隨著工業4.0的推動，強調萬物互聯且智能，許多工廠陸續轉變為智慧化工廠，智慧化工廠開始使用大量的終端物聯網設備用來蒐集資料或是監控設備的健康程度，以利後續資料彙整以及大數據方面的數據蒐集，但隨著設備之間透過網路相互溝通，這也讓整個傳輸環境面臨很大的資安問題，要是沒有相關的驗證及加密系統，當攻擊者連上此工廠的區網後，將可以輕易地竊取其中傳輸的資料隨意竄改，或是傳送假資料給後端伺服器，造成整個環境的資料異常。確保物聯網傳輸環境的資料來源都來自合法的設備，並且相關的機密資料都經過封包加密處理，是本篇論文著重研究的部分。
本文提出了一套身分驗證機制，基於橢圓曲線密碼學以及令牌在終端物聯網設備與後端伺服器之間進行身分認證的動作，並利用TLS協定將封包進行加密動作，因為終端物聯網與後端伺服器進行溝通前必須先經過本文提出的驗證機制確認彼此身分，身分合法才會進行溝通，解決了攻擊者模仿終端物聯網設備傳輸假資料的問題，設備之間相互溝通的封包也經過加密處理，使得攻擊者就算竊取到封包也無法得知其內容，本文所提出的驗證機制確保了資料的來源以及資料的正確性。

The development of Industry 4.0 requires intelligent connections between objects. Therefore, many factories are gradually transformed into smart factories. Smart factories use a large number of terminal IoT devices to collect data or monitor the status of equipment for subsequent data processing and big data collection. However, this also leads to a large amount of cybersecurity risks when devices interact with each other through the network. If there is no relevant verification and encryption system, once an attacker enters the area network of this factory, they can easily steal or tamper with the transmitted data or send false data to the backend server, causing abnormal data in the entire environment. Ensuring that the data source of the IoT transmission environment is legal equipment and that related confidential information is packet-encrypted is the focus of this paper's research.
The packets are encrypted using TLS protocol. Since terminal IoT devices and backend servers must confirm each other's identities through the authentication mechanism proposed in this paper before communicating, only legal identities will communicate, which solves the problem of attackers impersonating terminal IoT devices to send false data. The packets exchanged between devices are also encrypted so that even if attackers steal them, they cannot know their contents. The verification mechanism proposed in this paper ensures the source and correctness of the data.

[1] S.Jeschke, C.Brecher, T.Meisen, D.Özdemir, T.Eschert. Industrial internet of things and cyber manufacturing systems. In Industrial Internet of Things; Springer: Cham, Switzerland,pp.3–19,2017.
[2] K.Schwab, The Fourth Industrial Revolution; Crown Business: New York,NY,USA,2017.
[3] I.N.Fovino, A.Carcano, M.Masera, A.Trombetta. Design and implementation of a secure modbus protocol.In Proceedings of the Critical Infrastructure Protection III: Third Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover,NH, USA, 23–25 March 2009.Revised Selected Papers 3.Springer: Berlin/Heidelberg,Germany,2009.
[4] Rescorla,Eric. The transport layer security(TLS) protocol version1.3.No.rfc8446.2018.
[5] Koblitz, Neal, Alfred Menezes, and Scott Vanstone. "The state of elliptic curve cryptography." Designs, codes and cryptography 19 (2000): 173-193.
[6] Jones, Michael, John Bradley, and Nat Sakimura. Json web token (jwt). No. rfc7519. 2015.
[7] Milanov, Evgeny. "The RSA algorithm." RSA laboratories (2009): 1-11.
[8] Mahto, Dindayal, and Dilip Kumar Yadav. "RSA and ECC: A comparative analysis." International journal of applied engineering research 12.19 (2017): 9053-9061.
[9] P.K.Sadhu, P.Y.Venkata, A.Ahmed, Internet of Things: Security and Solutions Survey. Sensors 2022, 22, 7433.
[10] P.Boobalan, S.P.Ramu, Q.Pham, K.Dev, S.Pandya, P.K.R.Maddikunta, T.R.Gadekallu, T.Huynh-The, Fusion of federated learning and industrial Internet of Things: A survey. Comput.Netw.212,109048,2022.
[11] Ahanger, Tariq Ahamed, Abdullah Aljumah, and Mohammed Atiquzzaman."State-of-the-art survey of artificial intelligent techniques forIoT security." Computer Networks (2022),108771.
[12] Sengupta, Jayasree, Sushmita Ruj, and Sipra Das Bit."A comprehensive survey on attacks,security issues and blockchain solutions for IoT and IIoT." Journal of Network and Computer Applications 149 (2020),102481.
[13] Job, Deepu, and Varghese Paul. "Challenges, security mechanisms, and research areas in iot and iiot." Internet of Things and Its Applications (2022), 523-538.
[14] S.A.Boyer, Supervisory Control and Data Acquisition, 4th ed.; International Society of Automation: Research Triangle Park, NC, USA,2009.
[15] M.A.Ferrag, L.Maglaras.Edge-IIoTset: A new comprehensive realistic cyber security dataset of IoT and IIoT applications for centralized and federated learning. IEEE Access 2022,10,40281–40306.
[16] A.Atutxa, J.Astorga, M.Barcelo, A.Urbieta, E.Jacob,Improving efficiency and security of IIoT communications using in-network validation of server certificate. Comput.Ind.2023,144,103802.
[17] Zhou, Luying, Huaqun Guo, and Gelei Deng. "A fog computing based approach to DDoS mitigation in IIoT systems." Computers & Security 85 (2019),51-62.
[18] M.Dammak, O.R.M.Boudia, M.A.Messous, S.M.Senouci and C.Gransart, "Token-Based Lightweight Authentication to Secure IoT Networks," 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC),Las Vegas,NV,USA,pp.1-4,2019.
[19] S.Ahmed and Q.Mahmood. "An authentication based scheme for applications using JSON web token," 2019 22nd International Multitopic Conference (INMIC), Islamabad, Pakistan, pp. 1-6,2019.
[20] Akanksha and A.Chaturvedi, "Comparison of Different Authentication Techniques and Steps to Implement Robust JWT Authentication," 2022 7th International Conference on Communication and ElectronicsSystems (ICCES),pp. 772-779,2022.
[21] J.J.Diaz Rivera, T.A.Khan, W.Akbar, A.Muhammad and W.C.Song, "Secure enrollment token delivery for Zero Trust networks using blockchain," 2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS), Takamatsu,Japan,pp.1-6,2022.
[22] Nyangaresi, Vincent Omollo. "Terminal independent security token derivation scheme for ultra-dense IoT networks." Array 15 (2022):100210.
[23] A.K.Das, M.Wazid, A.R.Yannam, J.J.P.C.Rodrigues and Y.Park, "Provably Secure ECC-Based Device Access Control and Key Agreement Protocol for IoT Environment," in IEEE Access, vol. 7, pp.55382-55397,2019.
[24] E.Lara, L.Aguilar and J.A.García, "Lightweight Authentication Protocol Using Self-Certified Public Keys for Wireless Body Area Networks in Health-Care Applications," in IEEE Access,vol. 9,pp.79196-79213,2021.
[25] P.Li, J.Su and X.Wang, "iTLS: Lightweight Transport-Layer Security Protocol for IoT With Minimal Latency and Perfect Forward Secrecy," in IEEE Internet of Things Journal, vol.7, no.8, pp.6828-6841,Aug.2020.
[26] G.S.Gaba, G.Kumar, H.Monga, T.H.Kim and P.Kumar, "Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments," in IEEE Access, vol.8,pp.69722-69733, 2020.
[27] X.Li, J.Niu, M.Z.A.Bhuiyan, F.Wu, M.Karuppiah and S.Kumari, "A Robust ECC-Based Provable Secure Authentication Protocol With Privacy Preserving for Industrial Internet of Things," in IEEE Transactions on Industrial Informatics, vol.14, no.8, pp.3599-3609, Aug.2018.
[28] Y.Dodis, L.Reyzin and A.Smith, "Fuzzy extractors: How to generatestrong keys from biometrics and other noisy data", Proc. Int. Conf. Theory Appl. Cryptographic Techn.,pp.523-540,2004.
[29] B.Hammi, A.Fayad, R.Khatoun, S.Zeadally and Y.Begriche, "A Lightweight ECC-Based Authentication Scheme for Internet of Things (IoT)," in IEEE Systems Journal, vol. 14, no. 3, pp. 3440-3450, Sept. 2020.
[30] K.Aravindhan and R.R.Karthiga. "One time password: A survey." International Journal of Emerging Trends in Engineering and Development 1.3 (2013): 613-623.
[31] Ankur.Lohachab, "ECC based inter-device authentication and authorization scheme using MQTT for IoT networks." Journal of Information Security and Applications 46 (2019): 1-12.
[32] G.E.Suh and S.Devadas, "Physical Unclonable Functions for Device Authentication and Secret Key Generation," 2007 44th ACM/IEEE Design Automation Conference, San Diego, CA, USA,pp. 9-14,2007.
[33] T.A.Idriss, H.A.Idriss and M.A Bayoumi, "A Lightweight PUF-Based Authentication Protocol Using Secret Pattern Recognition for Constrained IoT Devices," in IEEE Access, vol.9, pp.80546-80558,2021.
[34] S.Garg, K.Kaur, G.Kaddoum and K.K.R.Choo, "Toward Secure and Provable Authentication for Internet of Things: Realizing Industry 4.0," in IEEE Internet of Things Journal, vol. 7, no. 5, pp. 4598-4606, May 2020.
[35] T.Anusas Amornkul, K.Intarak and B.Limthanmaphon, "Security Enhancement on ECC Dynamic Point Encoding for IoT," 2020 Fourth World Conference on Smart Trends in Systems, Security and Sustainability (WorldS4),pp.443-448,2020.
[36] V.Bucur, O.Stan and L.C.Miclea, "Data Loss Prevention and Data Protection in Cloud Environments Based on Authentication Tokens," 2019 22nd International Conference on Control Systems and Computer Science (CSCS),pp.720-725,2019.
[37] B.Li, G.Zhang, S.Lei, H.Fu and J.Wang, "A Lightweight Authentication and Key Agreement Protocol for IoT Based on ECC," 2021 International Conference on Advanced Computing and Endogenous Security, Nanjing,China,pp.1-5,2022.
[38] D.K.Sharma, N.Baghel and S.Agarwal, "Multiple Degree Authentication in Sensible Homes basedon IoT Device Vulnerability," 2020 International Conference on Power Electronics & IoT Applications in Renewable Energy and its Control (PARC), Mathura,India,pp.539-543,2020.
[39] J.Yang, J.Fan and X.Zhu,z"Perception Layer Lightweight Certificateless Authentication Scheme for IoT-Based Emergency Logistics," in IEEE Access,vol.11,pp.14350-14364, 2023.
[40] B.B.Gupta, A.Gaurav, K.T.Chui and C.H.Hsu, "Identity-Based Authentication Technique for IoT Devices," 2022 IEEE International Conference on Consumer Electronics (ICCE), Las Vegas, NV, USA,pp.1-4 ,2022.
[41] W.Li and J.Ying, "A Lightweight Identity Authentication Protocol in the Internet of Things Environment," 2022 IEEE 12th International Conference on Electronics Information and Emergency Communication (ICEIEC), Beijing,China,pp.42-47,2022.
[42] L.Xiao, J.Cai, M.Qiu and M.Liu, "A Secure Identity Authentication Protocol for Edge Data in Smart Grid Environment," 2021 8th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2021 7th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom), Washington, DC, USA, pp.188-193 ,2021.
[43] C.Patel and N.Doshi, "Secure Lightweight Key Exchange Using ECC for User-Gateway Paradigm," in IEEE Transactions on Computers, vol.70, no.11, pp.1789-1803,1 Nov.2021.