TOWARD END-TO-END BIOMETRICS-BASED SECURITY FOR IOT INFRASTRUCTURE

The IoT is the next generation of innovation in the smart world, which has the potential to improve safety, security, and the quality of our daily lives through pervasive communication and computation. Currently, we have observed that a plethora of interconnected smartphones, devices, and sensors are deployed for providing personalized services (e.g., social media, smart home, health monitoring) at any time from anywhere. The personalized services offered by IoT, although enhancing the quality of our lives, have serious challenges of securing networks and data in transit, as every day a myriad of devices and services are connected to the IoT. However, existing security solutions, such as two-factor authentication based on passwords along with second-level protection may not be efficient and reliable for providing end-to-end secure communication solutions among different devices and services connected to the IoT. To this end, this article proposes an end-to-end secure IoT-based solution using biometrics and pairing-based cryptography. Because of the uniqueness of one's biometric traits (e.g., face, fingerprint, palm, iris, voice, heartbeat), a biometric-based security solution is less vulnerable to security breaches for IoT systems or infrastructure. We present a biometric-based IoT infrastructure comprising four layers, and for each layer, we discuss possible security challenges along with the corresponding countermeasures. Finally, we provide a case study of face-based biometric recognition, where sensors or smartphones capture a face image and securely transmit it to the IoT platform to provide end-to end security.