Pragmatic approach using OAuth mechanism for IoT device authorization in cloud

Chung, Seung-Hwa; Kim, Jee Hyeok; Kim, Young‐Jin

doi:10.1109/icacccn.2018.8748856

Cited by 4 publications

(1 citation statement)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…OpenID connect is a layer built on top of the OAuth protocol, it is used to obtain and use access tokens to access protected resources, it implements authentication as an extension to the OAuth authorization process. It provides information about the user in the form of id token and verifies the credentials based on existing data [21]. public DistributedTokenCache(string userId, ISession session) { } } Azure AD Authentication Library manages the cache structure as a private implementation detail with the help of TokenCache class which stores a directory of tokens, indexed by issuer, resource, ClientID and user.…”

Section: Code Implementationmentioning

confidence: 99%

Authentication and Authorization Mechanism for Cloud Security

2019

ijeat

View full text Add to dashboard Cite

Cloud Computing is a most widespread and popular form of computing, promising high reliability for customers and providers both at the same point of time for many fields, where cloud storage security is based on Authentication and Authorization in cloud computing. Data is uploaded into a cloud and stored in a datacenter, Authentication and authorization are the major concerns to access the data stored in cloud by users from the data center. Security is a major issue; these are mainly deal with identity and access management, prevention of data loss and malware attack control management. In this paper we majorly concentrated on Authentication and Authorization to cloud access, we focused on identity management mechanism as cloud security solution that provides directory services for application access management. We discussed the protocols that support authorization and allows the communication across applications with the help of tokens instead of credentials. We even concentrated on the different mechanisms which plays a major role in designing a secured cloud computing architecture from malicious intrusions and attacks, it is a step to verify the presence and functioning of the cloud customers and cloud providers through security mechanisms to protect from different risks, threats and attacks. In this paper we discussed different security Algorithms and Authentication architecture along with the proposed algorithm, where analysis is done along with the computational evaluation with output.specific users [23]. VII. RESULT ANALYSISThe traditional model is designed for cloud security using Microsoft Azure Active Directory, OAuth, OpenID connect, Redirect URI. We concentrated on cloud security and build a secured model based on the parameters of Confidentiality,

show abstract

Section: Code Implementationmentioning

confidence: 99%

Authentication and Authorization Mechanism for Cloud Security

2019

ijeat

View full text Add to dashboard Cite

show abstract

Survey on Delegated and Self-Contained Authorization Techniques in CPS and IoT

2021

View full text Add to dashboard Cite

Authentication, authorization and digital identity management are core features required by secure digital systems. Therein, authorization is the key component for regulating the detailed access credentials to required service resources. Authorization, therefore, plays a significant role in the trust management of autonomous devices and services. Due to the heterogeneous nature of Cyber-Physical Systems and the Internet of Things, several authorization techniques using different access control models, accounts, groups, tokens, and delegations have both strengths and weaknesses. There exists many literature studies on other main security requirements such as authentication, identity management and confidentiality. However, there is a need for a comprehensive review on different authorization techniques in Cyber Physical systems and Internet of Things. A specific target of this paper is authorization in the Cyber Physical system and Internet of Things networks with non-constrained devices in industrial context with mobility, subcontractors, and autonomous machines that are able to carry out advanced tasks on behalf of others. We study the different authorization techniques using our three-dimensional classification including access control models, sub-granting models and authorization governance. We focus on the state of the art on authorization sub-granting, including delegation techniques by access control/authorization server and self-contained authorization using a new concept of Power of Attorney. Comparison is performed on several parameters such as type of communication, method of authorization, control of expiration, and use of techniques such as public-key certificate, encryption techniques, and tokens. The results show the differences and similarities of server-based and Power of Attorney based authorization sub-granting. The most common standards are also analyzed in light of those classifications. INDEX TERMSAuthorization, access control models, Cyber Physical Systems (CPS), Internet of Things (IoT), sub-granting, delegation, Power of Attorney (PoA), OAuth I. INTRODUCTION T HE wider implementation of connected devices makes a significant increase in business revenue. Nowadays, enterprises invest in machine to machine (M2M) communication, Internet of Things (IoT) and Cyber Physical Systems (CPS) to increase competitiveness in different domain areas such as vehicular communication [1] [2], healthcare [3], smart homes [4] [5] and smart grids [6]. The IoT technology connects things and smart objects, that can sense and monitor the surrounding environments, process and transmit the collected sensor data. Currently, the number of connected things have reached to billions or trillions in the world. Industrial IoT (IIoT) is a subset of IoT, which is used in automated M2M and industrial communications to connect all industrial assets. A CPS system integrates internet technology and advanced electronic/mechanic devices so that they can communicate with each other through data 17 exchanges. The CPS uses computer-b...

show abstract

Vulnerable Web Server Protection by Hash Based URL Transformation

Uda

2020

2020 54th Annual Conference on Information Sciences and Systems (CISS)

View full text Add to dashboard Cite

Pragmatic approach using OAuth mechanism for IoT device authorization in cloud

Cited by 4 publications

References 0 publications

Authentication and Authorization Mechanism for Cloud Security

Authentication and Authorization Mechanism for Cloud Security

Survey on Delegated and Self-Contained Authorization Techniques in CPS and IoT

Vulnerable Web Server Protection by Hash Based URL Transformation

Contact Info

Product

Resources

About