PUFDCA: A Zero-Trust-Based IoT Device Continuous Authentication Protocol

It is very challenging to secure the Internet of Things (IoT) systems, which demands an end-to-end approach from the edge devices to cloud or hybrid service. The exponential growth besides the simple and low-cost nature of IoT devices has made IoT system an attractive target for several types of security attacks such as impersonation, spoofing, and DDoD attacks. This work is aimed at enhancing the IoT security using a zero-trust (ZT) approach by proposing a physical unclonable function-based device continuous authentication (PUFDCA). The PUFDCA provides two kinds of authentications to verify the identity of the IoT device, static authentication to verify the identity before starting the session using PUF technology and continuous authentication to verify the location of the device during the session to ensure the authenticated device is not changed. The security analysis and verification tool results demonstrate that the proposed protocol is secure against a range of common IoT attacks. In addition, PUFDCA is considered lightweight and consumes low energy and storage.