Authorization framework for the Internet-of-Things

Seitz, Lüdwig; Selander, Göran; Gehrmann, Christian

doi:10.1109/wowmom.2013.6583465

Cited by 82 publications

(70 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Further, this solution does not seamlessly support mobility, which is a major requirement of the future Internet and a desirable characteristic for IoT applications. Recently, several works [20][21][22][23][24][25] focus on establishing an authorization framework for IoT, and enable access control in the IoT. However, these piece-wise solutions do not provide a complete framework to address many practical issues facing IoT systems, such as identification, addressing, mobility, interoperability and scalability.…”

Section: Survey Of the Evolution Of Iot Architecturesmentioning

confidence: 99%

A Security Framework for the Internet of Things in the Future Internet Architecture

et al. 2017

View full text Add to dashboard Cite

Abstract:The Internet of Things (IoT) is a recent trend that extends the boundary of the Internet to include a wide variety of computing devices. Connecting many stand-alone IoT systems through the Internet introduces many challenges, with security being front-and-center since much of the collected information will be exposed to a wide and often unknown audience. Unfortunately, due to the intrinsic capability limits of low-end IoT devices, which account for a majority of the IoT end hosts, many traditional security methods cannot be applied to secure IoT systems, which open a door for attacks and exploits directed both against IoT services and the broader Internet. This paper addresses this issue by introducing a unified IoT framework based on the MobilityFirst future Internet architecture that explicitly focuses on supporting security for the IoT. Our design integrates local IoT systems into the global Internet without losing usability, interoperability and security protection. Specifically, we introduced an IoT middleware layer that connects heterogeneous hardware in local IoT systems to the global MobilityFirst network. We propose an IoT name resolution service (IoT-NRS) as a core component of the middleware layer, and develop a lightweight keying protocol that establishes trust between an IoT device and the IoT-NRS.

show abstract

Section: Survey Of the Evolution Of Iot Architecturesmentioning

confidence: 99%

A Security Framework for the Internet of Things in the Future Internet Architecture

et al. 2017

View full text Add to dashboard Cite

show abstract

“…This proposal is based on a multishow credentials system, which is used by users to authenticate anonymously. In addition, in [27] provides an authorization framework based on SAML assertions that are obtained from decisions made by an engine based on XACML. These assertions are used to get access to an IoT device through the use of symmetric key cryptography.…”

Section: Related Workmentioning

confidence: 99%

Holistic Privacy-Preserving Identity Management System for the Internet of Things

Bernabé

Hernández-Ramos

Gómez

2017

Mobile Information Systems

View full text Add to dashboard Cite

Security and privacy concerns are becoming an important barrier for large scale adoption and deployment of the Internet of Things. To address this issue, the identity management system defined herein provides a novel holistic and privacy-preserving solution aiming to cope with heterogeneous scenarios that requires both traditional online access control and authentication, along with claim-based approach for M2M (machine to machine) interactions required in IoT. It combines a cryptographic approach for claim-based authentication using the Idemix anonymous credential system, together with classic IdM mechanisms by relying on the FIWARE IdM (Keyrock). This symbiosis endows the IdM system with advanced features such as privacy-preserving, minimal disclosure, zero-knowledge proofs, unlikability, confidentiality, pseudonymity, strong authentication, user consent, and offline M2M transactions. The IdM system has been specially tailored for the Internet of Things bearing in mind the management of both users' and smart objects' identity. Moreover, the IdM system has been successfully implemented, deployed, and tested in the scope of SocIoTal European research project.

show abstract

“…Seitz et al [20] propose a framework with Authorization Engine as Trusted Third Party. It resolves authorization requests for constrained devices when user wants to access any of devices data or service.…”

Section: Related Workmentioning

confidence: 99%

“…They lack in terms of propagation of security rules across the network. An excellent research for general means of securing of the data in the IoT environment provides [13,20]. However, they do not address two significant use-casesdevice to device and device to user communication.…”

Section: Related Workmentioning

confidence: 99%

Authentication and Authorization Rules Sharing for Internet of Things

Trnka

Černý

2016

JSN

View full text Add to dashboard Cite

Significant interest in internet of things drives both research and industry production these days. A lot of important questions has been solved but some remain opened. One of the essential unresolved issue is the identity management of particular end devices.Having possibility to share authorization and authentication rules across network between various sensors, applications and users have clear advantages. It reduces duplication of those policies, while ensuring that they are coherent across the board. There are various proposals, methods and frameworks for identity management in normal environment. However, just few of them is usable in internet of things environment and even less have been made directly for the usage in the internet of things devices. This paper proposes solution for management of devices for internet of things. The solution is based on central identity store. Each device has an associated account in the store that any device and application in the network can verify the device's identity against. The central element does not provide only authentication of the devices, but the devices can be associated with different roles. Those roles can be used for authorization.Case study for the proposed framework is built on top of the current web standards as OpenID Connect, OAuth and JSON Web Token. Also, central identity store is based on well-established open source solution.Journal of Software Networking, 35-52. doi: 10.13052/jsn2445-9739.2017.003 c 2017 River Publishers. All rights reserved. M. Trnka and T. CernyThe communication scheme is very simple -after the device's account is established, it retrieves OAuth 2.0 token and uses it to certify itself in every network connection. The token does not only contain authentication information, but also roles assigned to the device. The central element thus creates trusted environment and enables rapid response for any security events.

show abstract

Authorization framework for the Internet-of-Things

Cited by 82 publications

References 5 publications

A Security Framework for the Internet of Things in the Future Internet Architecture

A Security Framework for the Internet of Things in the Future Internet Architecture

Holistic Privacy-Preserving Identity Management System for the Internet of Things

Authentication and Authorization Rules Sharing for Internet of Things

Contact Info

Product

Resources

About