiency, air quality and thermal comfort in the built environment," Renewable and Sustainable Energy Reviews, Elsevier, vol. 167(C).
    14. Yingxun Wang & Hushairi Zen & Mohamad Faizrizwan Mohd Sabri & Xiang Wang & Lee Chin Kho, 2022. "Towards Strengthening the Resilience of IoV Networks—A Trust Management Perspective," Future Internet, MDPI, vol. 14(7), pages 1-21, June.
    15. Khadijeh Alibabaei & Eduardo Assunção & Pedro D. Gaspar & Vasco N. G. J. Soares & João M. L. P. Caldeira, 2022. "Real-Time Detection of Vine Trunk for Robot Localization Using Deep Learning Models Developed for Edge TPU Devices," Future Internet, MDPI, vol. 14(7), pages 1-16, June.
    16. Wang, Ning & Xiao, Yiyong & Tian, Tianzi & Yang, Jun, 2023. "The optimal 5G base station location of the wireless sensor network considering timely reliability," Reliability Engineering and System Safety, Elsevier, vol. 236(C).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jeners:v:14:y:2021:i:21:p:7437-:d:674548. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.