A Systematic Security Assessment and Review of Internet of Things in the Context of Authentication

The Internet of Things is emerging globally as an intriguing trend expected to connect 15 billion devices by the end of 2022. Its ability to bring intelligence and automation to various application domains provides a plethora of opportunities while posing severe security challenges. Lack of proper authentication has been attributed to data disclosure's perils over wireless communication channels. Therefore, authentication as an essential security tenet continues to be a highly researched area, especially in resource constraint networks like IoT and IIoT. This paper constructs a comprehensive systematic literature review to identify and synthesize security issues in IoT from the perspective of authentication mechanisms. Initially, the prevalent security and privacy issues are identified, followed by the explanation of security threats across various layers of the IoT architecture. Additionally, the countermeasures available for addressing security issues are also covered. The highlight of the review is to present a literature review of various authentication mechanisms and different formal security evaluations holistically required for IoT authentication. Moreover, a comparative analysis of some of the popular existing authentication mechanisms designed for the IoT in terms of various performance parameters like computational, communication overhead, and energy consumption has also been covered. Finally, the paper discusses the typical methods for assessing network security and network simulator tools used to evaluate the performance parameters of authentication schemes. This review paper attempts to assist researchers in identifying the existing research gaps in various forms of authentication employed in a typical resource constraint network like IoT that would lead them to develop new solutions. The protocol provided by Kitchenham and Charters has been used to perform this Systematic Literature Review. (c) 2022 Elsevier Ltd. All rights reserved.