CAB-IoT: Continuous authentication architecture based on Blockchain for internet of things

Raising incidents of security threats among active sessions is an increasing concern in IoT environment. Continuous authentication was introducing to be superior to traditional authentication schemes by constantly verify users’ identities on an ongoing basis and spot the moment at which an illicit attacker seizes control of the session. However, several challenges remain unsolved. This research aims to investigate the power of Blockchain technology to provide real-time and non-intrusive continuous authentication for the IoT environment. Accordingly, a distributed and scalable continuous authentication solution based on Blockchain technology called CAB-IoT was proposed. It enabled fog nodes layer that tackles the limitations of IoT resources by providing localized processing of heavy continuous authentication-related tasks for a group of IoT devices. Besides, CAB-IoT introduced a trust module that depends on the face recognition machine learning model to detect outliers and abnormal access. Moreover, mutual authentication between end-users and fog nodes is also designed, as well as secure communication between the authenticated nodes. The results demonstrate a lightweight continuous authentication solution that achieved the desired balance between security and performance requirements where it was observed in a real-world environment for truly performance results. Security analysis and attack analysis are also considered during the evaluation.