Combining of NFC, BLE and Physical Web Technologies for Objects Authentication on IoT Scenarios

In this work, we present a solution to guarantee the authentication of augmented objects with NFC tags disseminated in Internet of Things (IoT) scenarios. Security against counterfeiting of Tags associated with objects is precarious when IoT solutions do not make use of mobile applications to interact with these objects. While mobile applications make it possible to use secure Tags that store information in user-defined formats that are only recognized by a mobile application, this is not possible when IoT solutions are based on Web applications that make use of the NFC controller of mobile devices. Therefore, these NFC solutions are subject to possible falsifications of the NFC Tags that make it impossible to apply them to areas where the authentication of the Tags is required. The proposal presented in this work combines the use of beacons (BLE) and the physical Web for the authentication of the Tags. Beacons are used to guarantee the location of users and the broadcast of URLs that are received by users through the physical Web. These URLs, once validated, are responsible for generating credentials that authenticate the NFC Tags and guarantee the secure interactions of the users in IoT scenarios.