A model to enable application-scoped access control as a service for IoT using OAuth 2.0

Fernández, Federico; Alonso, Andoni; Marco, Lourdes; Salvachúa, Joaquín

doi:10.1109/icin.2017.7899433

Cited by 34 publications

(29 citation statements)

References 9 publications

(8 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…FIWARE Security Framework [47,49] provides several software components for providing Identity and Access control to the FIWARE-based services and applications. Specifically, it offers an OAuth 2.0 server for registering third-party applications delegating the authentication to such server.…”

Section: Validation and Resultsmentioning

confidence: 99%

“…As we pointed out earlier, the model we propose allows service providers to decide the interface they should serve to the users depending on their functional capabilities. To achieve this, we have considered IAACaaS (IoT Application-Scoped Access Control as a Service) model [46,47] as a starting point. IAACaaS enables the complete delegation of authentication and authorization to enable an as a service access control mechanism for Internet of Things applications.…”

Section: Basic Architecturementioning

confidence: 99%

See 1 more Smart Citation

An Identity Model for Providing Inclusive Services and Applications

2019

Self Cite

View full text Add to dashboard Cite

Information and Communication Technologies (ICT) need to be accessible for every single person in the globe. Governments and companies are starting to regulate products and services to ensure digital accessibility as a mandatory requirement. A recent example is the European standard EN 301 549, where the functional accessibility requirements for ICT products and services are defined. Especially on the Web, these standards must be integrated throughout the development processes, where the selected architecture models play an essential role. Starting from a model that is based on the OAuth 2.0 protocol, and that allows the complete delegation of authorization (so that an as a service access control mechanism is provided), this paper propose an identity model for providing inclusive services and applications. The model takes advantage of the users’ profiles and their functional attributes to determine how to serve web interfaces to them in a specific service. Those attributes are entirely flexible, and can be defined linked to users’ functional capabilities, or even a particular skill. We have implemented the proposed model as an extension of an existing open source Identity Manager and tested it with a real use case deployment. We conclude that the proposed solution enables a new identity paradigm that allows service providers to design their interfaces satisfying the diversity requirements in terms of design and development.

show abstract

Section: Validation and Resultsmentioning

confidence: 99%

Section: Basic Architecturementioning

confidence: 99%

An Identity Model for Providing Inclusive Services and Applications

2019

Self Cite

View full text Add to dashboard Cite

show abstract

“…There are several approaches having been used to implement OAuth 2.0 with access control, such as access control with application scope for IoT used by Federico Fernandez [7]. Thus, the architectural concept enables access control on IoT.…”

Section: Related Workmentioning

confidence: 99%

Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization

Triartono¹,

Negara²,

Sussi³

2019

EECSI

View full text Add to dashboard Cite

As today's technology transition from monolithic towards microservices architecture, the authentication and authorization system also becomes a new concern because of the difference between monolithic and microservices pattern. Monolithic mostly uses role-based access control while microservices uses scope with OAuth 2.0. With this in mind, there is a need for a model that can integrate OAuth 2.0 with role-based access control. With rolebased access control implemented on OAuth 2.0, we expect a simpler authorization process and a more secure authentication and authorization system for microservices backend architecture. This paper proposes a model to implement role-based access control on OAuth 2.0 using Laravel framework, we also test the performance of the system following by response time, data transferred and throughput. From the performance test, this approach has a good performance and can handle certain requests with simulated users even with limited resources.

show abstract

“…Figure 2 shows the architecture we propose to achieve the Identity and Access Management IDS requirements using FIWARE components. It is based on the work explained in [ 26 , 27 ], where a generic IoT Application-Scoped Access Control as a Service (IAACaaS) mechanism is proposed. Here we extend and adapt it to fit the specific requirements of IDS.…”

Section: Materializing Industrial Data Space Architecture With Fiwmentioning

confidence: 99%

Industrial Data Space Architecture Implementation Using FIWARE

Alonso

García-Pozo

Cantera³

et al. 2018

Sensors

View full text Add to dashboard Cite

We are in front of a new digital revolution that will transform the way we understand and use services and infrastructures. One of the key factors of this revolution is related to the evolution of the Internet of Things (IoT). Connected sensors will be installed in cities and homes affecting the daily life of people and providing them new ways of performing their daily activities. However, this revolution will also affect business and industry bringing the IoT to the production processes in what is called Industry 4.0. Sensor-enabled manufacturing equipment will allow real time communication, smart diagnosis and autonomous decision making. In this scope, the Industrial Data Spaces (IDS) Association has created a Reference Architecture model that aims to provide a common frame for designing and deploying Industry IoT infrastructures. In this paper, we present an implementation of such Reference Architecture based on FIWARE open source software components (Generic Enablers). We validate the proposed architecture by deploying and testing it in a real industry use case that tries to improve the maintenance and operation of milling machines. We conclude that the FIWARE-based IDS implementation fits the requirements of the IDS Reference Architecture providing open source software suitable to any Industry 4.0 environment.

show abstract

A model to enable application-scoped access control as a service for IoT using OAuth 2.0

Cited by 34 publications

References 9 publications

An Identity Model for Providing Inclusive Services and Applications

An Identity Model for Providing Inclusive Services and Applications

Implementation of Role-Based Access Control on OAuth 2.0 as Authentication and Authorization

Industrial Data Space Architecture Implementation Using FIWARE

Contact Info

Product

Resources

About