PUF-Enabled Authentication-as-a-Service in Fog-IoT Systems

Fog-IoT systems enable to distribute computing, control, storage, and networking functions closer to edge devices, in order to improve efficiency and reduce latency. In order to cope with the multitude of security issues raised by the lack of centralized control and by the exposure of user sensitive data, suitable security solutions must be devised to protect data and thwart malicious attempts to compromise and take control over communication. In this paper, we propose a mutual authentication scheme relying upon the adoption of Physically Unclonable Functions (PUFs), which enables fog nodes and resource-constrained IoT devices to mutually prove their respective identities during communication, while meeting the existing low resource consumption requirements. The scheme is partially offered in an as-a-service fashion, thanks to the adoption of a cloud automation framework that facilitates its set-up on fog nodes.