System and method for providing authentication service for internet of things security
First Claim
1. A method of providing authentication service for Internet of Things (IoT) security, comprising:
- sending, by a terminal attempting to control an IoT device that supports an IoT communication service via the IoT communication service, an IoT service request to an IoT gateway node by executing an IoT service-related browser;
determining whether the terminal attempting to control the IoT device is a normal user, based on profile information collected from the terminal via the IoT service request, and determining whether a control command to control the IoT device has been generated if, as a result of the determination, the terminal is a normal user;
if a control command has been generated, monitoring an interval of each occurrence period of the control command, and determining a malicious behavior type based on a result of checking whether the interval exceeds a predetermined interval threshold; and
blocking the IoT communication service or attempting re-authentication of the terminal based on the malicious behavior type.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for providing authentication service for IoT security are disclosed herein. The system for providing authentication service for IoT security includes an Internet of Things (IoT) service server, and an IoT gateway node. The IoT service server supports an IoT communication service in accordance with an IoT communication service policy. The IoT gateway node receives an IoT service request from a terminal attempting to control an IoT device that supports the IoT communication service while operating in conjunction with the IoT service server, identifies whether the terminal attempting to control the IoT device is a normal user based on profile information, collected from the terminal via the IoT service request, via the IoT service server, and performs the security authentication of the IoT device.
-
Citations
14 Claims
-
1. A method of providing authentication service for Internet of Things (IoT) security, comprising:
-
sending, by a terminal attempting to control an IoT device that supports an IoT communication service via the IoT communication service, an IoT service request to an IoT gateway node by executing an IoT service-related browser; determining whether the terminal attempting to control the IoT device is a normal user, based on profile information collected from the terminal via the IoT service request, and determining whether a control command to control the IoT device has been generated if, as a result of the determination, the terminal is a normal user; if a control command has been generated, monitoring an interval of each occurrence period of the control command, and determining a malicious behavior type based on a result of checking whether the interval exceeds a predetermined interval threshold; and blocking the IoT communication service or attempting re-authentication of the terminal based on the malicious behavior type. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for providing authentication service for IoT security, comprising:
-
an Internet of Things (IoT) service server configured to support an IoT communication service in accordance with an IoT communication service policy; and an IoT gateway node configured to receive an IoT service request from a terminal attempting to control an IoT device that supports the IoT communication service while operating in conjunction with the IoT service server, to identify whether the terminal attempting to control the IoT device is a normal user based on profile information, collected from the terminal via the IoT service request, via the IoT service server, and to perform security authentication of the IoT device, wherein the IoT the IoT gateway node comprises a control unit configured to collect the profile information of the terminal included in a message output by a communication unit when the IoT service request is received via a collection unit, to identify whether the terminal is a normal user based on the collected profile information, to determine whether a control command to control the IoT device has been generated via a monitoring unit if the terminal is a normal user, to monitor an interval of each control command period if the control command has been generated, to compare the interval with a predetermined interval threshold, and to determine a malicious behavior type based on a result of the comparison. - View Dependent Claims (11, 12, 13, 14)
-
Specification