Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Author:

Cruz-Piris LuisORCID,Rivera DiegoORCID,Marsa-Maestre IvanORCID,Velasco JuanORCID,

Abstract

Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.

Funder

Spanish Ministry of Economy and Competitiveness

University of Alcalá

Publisher

MDPI AG

Subject

Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry

Reference53 articles.

1. Internet of Things (IoT): A vision, architectural elements, and future directions

2. That “Internet of Things” thing;Ashton;RFiD J.,2009

3. On the features and challenges of security and privacy in distributed internet of things

4. User-Managed Access (UMA) Profile of OAuth 2.0;Maler,2016

5. The OAuth 2.0 Authorization Framework;Hardt,2012

Cited by 45 articles. 订阅此论文施引文献 订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献

1. LAA-D: Lightweight Authentication and Access Control Mechanism with Dual-Data Storage in Cloud-Internet of Things System Using Blockchain;Iranian Journal of Science and Technology, Transactions of Electrical Engineering;2024-09-09

2. Recent Lightweight cryptography (LWC) based security advances for resource-constrained IoT networks;Wireless Networks;2024-03-25

3. Blockchain Powered IoT Access Control Model for Secure Data Sharing and Management: Performance Analysis;2023 Second International Conference on Informatics (ICI);2023-11-23

4. A Comparative Study of Access Control Models for Ubiquitous Computing Systems;Proceedings of the 5th International Conference on Information Management & Machine Intelligence;2023-11-23

5. IoT-Based Switch Board for Kids Using ESP Module And AWS;International Journal of Case Studies in Business, IT, and Education;2023-08-19

同舟云学术

1.学者识别学者识别

2.学术分析学术分析

3.人才评估人才评估

"同舟云学术"是以全球学者为主线,采集、加工和组织学术论文而形成的新型学术文献查询和分析系统,可以对全球学者进行文献检索和人才价值评估。用户可以通过关注某些学科领域的顶尖人物而持续追踪该领域的学科进展和研究前沿。经过近期的数据扩容,当前同舟云学术共收录了国内外主流学术期刊6万余种,收集的期刊论文及会议论文总量共计约1.5亿篇,并以每天添加12000余篇中外论文的速度递增。我们也可以为用户提供个性化、定制化的学者数据。欢迎来电咨询!咨询电话:010-8811{复制后删除}0370

www.globalauthorid.com

TOP

Copyright © 2019-2024 北京同舟云网络信息技术有限公司
京公网安备11010802033243号  京ICP备18003416号-3