{"title":"物联网(IoT)安全协议研究现状综述","authors":"Raghavendra Mishra , Ankita Mishra","doi":"10.1016/j.cose.2024.104310","DOIUrl":null,"url":null,"abstract":"<div><div>The Internet of Things (IoT) has become indispensable for remote monitoring, integrating diverse hardware and software elements to provide seamless, secure, and reliable services. Essential components like network protocols, sensor nodes, actuators, and gateway nodes ensure the functionality and security of these systems. However, the increasing proliferation of IoT devices has raised significant security concerns, particularly regarding user privacy, data integrity, and service availability. This manuscript presents a comprehensive review of existing authenticated key exchange mechanisms for IoT security, focusing on the limitations of current authentication and key agreement methods. We examine relevant schemes for the case study to explore key security challenges. In this regard, we conduct a cryptanalysis of three recently proposed IoT security protocols, evaluating their effectiveness in addressing vulnerabilities. The key contribution of this work lies in offering insights into the latest advancements in IoT security, identifying critical weaknesses, and proposing enhancements to improve the resilience of IoT systems in an increasingly interconnected world.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"151 ","pages":"Article 104310"},"PeriodicalIF":5.4000,"publicationDate":"2025-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Current research on Internet of Things (IoT) security protocols: A survey\",\"authors\":\"Raghavendra Mishra , Ankita Mishra\",\"doi\":\"10.1016/j.cose.2024.104310\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The Internet of Things (IoT) has become indispensable for remote monitoring, integrating diverse hardware and software elements to provide seamless, secure, and reliable services. Essential components like network protocols, sensor nodes, actuators, and gateway nodes ensure the functionality and security of these systems. However, the increasing proliferation of IoT devices has raised significant security concerns, particularly regarding user privacy, data integrity, and service availability. This manuscript presents a comprehensive review of existing authenticated key exchange mechanisms for IoT security, focusing on the limitations of current authentication and key agreement methods. We examine relevant schemes for the case study to explore key security challenges. In this regard, we conduct a cryptanalysis of three recently proposed IoT security protocols, evaluating their effectiveness in addressing vulnerabilities. The key contribution of this work lies in offering insights into the latest advancements in IoT security, identifying critical weaknesses, and proposing enhancements to improve the resilience of IoT systems in an increasingly interconnected world.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"151 \",\"pages\":\"Article 104310\"},\"PeriodicalIF\":5.4000,\"publicationDate\":\"2025-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824006163\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"2025/1/17 0:00:00\",\"PubModel\":\"Epub\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824006163","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/17 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
物联网(Internet of Things, IoT)已经成为远程监控不可或缺的一部分,它集成了多种硬件和软件元素,提供无缝、安全、可靠的服务。网络协议、传感器节点、执行器和网关节点等基本组件确保了这些系统的功能和安全性。然而,物联网设备的日益普及引发了重大的安全问题,特别是在用户隐私、数据完整性和服务可用性方面。本文全面回顾了现有的物联网安全认证密钥交换机制,重点介绍了当前认证和密钥协议方法的局限性。我们研究了案例研究的相关方案,以探索关键的安全挑战。在这方面,我们对最近提出的三种物联网安全协议进行了密码分析,评估了它们在解决漏洞方面的有效性。这项工作的关键贡献在于提供对物联网安全最新进展的见解,识别关键弱点,并提出增强建议,以提高物联网系统在日益互联的世界中的弹性。
Current research on Internet of Things (IoT) security protocols: A survey
The Internet of Things (IoT) has become indispensable for remote monitoring, integrating diverse hardware and software elements to provide seamless, secure, and reliable services. Essential components like network protocols, sensor nodes, actuators, and gateway nodes ensure the functionality and security of these systems. However, the increasing proliferation of IoT devices has raised significant security concerns, particularly regarding user privacy, data integrity, and service availability. This manuscript presents a comprehensive review of existing authenticated key exchange mechanisms for IoT security, focusing on the limitations of current authentication and key agreement methods. We examine relevant schemes for the case study to explore key security challenges. In this regard, we conduct a cryptanalysis of three recently proposed IoT security protocols, evaluating their effectiveness in addressing vulnerabilities. The key contribution of this work lies in offering insights into the latest advancements in IoT security, identifying critical weaknesses, and proposing enhancements to improve the resilience of IoT systems in an increasingly interconnected world.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
