A new strong user authentication scheme with local certification authority for internet of things based cloud computing services

The term Internet of Things (IoT) refers to the ability to extend network connectivity and computing capability to objects and devices. These devices collect, exchange and analyze data without any human interaction. Generally, IoT architecture requires data communication and cloud computing services. However, security is a big challenge for IoT services. Strong user authentication is the first requirement for IoT services to avoid malicious unauthenticated device. This work explores the weakness of conventional authentication methods in cloud environments. An improved strong user authentication scheme has been proposed. This new scheme is based on local certification authority for IoT devices in cloud computing where devices are authenticated using private public key infrastructure (PKI). The proposed approach has superior security performance compared to conventional techniques. It is shown that our approach doesn't require any hardware tokens, reduce the computation and then improve authentication strength.