Numerous application domains in practice related to target- tracking, monitoring, and transportation have utilized the wide usage of Wireless Sensor Networks (WSN's) technology. These domains use physical networking objects connecting over the Internet to collect and exchange the data. Using the advancement of cloud computing technologies and aggravation of big-data growth caused by the incorporation of the Internet of Things (IoT), secure user authentication for remote access is playing a crucial role. Since it has limited authorization and authentication privileges for mobility users, an approach of mobile-sink has been instigated for the improvisation of remote user authentication i.e. cloud-based IoT applications. As a result, this article proposes a lightweight smartcard based secure authentication (LS-BSA) approach using the mathematical assumption of bilinear-pairing/mapping, elliptic-curve cryptosystems, and fuzzy verifier. An extensive security investigation demonstrates that the proposed LS-BSA not only guarantees the AKA security properties but also prevents significant vulnerabilities. Furthermore, the proposed LS-BSA uses lightweight operations to establish a seamless data connectivity over a secure network. It maintains the compatibility standards including low-cost and low-power to mitigate the computation and communication cost of cloud-based intelligent data computing. Formal security verification of BAN-logic is introduced to show that LS-BSA offers proper mutual user authentication and secret secure-session key agreement between the real-time entities. In addition, a network scenario has been set up using the NS-3 simulator to prove that the proposed LS-BSA is more efficient than other existing schemes in terms of packet delivery ratio, end-to-end delay, and throughput rate. © 2020 Elsevier B.V.