scholarly journals Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE

Sensors ◽  
2020 ◽  
Vol 20 (15) ◽  
pp. 4341
Author(s):  
Alejandro Pozo ◽  
Álvaro Alonso ◽  
Joaquín Salvachúa
Keyword(s):  
Access Control ◽  
The Internet ◽  
Cyber Attack ◽  
Service Model ◽  
Production Chain ◽  
Household Tasks ◽  
Security Breaches ◽  
Hypertext Transfer Protocol ◽  
Iot Devices ◽  
The Internet Of Things

The Internet of Things (IoT) brings plenty of opportunities to enhance society’s activities, from improving a factory’s production chain to facilitating people’s household tasks. However, it has also brought new security breaches, compromising privacy and authenticity. IoT devices are vulnerable to being accessed from the Internet; they lack sufficient resources to face cyber-attack threats. Keeping a balance between access control and the devices’ resource consumption has become one of the highest priorities of IoT research. In this paper, we evaluate an access control architecture based on the IAACaaS (IoT application-Scoped Access Control as a Service) model with the aim of protecting IoT devices that communicate using the Publish/Subscribe pattern. IAACaaS is based on the OAuth 2.0 authorization framework, which externalizes the identity and access control infrastructure of applications. In our evaluation, we implement the model using FIWARE Generic Enablers and deploy them for a smart buildings use case with a wireless communication. Then, we compare the performance of two different approaches in the data-sharing between sensors and the Publish/Subscribe broker, using Constrained Application Protocol (CoAP) and Hypertext Transfer Protocol (HTTP) protocols. We conclude that the integration of Publish/Subscribe IoT deployments with IAACaaS adds an extra layer of security and access control without compromising the system’s performance.

Centralized, Distributed, and Everything in between

2022 ◽  
Vol 54 (7) ◽  
pp. 1-34
Author(s):  
Sophie Dramé-Maigné ◽  
Maryline Laurent ◽  
Laurent Castillo ◽  
Hervé Ganem
Keyword(s):  
Access Control ◽  
Future Research ◽  
The Internet ◽  
Research Directions ◽  
Security Issues ◽  
Security Properties ◽  
Future Research Directions ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

scholarly journals Resource Management Based on OCF for Device Self-Registration and Status Detection in IoT Networks

Electronics ◽  
2019 ◽  
Vol 8 (3) ◽  
pp. 311 ◽  
Author(s):  
Wenquan Jin ◽  
Dohyeun Kim
Keyword(s):  
Resource Management ◽  
The Internet ◽  
Sensors And Actuators ◽  
Agent Based ◽  
Management Platform ◽  
The Status ◽  
Hypertext Transfer Protocol ◽  
Iot Devices ◽  
Registration Scheme ◽  
The Internet Of Things

Recently, there are heterogeneous devices that connect to the Internet to provide ubiquitous and intelligent services based on sensors and actuators in the network of the Internet of Things (IoT). The resources of IoT represent the physical entities on the Internet to expose functions through services. Resource management is necessary to enable a massive amount of IoT-connected devices to be discoverable and accessible in the network of IoT. In this paper, we propose an IoT resource management to provide schemes of device self-registration and status detection for devices based on the Open Connectivity Foundation (OCF) standard. This device self-registration scheme is based on an agent that is proposed for registering devices itself which deployed in the OCF network. The devices host the OCF resources to provide IoT services such as sensing and controlling through the sensors and actuators. For a group of devices, an agent-based self-registration is proposed to register the resources. Through the proposed self-registration, the information of IoT devices is published using profile and saved in the management platform that enables the clients to discover the resources and access the services. For accessing the IoT resources in the OCF network, an interworking proxy is proposed to support the communications between web clients and devices over Hypertext Transfer Protocol (HTTP) and Constrained Application Protocol (CoAP) based on OCF. Furthermore, through the interoperability of the resources using the registered information, a real-time monitoring scheme is proposed based on periodic request and response for the status detection of deployed devices.

scholarly journals Medium Access Control Protocols for the Internet of Things Based on Unmanned Aerial Vehicles: A Comparative Survey

Sensors ◽  
2020 ◽  
Vol 20 (19) ◽  
pp. 5586
Author(s):  
Shreya Khisa ◽  
Sangman Moh
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Medium Access Control ◽  
Unmanned Aerial Vehicles ◽  
Mac Protocols ◽  
The Internet ◽  
Medium Access ◽  
Aerial Vehicles ◽  
Iot Devices ◽  
The Internet Of Things

The Internet of Things (IoT), which consists of a large number of small low-cost devices, has become a leading solution for smart cities, smart agriculture, smart buildings, smart grids, e-healthcare, etc. Integrating unmanned aerial vehicles (UAVs) with IoT can result in an airborne UAV-based IoT (UIoT) system and facilitate various value-added services from sky to ground. In addition to wireless sensors, various kinds of IoT devices are connected in UIoT, making the network more heterogeneous. In a UIoT system, for achieving high throughput in an energy-efficient manner, it is crucial to design an efficient medium access control (MAC) protocol because the MAC layer is responsible for coordinating access among the IoT devices in the shared wireless medium. Thus, various MAC protocols with different objectives have been reported for UIoT. However, to the best of the authors’ knowledge, no survey had been performed so far that dedicatedly covers MAC protocols for UIoT. Hence, in this study, state-of-the-art MAC protocols for UIoT are investigated. First, the communication architecture and important design considerations of MAC protocols for UIoT are examined. Subsequently, different MAC protocols for UIoT are classified, reviewed, and discussed with regard to the main ideas, innovative features, advantages, limitations, application domains, and potential future improvements. The reviewed MAC protocols are qualitatively compared with regard to various operational characteristics and system parameters. Additionally, important open research issues and challenges with recommended solutions are summarized and discussed.

Information Flow Control Based on the CapBAC (Capability-Based Access Control) Model in the IoT

2019 ◽  
Vol 10 (4) ◽  
pp. 13-25 ◽  
Author(s):  
Shigenari Nakamura ◽  
Tomoya Enokido ◽  
Makoto Takizawa
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Information Flow ◽  
Control Model ◽  
The Internet ◽  
Information Flow Control ◽  
The Subject ◽  
Access Rights ◽  
Iot Devices ◽  
The Internet Of Things

In the Internet of Things (IoT), not only computers like servers but also devices with sensor and actuator devices are interconnected. It is critical to make the IoT secure, especially devices. In the capability-based access control (CapBAC) model proposed to make IoT devices secure, an owner of each device issues a capability token, i.e. a set of access rights, to a subject. Only a subject holding the capability token is allowed to manipulate the device. However, a subject may get data in a device d1 via another device d2 although the subject holds no capability token to get data from the device d1. Here, the data in the device d1 illegally flow to the subject. In this article, the authors propose the operation interruption (OI) protocol where illegal get operations are interrupted. In the evaluation, the ratio of the number of get operations interrupted to the total number of get operations is kept constant even if the numbers of subjects and access rights granted to each subject increase in the OI protocol.

scholarly journals Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things

2013 ◽  
Author(s):  
Parikshit N. Mahalle ◽  
Bayu Anggorojati ◽  
Neeli R. Prasad ◽  
Ramjee Prasad
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Secure Communication ◽  
Identity Authentication ◽  
Security Protocol ◽  
The Internet ◽  
Dos Attacks ◽  
Security Vulnerabilities ◽  
Iot Devices ◽  
The Internet Of Things

In the last few years the Internet of Things (IoT) has seen widespreadapplication and can be found in each field. Authentication and accesscontrol are important and critical functionalities in the context of IoTto enable secure communication between devices. Mobility, dynamicnetwork topology and weak physical security of low power devices in IoTnetworks are possible sources for security vulnerabilities. It ispromising to make an authentication and access control attack resistant andlightweight in a resource constrained and distributed IoT environment.This paper presents the Identity Authentication and Capability basedAccess Control (IACAC) model with protocol evaluation and performanceanalysis. To protect IoT from man-in-the-middle, replay and denial ofservice (Dos) attacks, the concept of capability for access control isintroduced. The novelty of this model is that, it presents an integratedapproach of authentication and access control for IoT devices. Theresults of other related study have also been analyzed to validate andsupport our findings. Finally, the proposed protocol is evaluated byusing security protocol verification tool and verification results showsthat IACAC is secure against aforementioned attacks. This paper alsodiscusses performance analysis of the protocol in terms of computationaltime compared to other existing solutions. Furthermore, this paper addresseschallenges in IoT and security attacks are modelled with the use casesto give an actual view of IoT networks.

scholarly journals Cybersecurity and the Internet of Things

2016 ◽  
Vol 54 (2(108)) ◽  
pp. 22-36
Author(s):  
Christopher Biedermann
Keyword(s):  
Internet Of Things ◽  
The Internet ◽  
Security Threats ◽  
Cyber Attack ◽  
Security Issues ◽  
Risk Approach ◽  
Key Issues ◽  
Iot Devices ◽  
High Level ◽  
The Internet Of Things

PURPOSE/THESIS: The purpose of this paper is to use a recent cyber-attack to highlight the current state of readiness of Internet of Things (IoT) technologies with regard to security vulnerabilities as well as fundamental – in the author’s opinion – changes that will need to take place within these industries and technologies to mitigate the overall cybersecurity risk. APPROACH/METHODS: The analysis of the findings from numerous existing published security studies. RESULTS AND CONCLUSIONS: The following conclusions were reached: (1) in the world becoming more and more interconnected through the web enabled devices (IoT devices), new forms of security threats have been developed; (2) at present IoT devices introduce a high level of vulnerability; (3) many of these risks may be mitigated with already existing technologies; (4) however, due to the fragmented and heterogeneous nature of the IoT devices, the implementation of even basic levels of security is more challenging than in the case of traditional Internet connected devices (e.g. personal computers); (5) the industry needs to face and address three key issues that will in turn help to mitigate the unique security threats posed by IoT devices, namely: the drive towards open standards, the industry cooperation and consolidation, and the improvement of consumer awareness. ORIGINALITY/VALUE: The value of the research is to highlight the security issues related to the Internet of Things and propose solutions that must be implemented to increase the level of security awareness within the IoT environment.

scholarly journals A survey on approaches to the protection of personal data gathered by IoT devices

2018 ◽  
Author(s):  
Henry Tranter
Keyword(s):  
Internet Of Things ◽  
Personal Data ◽  
The Internet ◽  
Ideal Solution ◽  
Security Systems ◽  
Personal Lives ◽  
Is Security ◽  
The World ◽  
Iot Devices ◽  
The Internet Of Things

Security is always at the forefront of developing technologies. One can seldom go a week without hearing of a new data breach or hacking attempt from various groups around the world, often taking advantage of a simple flaw in a system’s architecture. The Internet of Things (IoT) is one of these developing technologies which may be at risk of such attacks. IoT devices are becoming more and more prevalent in everyday life. From keeping track of an individual’s health, to suggesting meals from items available in an individual’s fridge, these technologies are taking a much larger role in the personal lives of their users. With this in mind, how is security being considered in the development of these technologies? Are these devices that monitor individual’s personal lives just additional vectors for potential data theft? Throughout this survey, various approaches to the development of security systems concerning IoT devices in the home will be discussed, compared, and contrasted in the hope of providing an ideal solution to the problems this technology may produce.

scholarly journals It’s only the beginning: Metadata Retention laws and the Internet of Things

2015 ◽  
Vol 3 (3) ◽  
pp. 47-57
Author(s):  
Clinton Fernandes ◽  
Vijay Sivaraman
Keyword(s):  
Internet Of Things ◽  
The Internet ◽  
Apparent Discrepancy ◽  
Data Retention ◽  
User Control ◽  
The Law ◽  
Iot Devices ◽  
The Internet Of Things ◽  
The Way

This article examines the implications of selected aspects of the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015, which was passed by the Australian Parliament in March 2015. It shows how the new law has strengthened protections for privacy. However, focusing on the investigatory implications, it shows how the law provides a tactical advantage to investigators who pursue whistleblowers and investigative journalists. The article exposes an apparent discrepancy in the way ‘journalist’ is defined across different pieces of legislation. It argues that although legislators’ interest has been overwhelmingly focused on communications data, the explosion of data generated by the so-called Internet-of-Things (IoT) is as important or more. It shows how the sensors in selected IoT devices lead to a loss of user control and will enable non-stop, involuntary and ubiquitous monitoring of individuals. It suggests that the law will need to be amended further once legislators and investigators’ knowledge of the potential of IoT increases. 

Sign in / Sign up

Export Citation Format

Share Document