PERSONAL VOICE ASSISTANT

Indernal Chutia
Nishil Singh
Ujjwal Singh
Sudhir Yadav
Chandigarh
University
Chandigarh,India
 expected to grow to $130 billion by 2020, with the
Abstract:-This paper discusses the use of JSON market value of smart home manufacturing and
Web Token (JWT) and Transport Layer Security application makers accounting for about $60 billion.
(TLS) as primary authentication methods for the According to Statista, the US smart home market will
Internet of Things (IoT). JWT is widely used for increase by 21.05% annually from 2016 to 2020, with
authorization and authentication within the OAuth 5.82% of the US population using smart home products.
and OpenId frameworks. Google Cloud IoT By 2020, approximately 18% of Americans are expected
mandates JWT for HTTP and Message Queuing to use smart home products.
Telemetry Transport (MQTT) protocol-based clients
connecting to the cloud service securely over TLS. In response to a survey of 3000 US and Canadian
MQTT is the protocol of choice in IoT devices and is consumers in 2014 and 2015, 90% of smart device
the primary focus of this paper as the application buyers cited home security as a reason to purchase smart
protocol. Amazon Web Service (AWS) uses TLS home technology, while 70% said it was for cost
mutual authentication for client authentication. The savings, including remote control of heating and
comparison between the two approaches is primarily commissioning gas valves during commuting.
from a constrained device client perspective. The IoT
has opened up new technologies like smart grids,
connected cars, and smart farms, with the smart
home being the fastest growing market. However, II. LITERATURE SURVEY
the smart home has been exposed to security threats,
such as session/cookie vulnerabilities and the use of Voice The JSON Web Token (JWT) is a digitally secure
vulnerable OAuth. This paper proposes a user representation and exchange of claims between two or
authentication method using JWT and IMEI in the more parties on the internet. It can be encrypted using
smart home, solving the problem of unauthorized JSON Web Encryption (JWE) or digitally signed using
smart home device registration by hackers. JSON Web Signature (JWS). The JWT consists of three
parts: the header, payload, and signature. MQTT is
Keywords—JSON Web Token (JWT),user authentication; defined over TCP transport, with TCP port 1883
smart home device; security BERT reserved for the MQTT protocol. If TLS is used for
securing communication between the client and broker,
I. INTRODUCTION TCP port 8883 is used. A new specification, MQTT for
Senor Networks (MQTT-SN), has been defined for the
The JSON Web Token (JWT) is a digitally secure UDP transport.
representation and exchange of claims between two
or more parties on the internet. It is used in the A client can publish data to a broker using the MQTT
OAuth framework for authorization grants by users publish message, while a broker can send data to a client
of services to third parties, allowing them to access via a publish message. Each publish message contains a
user resources on the service. The OAuth framework topic field that identifies the data being published, such
is widely used for web and mobile phone as temperature measurements or GPS. Clients can
applications and is specified in the RFC6749. subscribe to topics of interest, which are of variable
length. The choice of authentication and authorized
JWT has been introduced in various applications, access is left to the implementation, and clients must
such as LinkedIn, OpenID Connect, Google Cloud, comply with the broker they wish to communicate with.
Amazon Web Service (AWS), and the Internet of
Things (IoT). The JWT allows for the encryption of Some implementations of MQTT make issues with
claims using JSON Web Encryption (JWE) or digital leaving much to the implementation clear, as they allow
signing using JSON Web Signature (JWS). The JWT unauthenticated clients to publish data to authenticated
format is specified in [RFC7516], [RFC7515], and subscribing clients that authenticate the server using
[RFC8259]. TLS. The specification allows for implementation-
specific client authentication schemes, but all
The IoT has become increasingly popular due to the possibilities are not considered and compared. This
development of smart devices, including the smart research is limited to comparing the schemes listed
home market. The smart home product market is below: User name and password, Client Authentication
using TLS, and Client Authentication using JWT.
The Korea Association Smart Home (KASH) defines
a smart home as a human-centered living
environment that integrates IT into the residential
environment, promoting welfare and safe living.
Users can purchase and use their own smart home
devices to control their homes. Smart home devices
consist of various smart devices and sensors, a
remote device accessing the smart home, and an
access point (AP) connecting them. Each device has
different communication and power specifications,
with devices capable of communicating directly with
the AP or through another device.
The hierarchy structure of smart home devices
includes the application layer, transport layer,
network layer, and link layer. Users can install a
dedicated application for the remote device to
communicate with the connected smart home device.
However, each device has different standards
depending on the platform, so users must install
separate applications for new devices.
Security threats, such as takeovers and personal
information leakage by hackers, are increasing,
necessitating the definition of security requirements
for a secure smart home environment. In the smart
home environment, numerous amounts and types of
data are transmitted among various devices, IoT
gateways, and users. To prevent external exposure,
security measures should be applied to protect
sensitive personal credit or privacy information.
Simple data, such as logs, documents, images, and
animations, may hold sensitive personal credit or
privacy information that should be protected if
malicious users analyze their correlation using big
data analysis techniques.
REFRENCES
[1] [GCS IoT: JWT] Google Cloud: IoT: Using JSON
Web Tokens (JWTs). Tech. rep. url: https : / / cloud .
google . com / iot / docs / how - tos /
credentials/jwts.
[2] . [GCS: IoT] Google Cloud: IoT: Using the MQTT
Bridge. Tech. rep. url: https : / / cloud . google . com
/ iot / docs / how - tos / mqtt – bridge.
[3] [RFC2246] Dierks & Allen. The TLS Protocol
Version 1.0. RFC 2246. RFC Editor, Jan. 1999. url:
http : / / www . rfc - editor . org / rfc / rfc2246.txt.
[4] [JWT based Auth] Seung Wook Jung & Souhwan
Jung. A Study on a JWT-Based User Authentication
and API Assessment Scheme Using IMEI in a Smart
Home Environment. Tech. rep. 2017. url:
http://www. mdpi.com/2071-1050/9/7/1099.
[5] Wang, G.; Song, D. Smart Home Services Using the
Internet of Things. In Internet of Things and Data
Analytics Handbook; Wiley: Hoboken, NJ, USA,
2017; pp. 613–630
IEEE conference templates contain guidance text for
composing and formatting conference papers. Please
ensure that all template text is removed from your
conference paper prior to submission to the
conference. Failure to remove template text from your
paper may result in your paper not being published.