Abstract

Security provisioning has become the most important design consideration for large-scale Internet of Things (IoT) systems due to their critical roles to support diverse vertical applications by connecting heterogeneous devices, machines and industry processes. Conventional authentication and authorization schemes are insufficient in dealing the emerging IoT security challenges due to their reliance on both static digital mechanisms and computational complexity for improving security level. Furthermore, the isolated security designs for different layers and link segments while ignoring the overall protection lead to cascaded security risks as well as growing communication latency and overhead. Potential security risks and attacks could lead to catastrophic consequences and cause avalanche-like damages in large-scale IoT networks. This is mainly due to the critical roles of IoT to support a wide variety of vertical applications by connecting tremendous heterogeneous devices, machines and industry processes, as well as cascaded reaction from the enormous parallel interconnection contained in IoT. Moreover, the widely used resource-constrained devices, e.g. sensors, can be compromised easily, thus resulting in widely distributed threats to the IoT network through data injection, spoofing, eavesdropping, and so on. Challenges for Conventional Authentication and Authorization in Large-Scale IoT: The conventional authentication and authorization methods, including key-based cryptography techniques and physical layer key generation techniques, may suffer from their high complexity and long latency, and may be ineffective to adapt to the complex dynamic environment, especially in large-scale IoT networks[1, 2]. Long security induced latency in large-scale IoT. The conventional cryptography techniques require increased overhead and lengthy process for increased level of security, thus leading to high communication and computation overhead, more importantly, long communication latency[3]. These are intolerable for the large-scale IoT network having significantly increasing number of intelligent machines and resource-constrained devices with concurrent communications[4]. Ineffective adaptation to complex dynamic IoT environment. Conventional security solutions may also suffer from cascading risks in complex dynamic IoT scenarios due to their reliance on static binary authentication/authorization mechanisms[5, 6].