{"title":"2F-MASK-VSS: Two-factor mutual authentication and session key agreement scheme for video surveillance system","authors":"Pramod Kumar , Arup Kumar Pal , SK Hafizul Islam","doi":"10.1016/j.sysarc.2024.103196","DOIUrl":null,"url":null,"abstract":"<div><p>The trend for deploying Video Surveillance Systems (VSSs) in public places has become common practice to maintain effective law and order in modern civilization. Further, data access control and the proper management of surveillance data with valid users are desirable for the safety and security of the communities. This paper aims to develop practical solutions to protect VSSs against evolving threats and challenges. This paper proposes a Two-Factor Mutual Authentication and Session Key Agreement usable in VSS (2F-MASK-VSS) environments for real-time data storage and access. In 2F-MASK-VSS, lightweight cryptographic tools, viz. hash function and symmetric key encryption, are used to maintain the desirable security features. In 2F-MASK-VSS, a surveillance camera captures real-time data and sends them securely to a central server for storage through the established session key agreement among valid concerns. Moreover, 2F-MASK-VSS can protect access control among valid users. The security strength of 2F-MASK-VSS has been proven by formal and informal analysis. The BAN logic model, AVISPA and Scyther tools validate the attack-resilience of 2F-MASK-VSS. Furthermore, the security analysis in the random oracle model shows that 2F-MASK-VSS is provably secure. In addition, 2F-MASK-VSS has been implemented using the Raspberry PI testbed to demonstrate its practical implementation.</p></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"153 ","pages":"Article 103196"},"PeriodicalIF":3.7000,"publicationDate":"2024-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762124001334","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
The trend for deploying Video Surveillance Systems (VSSs) in public places has become common practice to maintain effective law and order in modern civilization. Further, data access control and the proper management of surveillance data with valid users are desirable for the safety and security of the communities. This paper aims to develop practical solutions to protect VSSs against evolving threats and challenges. This paper proposes a Two-Factor Mutual Authentication and Session Key Agreement usable in VSS (2F-MASK-VSS) environments for real-time data storage and access. In 2F-MASK-VSS, lightweight cryptographic tools, viz. hash function and symmetric key encryption, are used to maintain the desirable security features. In 2F-MASK-VSS, a surveillance camera captures real-time data and sends them securely to a central server for storage through the established session key agreement among valid concerns. Moreover, 2F-MASK-VSS can protect access control among valid users. The security strength of 2F-MASK-VSS has been proven by formal and informal analysis. The BAN logic model, AVISPA and Scyther tools validate the attack-resilience of 2F-MASK-VSS. Furthermore, the security analysis in the random oracle model shows that 2F-MASK-VSS is provably secure. In addition, 2F-MASK-VSS has been implemented using the Raspberry PI testbed to demonstrate its practical implementation.
期刊介绍:
The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software.
Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.