Summary
The vision of Industry 4.0 is characterized by the amalgamation of cyber‐physical systems and industrial Internet of Things. Such a complex ecosystem urges for the requirement of novel security protocol and mechanisms for access control so as to allow the smart devices to authorize external entities and granting them access rights without depending on centralized authentication entities. The work proposed in this article aims to utilize a community‐based hierarchical approach to define the procedure for obtaining access rights in the Industry 4.0 ecosystem. The proposed scheme considers a hierarchy of authorizing devices that work in collaboration for providing access control of the smart end devices to the users. The adoption of hierarchical structure ensures that the access rights are eventually given to only those users that have passed multiple levels of successful authorization. The proposed scheme also combats any infringement of users identity since the authorizing entities involved in the proposed system work in close collaboration for user authentication. The proposed user authentication scheme has been validated using burrows‐abadi‐needham (BAN)‐logic and is proved to be secure against a variety of security attacks.