{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,7]],"date-time":"2026-05-07T10:55:06Z","timestamp":1778151306333,"version":"3.51.4"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"4","license":[{"start":{"date-parts":[[2022,9,16]],"date-time":"2022-09-16T00:00:00Z","timestamp":1663286400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,9,16]],"date-time":"2022-09-16T00:00:00Z","timestamp":1663286400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"name":"Manipal Academy of Higher Education, Manipal"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Cluster Comput"],"published-print":{"date-parts":[[2023,8]]},"abstract":"Abstract<\/jats:title>With the widespread use of Internet of Things (IoT) in various applications and several security vulnerabilities reported in them, the security requirements have become an integral part of an IoT system. Authentication and access control are the two principal security requirements for ensuring authorized and restricted accesses to limited and essential resources in IoT. The built-in authentication mechanism in IoT devices is not reliable, because several security vulnerabilities are revealed in the firmware implementation of authentication protocols in IoT. On the other hand, the current authentication approaches for IoT that are not firmware are vulnerable to some security attacks prevalent in IoT. Moreover, the recent access control approaches for IoT have limitations in context-awareness, scalability, interoperability, and security. To mitigate these limitations, there is a need for a robust authentication and access control system to safeguard the rapidly growing number of IoT devices. Consequently, in this paper, we propose a new secure unified authentication and access control system for IoT, called SUACC-IoT. The proposed system is based around the notion of capability, where a capability is considered as a token containing the access rights for authorized entities in the network. In the proposed system, the capability token is used to ensure authorized and controlled access to limited resources in IoT. The system uses only lightweight Elliptic Curve Diffie-Hellman Ephemeral (ECDHE), symmetric key encryption\/decryption, message authentication code and cryptographic hash primitives. SUACC-IoT is proved to be secure against probabilistic polynomial-time adversaries and various attacks prevalent in IoT. The experimental results demonstrate that the proposed protocol\u2019s maximum CPU usage is 29.35%, maximum memory usage is 2.79% and computational overhead is 744.5 ms which are quite acceptable. Additionally, in SUACC-IoT, a reasonable communication cost of 872 bits is incurred for the longest message exchanged.<\/jats:p>","DOI":"10.1007\/s10586-022-03733-w","type":"journal-article","created":{"date-parts":[[2022,9,16]],"date-time":"2022-09-16T14:02:46Z","timestamp":1663336966000},"page":"2409-2428","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":16,"title":["SUACC-IoT: secure unified authentication and access control system based on capability for IoT"],"prefix":"10.1007","volume":"26","author":[{"given":"N.","family":"Sivaselvan","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3411-9221","authenticated-orcid":false,"given":"K. Vivekananda","family":"Bhat","sequence":"additional","affiliation":[]},{"given":"Muttukrishnan","family":"Rajarajan","sequence":"additional","affiliation":[]},{"given":"Ashok Kumar","family":"Das","sequence":"additional","affiliation":[]},{"given":"Joel J. P. C.","family":"Rodrigues","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,9,16]]},"reference":[{"key":"3733_CR1","unstructured":"Internet of Things - number of connected devices worldwide 2015-2025, https:\/\/www.statista.com\/statistics\/471264\/iot-number-of-connected-devices-worldwide\/ (Statista Research Department. Accessed on March 2021)"},{"key":"3733_CR2","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1016\/j.future.2019.02.020","volume":"96","author":"SF Aghili","year":"2019","unstructured":"Aghili, S.F., Mala, H., Shojafar, M., Peris-Lopez, P.: LACO: lightweight three-factor authentication, access control and ownership transfer scheme for E-health systems in IoT. Futur. Gener. Comput. Syst. 96, 410\u2013424 (2019)","journal-title":"Futur. Gener. Comput. Syst."},{"issue":"2","key":"3733_CR3","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1109\/TDSC.2017.2764083","volume":"17","author":"M Wazid","year":"2020","unstructured":"Wazid, M., Das, A.K., Odelu, V., Kumar, N., Susilo, W.: Secure remote user authenticated key establishment protocol for smart home environment. IEEE Trans. Dependable Secure Comput. 17(2), 391\u2013406 (2020)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"key":"3733_CR4","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1007\/s10009-020-00592-x","volume":"23","author":"P Ferrara","year":"2021","unstructured":"Ferrara, P., Mandal, A.K., Cortesi, A., Spoto, F.: Static analysis for discovering IoT vulnerabilities. Int. J. Softw. Tools Technol. Transfer (Springer) 23, 71\u201388 (2021)","journal-title":"Int. J. Softw. Tools Technol. Transfer (Springer)"},{"key":"3733_CR5","doi-asserted-by":"publisher","first-page":"147","DOI":"10.1016\/j.adhoc.2016.11.002","volume":"54","author":"J Srinivas","year":"2017","unstructured":"Srinivas, J., Mukhopadhyay, S., Mishra, D.: Secure and efficient user authentication scheme for multi-gateway wireless sensor networks. Ad-Hoc Netw. 54, 147\u2013169 (2017)","journal-title":"Ad-Hoc Netw."},{"issue":"5","key":"3733_CR6","doi-asserted-by":"publisher","first-page":"1327","DOI":"10.1109\/JIOT.2017.2703088","volume":"4","author":"MN Aman","year":"2017","unstructured":"Aman, M.N., Chua, K.C., Sikdar, B.: Mutual authentication in IoT systems using physical unclonable functions. IEEE Internet Things J. 4(5), 1327\u20131340 (2017)","journal-title":"IEEE Internet Things J."},{"key":"3733_CR7","doi-asserted-by":"publisher","first-page":"70072","DOI":"10.1109\/ACCESS.2018.2880225","volume":"6","author":"M Alotaibi","year":"2018","unstructured":"Alotaibi, M.: An enhanced symmetric cryptosystem and biometric-based anonymous user authentication and session key establishment scheme for WSN. IEEE Access 6, 70072\u201370087 (2018)","journal-title":"IEEE Access"},{"issue":"1","key":"3733_CR8","doi-asserted-by":"publisher","first-page":"580","DOI":"10.1109\/JIOT.2018.2846299","volume":"6","author":"P Gope","year":"2018","unstructured":"Gope, P., Sikdar, B.: Lightweight and privacy-preserving two-factor authentication scheme for IoT devices. IEEE Internet Things J. 6(1), 580\u2013589 (2018)","journal-title":"IEEE Internet Things J."},{"key":"3733_CR9","first-page":"e3676","volume":"33","author":"A Adeel","year":"2019","unstructured":"Adeel, A., Ali, M., Khan, A.N., Khalid, T., Rehman, F., Jararweh, Y., Shuja, J.: Trans. Emerg. Telecommun. Technol. A multi-attack resilient lightweight IoT authentication scheme 33, e3676 (2019)","journal-title":"A multi-attack resilient lightweight IoT authentication scheme"},{"key":"3733_CR10","doi-asserted-by":"publisher","first-page":"100972","DOI":"10.1109\/ACCESS.2021.3097267","volume":"9","author":"T-H Kim","year":"2021","unstructured":"Kim, T.-H., Kumar, G., Saha, R., Buchanan, W.J., Devgun, T., Thomas, R.: LiSP-XK: extended light-weight signcryption for IoT in resource-constrained environments. IEEE Access 9, 100972\u2013100980 (2021)","journal-title":"IEEE Access"},{"key":"3733_CR11","doi-asserted-by":"crossref","unstructured":"Xu, R., Chen, Y., Blasch, E., Chenc, G.: A Federated Capability-based Access Control Mechanism for Internet of Things (IoTs), in: Proceedings of the Conference on Sensors and Systems for Space Applications, SPIE Defense and Commercial Sensing 2018 (DCS), (2018), pp. 1\u201317","DOI":"10.1117\/12.2305619"},{"key":"3733_CR12","doi-asserted-by":"publisher","first-page":"1","DOI":"10.3390\/electronics10151855","volume":"10","author":"Q Yang","year":"2021","unstructured":"Yang, Q., Zhang, M., Zhou, Y., Wang, T., Xia, Z., Yang, B.: A non-interactive attribute-based access control scheme by blockchain for IoT. Electronics 10, 1\u201311 (2021)","journal-title":"Electronics"},{"key":"3733_CR13","doi-asserted-by":"publisher","DOI":"10.1109\/TII.2021.3133345","author":"J Sun","year":"2021","unstructured":"Sun, J., Yuan, Y., Tang, M., Cheng, X., Nie, X., Aftab, M.U.: Privacy-preserving Bilateral Fine-grained Access Control for Cloud-enabled Industrial IoT Healthcare. IEEE Trans. Ind. Inf. (2021). https:\/\/doi.org\/10.1109\/TII.2021.3133345","journal-title":"IEEE Trans. Ind. Inf."},{"key":"3733_CR14","doi-asserted-by":"publisher","DOI":"10.1109\/JBHI.2021.3100871","author":"Y Bao","year":"2021","unstructured":"Bao, Y., Qiu, W., Tang, P., Cheng, X.: Efficient, revocable and privacy-preserving fine-grained data sharing with keyword search for the cloud-assisted medical IoT system. IEEE J. Biomed. Health Inf. (2021). https:\/\/doi.org\/10.1109\/JBHI.2021.3100871","journal-title":"IEEE J. Biomed. Health Inf."},{"key":"3733_CR15","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2021.3063846","author":"Y Bao","year":"2021","unstructured":"Bao, Y., Qiu, W., Cheng, X.: Secure and lightweight fine-grained searchable data sharing for IoT-oriented and cloud-assisted smart healthcare system. IEEE Internet Things J. (2021). https:\/\/doi.org\/10.1109\/JIOT.2021.3063846","journal-title":"IEEE Internet Things J."},{"key":"3733_CR16","doi-asserted-by":"crossref","unstructured":"Wang, J., Hu, F., Zhou, Y., Liu, Y., Zhang, H., Liu, Z.: BlueDoor: Breaking the Secure Information Flow via BLE Vulnerability, in: 18th International Conference on Mobile Systems, Applications, and Services (MobiSys \u201920), Toronto, Ontario, Canada, (2020), pp. 286\u2013298","DOI":"10.1145\/3386901.3389025"},{"key":"3733_CR17","doi-asserted-by":"crossref","unstructured":"Michalevsky, Y., Nath, S., Liu, J.: MASHaBLE: Mobile Applications of Secret Handshakes over Bluetooth LE, in: 22nd Annual International Conference on Mobile Computing and Networking (MobiCom \u201916), New York City, New York, USA, (2016), pp. 387\u2013400","DOI":"10.1145\/2973750.2973778"},{"key":"3733_CR18","doi-asserted-by":"crossref","unstructured":"Abdalla, M., Fouque, P.\u00a0A., Pointcheval, D.: Password-based authenticated key exchange in the three-party setting, in: 8th International Workshop on Theory and Practice in Public Key Cryptography (PKC\u201905), Lecture Notes in Computer Science, Vol. 3386, Les Diablerets, Switzerland, (2005), pp. 65\u201384","DOI":"10.1007\/978-3-540-30580-4_6"},{"key":"3733_CR19","doi-asserted-by":"crossref","unstructured":"Cremers, C.: The Scyther Tool: Verification, Falsification, and Analysis of Security Protocols (Tool Paper), in: Proceedings of the 20th international conference on Computer Aided Verification, (2008), pp. 414\u2013418","DOI":"10.1007\/978-3-540-70545-1_38"},{"issue":"11","key":"3733_CR20","doi-asserted-by":"publisher","first-page":"13784","DOI":"10.1109\/TVT.2020.3027568","volume":"69","author":"C Feng","year":"2020","unstructured":"Feng, C., Yu, K., Aloqaily, M., Alazab, M., Lv, Z., Mumtaz, S.: Attribute-based encryption with parallel outsourced decryption for edge intelligent IoV. IEEE Trans. Veh. Technol. 69(11), 13784\u201313795 (2020)","journal-title":"IEEE Trans. Veh. Technol."},{"issue":"3","key":"3733_CR21","doi-asserted-by":"publisher","first-page":"2706","DOI":"10.1109\/TNSE.2021.3074185","volume":"8","author":"L Yin","year":"2021","unstructured":"Yin, L., Feng, J., Xun, H., Sun, Z., Cheng, X.: A privacy-preserving federated learning for multiparty data sharing in social IoTs. IEEE Trans. Netw. Sci. Eng. 8(3), 2706\u20132718 (2021)","journal-title":"IEEE Trans. Netw. Sci. Eng."},{"issue":"11","key":"3733_CR22","doi-asserted-by":"publisher","first-page":"9189","DOI":"10.1109\/JIOT.2021.3055861","volume":"8","author":"Y Bao","year":"2021","unstructured":"Bao, Y., Qiu, W., Cheng, X.: Efficient and fine-grained signature for IIoT with resistance to key exposure. IEEE Internet Things J. 8(11), 9189\u20139205 (2021)","journal-title":"IEEE Internet Things J."},{"key":"3733_CR23","doi-asserted-by":"crossref","unstructured":"Mohajer, A., Bavaghar, M., Saboor, R., Payandeh, A.: Secure dominating set-based routing protocol in MANET: Using reputation, in: 10th International ISC Conference on Information Security and Cryptology (ISCISC\u201913), Yazd, Iran, (2013), pp. 1\u20137","DOI":"10.1109\/ISCISC.2013.6767346"},{"key":"3733_CR24","doi-asserted-by":"publisher","first-page":"207","DOI":"10.1016\/j.comcom.2021.06.003","volume":"176","author":"A Kumar","year":"2021","unstructured":"Kumar, A., Sharma, S., Goyal, N., Singh, A., Cheng, X., Singh, P.: Secure and energy-efficient smart building architecture with emerging technology IoT. Comput. Commun. 176, 207\u2013217 (2021)","journal-title":"Comput. Commun."},{"key":"3733_CR25","doi-asserted-by":"crossref","unstructured":"Kurniawan, A., Kyas, M.: A trust model-based Bayesian decision theory in large scale Internet of Things, in: IEEE Tenth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP\u201915), Singapore, (2015), pp. 1\u20135","DOI":"10.1109\/ISSNIP.2015.7106964"},{"key":"3733_CR26","doi-asserted-by":"publisher","DOI":"10.1109\/TNNLS.2021.3071958","author":"M Imani","year":"2021","unstructured":"Imani, M., Ghoreishi, S.F.: Graph-based Bayesian optimization for large-scale objective-based experimental design. IEEE Trans. Neural Netw. Learn. Syst. (2021). https:\/\/doi.org\/10.1109\/TNNLS.2021.3071958","journal-title":"IEEE Trans. Neural Netw. Learn. Syst."},{"key":"3733_CR27","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1016\/j.comcom.2020.12.004","volume":"167","author":"J Kang","year":"2021","unstructured":"Kang, J., Fan, K., Zhang, K., Cheng, X., Li, H., Yang, Y.: An ultra light weight and secure RFID batch authentication scheme for IoMT. Comput. Commun. 167, 48\u201354 (2021)","journal-title":"Comput. Commun."},{"issue":"2","key":"3733_CR28","doi-asserted-by":"publisher","first-page":"573","DOI":"10.1007\/s12652-018-0949-2","volume":"11","author":"Q Zhang","year":"2020","unstructured":"Zhang, Q., Xu, D.: Security authentication technology based on dynamic Bayesian network in Internet of Things. J. Ambient. Intell. Humaniz. Comput. 11(2), 573\u2013580 (2020)","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"3733_CR29","first-page":"87","volume":"22","author":"S Mauw","year":"2001","unstructured":"Mauw, S., Bos, V.: Drawing message sequence charts with LaTeX. TUGBoat 22, 87\u201392 (2001)","journal-title":"TUGBoat"},{"issue":"4","key":"3733_CR30","doi-asserted-by":"publisher","first-page":"428","DOI":"10.1109\/TDSC.2014.2355850","volume":"12","author":"D Wang","year":"2015","unstructured":"Wang, D., He, D., Wang, P., Chu, C.-H.: Anonymous two-factor authentication in distributed systems: certain goals are beyond attainment. IEEE Trans. Dependable Secure Comput. 12(4), 428\u2013442 (2015)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"1","key":"3733_CR31","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1145\/77648.77649","volume":"8","author":"M Burrows","year":"1990","unstructured":"Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18\u201336 (1990)","journal-title":"ACM Trans. Comput. Syst."},{"key":"3733_CR32","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1016\/j.future.2018.06.027","volume":"89","author":"AK Das","year":"2018","unstructured":"Das, A.K., Zeadally, S., He, D.: Taxonomy and analysis of security protocols for Internet of Things. Futur. Gener. Comput. Syst. 89, 110\u2013125 (2018)","journal-title":"Futur. Gener. Comput. Syst."},{"key":"3733_CR33","unstructured":"Raspberry Pi 3 Model B+, Accessed on April 2021 (2020). https:\/\/www.raspberrypi.org\/products\/raspberry-pi-3-model-b-plus\/"},{"key":"3733_CR34","unstructured":"Java Cryptography Architecture, https:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/security\/crypto\/CryptoSpec.html. Accessed on March 2021"},{"key":"3733_CR35","unstructured":"Bouncy Castle Cryptography Library 1.70, https:\/\/www.bouncycastle.org\/docs\/docs1.5on\/index.html. Accessed on March 2021"},{"key":"3733_CR36","doi-asserted-by":"crossref","unstructured":"Bernstein, D.\u00a0J.: Curve25519: New Diffie-Hellman Speed Records, in: 9th International Workshop on Theory and Practice in Public Key Cryptography (PKC \u201906), New York, NY, USA, (2006), pp. 207\u2013228","DOI":"10.1007\/11745853_14"},{"key":"3733_CR37","unstructured":"Advanced Encryption Standard (AES), FIPS PUB 197, National Institute of Standards and Technology (NIST), U.S. Department of Commerce, November 2001. http:\/\/csrc.nist.gov\/publications\/fips\/fips197\/fips-197.pdf. Accessed on Jun 2021"},{"key":"3733_CR38","unstructured":"May, W.\u00a0E.: Secure Hash Standard, http:\/\/nvlpubs.nist.gov\/nistpubs\/FIPS\/NIST.FIPS.180-4.pdf. Accessed on Feb 2021 (2015)"},{"key":"3733_CR39","doi-asserted-by":"crossref","unstructured":"Balasubramanian, V., Zaman, F., Aloqaily, M., Ridhawi, I.\u00a0A., Jararweh,Y., Salameh, H.\u00a0B.: A Mobility Management Architecture for Seamless Delivery of 5G-IoT Services, in: IEEE International Conference on Communications (ICC\u201919), Shanghai, China, (2019), pp. 1\u20137","DOI":"10.1109\/ICC.2019.8761658"}],"container-title":["Cluster Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-022-03733-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10586-022-03733-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10586-022-03733-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,7,6]],"date-time":"2023-07-06T17:21:03Z","timestamp":1688664063000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10586-022-03733-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,9,16]]},"references-count":39,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2023,8]]}},"alternative-id":["3733"],"URL":"https:\/\/doi.org\/10.1007\/s10586-022-03733-w","relation":{},"ISSN":["1386-7857","1573-7543"],"issn-type":[{"value":"1386-7857","type":"print"},{"value":"1573-7543","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,9,16]]},"assertion":[{"value":"19 April 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 July 2022","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"4 July 2022","order":3,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 September 2022","order":4,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors have no relevant financial or non-financial interests to disclose. The authors have no conflicts of interest to declare that are relevant to the content of this article. All authors certify that they have no affiliations with or involvement in any organization or entity with any financial interest or non-financial interest in the subject matter or materials discussed in this manuscript. The authors have no financial or proprietary interests in any material discussed in this article.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}}]}}