A Comprehensive Systematic Review of Access Control in IoT: Requirements, Technologies, and Evaluation Metrics

Iqal, Zeinab M.; Selamat, Ali; Krejcar, Ondrej

doi:10.1109/access.2023.3347495

Cited by 1 publication

(1 citation statement)

References 111 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Technologies such as access control, encryption, and blockchain are fortunately capable of addressing the challenges faced by IoT data sharing. Access control stands out as a leading technology for securing IoT data, permitting users to access data within specified limits, legally [7][8][9]. It is widely recognized that conventional access control models provide only broad and coarse-grained access control, rendering them inadequate for the typical open environments of the IoT.…”

Section: Introductionmentioning

confidence: 99%

SDACS: Blockchain-Based Secure and Dynamic Access Control Scheme for Internet of Things

Gong,

Zhang,

Wei

et al. 2024

Sensors

View full text Add to dashboard Cite

With the rapid growth of the Internet of Things (IoT), massive terminal devices are connected to the network, generating a large amount of IoT data. The reliable sharing of IoT data is crucial for fields such as smart home and healthcare, as it promotes the intelligence of the IoT and provides faster problem solutions. Traditional data sharing schemes usually rely on a trusted centralized server to achieve each attempted access from users to data, which faces serious challenges of a single point of failure, low reliability, and an opaque access process in current IoT environments. To address these disadvantages, we propose a secure and dynamic access control scheme for the IoT, named SDACS, which enables data owners to achieve decentralized and fine-grained access control in an auditable and reliable way. For access control, attribute-based control (ABAC), Hyperledger Fabric, and interplanetary file system (IPFS) were used, with four kinds of access control contracts deployed on blockchain to coordinate and implement access policies. Additionally, a lightweight, certificateless authentication protocol was proposed to minimize the disclosure of identity information and ensure the double-layer protection of data through secure off-chain identity authentication and message transmission. The experimental and theoretical analysis demonstrated that our scheme can maintain high throughput while achieving high security and stability in IoT data security sharing scenarios.

show abstract

Section: Introductionmentioning

confidence: 99%