AbstractThe Internet of Things (IoT) is emerging as an attractive paradigm, and several IoT models and related security issues have received widespread attentions. In this paper, we focus on an existing U2IoT architecture (i.e., Unit IoT and Ubiquitous IoT), and propose a directed path based authentication scheme (DPAS) to realize security protection for the U2IoT architecture. Particularly, the directed path descriptor is introduced for the secret key distribution and cross-network authentication, and the proof mapping is applied to establish tri-dimensional equivalence relations among diverse nodes for achieving mutual authentication. Moreover, security analysis shows that DPAS achieves data confidentiality and integrity, authentication, anonymity and forward security, and performance analysis indicates that DPAS with moderate communication overhead and computation load is suitable for the IoT applications.