This chapter delves deep into the issue of user authentication in the environment of the internet of things (IoT) and industrial internet of things (IIoT). It's a journey defined by security implications, presented trends, and analyzed conventional practices, all of which set the stage for further examination. The authors explore the challenges and limitations of involving user authentication in the context of interacting ecosystems, and then they dive into the exciting world of the latest advancements aimed at ensuring higher security and privacy. These include blockchain-based tools, multi-modal authentication, and zero-trust paradigms. Also, they navigate the legislative landscape, provide compliance recommendations, and provide relevant tips for the establishment of strong authentication practices. Through captivating case studies and real-world applications, they draw a clear picture of the importance of user authentication in safeguarding IoT and IIoT systems against evolving cyber threats.
Top1. Introduction
The Internet of Things (IoT) and the Industrial Internet of Things (IIoT) have revolutionized technology, interconnecting devices, sensors, and systems to collect, exchange, and analyze data for automation and innovation (Boyes et al., 2018). Adding the IoT to the industrial applications such as cyber-physical systems (CPS) transformed them into smart and intelligent devices. Using the IoT has extended the network connectivity and computing capabilities to objects, facilitating data generation, exchange, and consumption with a decreasing of human intervention. In the context of IIoT, the IoT technologies is used in industrial settings to fulfill industry-specific objectives (Hazra et al., 2021). So, we can define the IIoT as the as the use of IoT technologies in manufacturing, emphasize the integration of smart objects within CPS, cloud or edge computing platforms, and the real-time, autonomous exchange and analysis of process, product, or service information (Kumar & Agrawal, 2023).
The evolving IoT and IIoT ecosystem has an impact on how we engage with our industrial environment (Sisinni et al., 2018). Innovations in edge computing, connectivity, and data analytics are driving major breakthroughs on the Internet of Things and IIoT (Kumar & Agrawal, 2023). Every area of our life and business is being impacted by IoT and IIoT technology. from wearable technology and smart homes to smart factories and industrial automation. Artificial Intelligence, machine learning and cloud computing introduces a set of innovative possibilities for automation, predictive maintenance, and real-time decision-making (Adi et al., 2020; Al-Garadi et al., 2020; Kumar & Agrawal, 2023; Xiao et al., 2018). Furthermore, the Low-Power technologies and the spread of networks like 5G increased the scalability of deploying IoT and IIoT systems (Khanh et al., 2022). As the devolvement of these technologies, they hold the potential to change the industries, optimize processes, and enhance the quality of life for individuals around the globe (Jiang et al., 2018).
The significance of security in IoT and IIoT cannot be neglected, given the pervasive connectivity and sensitive data exchanged within these ecosystems (Tawalbeh et al., 2020). With millions of interconnected devices collecting and transmitting data, the risk of cyber threats and attacks is heightened, posing significant challenges to the integrity and privacy of information (Sengupta et al., 2020). One of the foundational pillars of IoT and IIoT security is user authentication – the process of verifying the identity of individuals or devices seeking access to resources within these ecosystems (Lee, 2020). As seen in figure 1, user authentication in the IoT and IIoT environment plays a crucial role in ensuring the security and integrity of connected systems. With the proliferation of interconnected devices and the exchange of sensitive data, robust authentication mechanisms are essential to verify the identity of users and devices accessing these ecosystems (Liang et al., 2020; C. Shi et al., 2021). Traditional authentication methods, such as passwords and tokens, are often insufficient to address the unique challenges posed by IoT and IIoT, including device heterogeneity, resource constraints, and scalability requirements (Lien & Vhaduri, 2023). As a result, novel approaches to user authentication, such as biometrics, multi-factor authentication, and device attestation, are being explored to enhance security without compromising usability (Abuhamad et al., 2021; Masud et al., 2022; C. Shi et al., 2017; Vhaduri & Poellabauer, 2019).