Group-Based Authentication Methods in The OneM2M Ecosystem

Abstract

The essential element of the Internet of Things (IoT) environment, the number of devices has traditionally ex-ceeded the number of devices connected to the Internet. This situation is considered positive for the IoT concept but still has negative consequences. Undoubtedly, the most prominent and most important among these results is the security of the devices and the constructed IoT environment. Group-based authentication and authorization methods are crucial to ensure the safety of many IoT devices and the environment. In this study, the “auth” mechanism that performs group-based authentication and authorization processes, serving from the first moment when the devices in the IoT environment are included in the system until they leave the system, has been devel-oped. In the development process of the “auth” mechanism, the Mobius IoT platform, which is evaluated as a golden sample by the oneM2M global organization and developed as an open-source code, is taken as the basis. The “auth” mechanism tested in three different test environments, including simulation, physical, and cloud environments, were tested using five different test scenarios. By using the group management module provided by the IoT service platform and the “auth” mechanism's together, it has been observed that the computational overhead on the devices and the signal traffic in the environment provide up to 4 times efficiency according to performance measurements. With the development of the “auth” mechanism with a flexible structure, it can be operated independently from the IoT server platform, allowing interoperability between oneM2M-based IoT server platforms.