SETCAP

Abstract

Internet of Drones (IoD) is a framework to set up drones networks that may serve multiple purposes, e.g., data collection. New IoD applications (such as drone assisted internet of vehicles) envision the simultaneous collection of multiple data types. Although authentication may prevent unauthorized users to access the collected data, existing authentication solutions do not distinguish between the different types of data collected by drones. Therefore, authenticated users may receive sensitive data regarding another user incurring hence in a privacy leakage. In this paper, we propose SETCAP, a novel Service-Based Energy-Efficient Temporal Credential Authentication Protocol for IoD. SETCAP exploits the distinction between data types to prevent information leakage. We formally test SETCAP against the Real-Or-Random (ROR) model and implemented SETCAP in Automated Validation of Internet Security Protocols and Applications (AVISPA) simulation tool. Moreover, we validated SETCAP via non-mathematical security analysis to show its security against many attacks. We assessed the superiority of SETCAP in terms of functionality and security characteristics as well as computation, communication, and energy costs. The communication cost of creating a session in SETCAP is approximately 20% smaller than that of creating a session in the closest state-of-the-art protocol. Furthermore, the framework that we propose requires the creation of a number of sessions that are additive in terms of the number of drones and users, whereas the existing solutions are multiplicative. SETCAP is therefore a secure and scalable solution for resource-constrained devices such as drones.