OAuth-IoT: An access control framework for the Internet of Things based on open standards

Sciancalepore, Savio; Piro, Giuseppe; Caldarola, Daniele; Boggia, Gennaro; Bianchi, Giuseppe

doi:10.1109/iscc.2017.8024606

Cited by 69 publications

(49 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…However, this should be considered malicious behavior from the viewpoint of device security. Therefore, we propose a verifiable mechanism to reconstruct the access tree and remove the collaborative node {Manager} from the tree and modify the threshold value from (2, 3) to (1,2). Obviously, the device cannot satisfy the new access tree and is not allowed to request collaboration.…”

Section: Verifiable and Controlled Collaborationmentioning

confidence: 99%

“…The Internet of Things (IoT) has emerged as a revolutionary type of technology that connects all smart devices together through a distributed capillary networking infrastructure. It enables IoT smart devices to collect and share data more efficiently and autonomously [1], making changes in every corner of our daily lives, including healthcare, transport, environment, energy, business, and culture [2]. Although IoT is promising, security and privacy have been two major issues that have become a bottleneck impeding the application of IoT technology in open environments, where IoT devices are connected to the internet and exposed to unauthorized access [3].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An Attribute-Based Collaborative Access Control Scheme Using Blockchain for IoT Devices

Zhang

Liu

et al. 2020

Electronics

View full text Add to dashboard Cite

The Internet of Things (IoT) benefits our lives by integrating physical devices to the real world and offers a crucial internet infrastructure for future civilization. Because IoT devices are widely distributed and restricted in resources, it is difficult for them to adopt traditional security methods to resist malicious attacks. Unauthorized access to IoT devices, which results in severe privacy and security problems, has become a major challenge that has impeded IoT technology from being widely adopted. Therefore, the access control for IoT devices urgently needs to be improved when dealing with authorization issues. In this paper, we propose an attribute-based access control scheme that provides decentralized, flexible, and fine-grained authorization for IoT devices. Blockchain is utilized to provide authentic and reliable credentials. More importantly, a verifiable collaboration mechanism is designed to meet the needs of controlled access authorization in emergencies. Authority nodes are constructed to execute major computation tasks and interact with the blockchain. The security analysis shows that our scheme can reliably guarantee the security of authorized access. More than security assurance, a proof-of-concept prototype has been implemented to prove that our scheme is scalable, efficient, and accommodates IoT devices well.

show abstract

Section: Verifiable and Controlled Collaborationmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

An Attribute-Based Collaborative Access Control Scheme Using Blockchain for IoT Devices

Zhang

Liu

et al. 2020

Electronics

View full text Add to dashboard Cite

show abstract

“…Finally, Sciancalepore et al propose a different authorization framework for the IoT [20], also based on OAuth 2.0 and other standard protocols. In particular, it provides access control through an intermediary gateway acting as mediator between IoT networks and non-constrained Internet segments.…”

Section: Related Workmentioning

confidence: 99%

“…In particular, it provides access control through an intermediary gateway acting as mediator between IoT networks and non-constrained Internet segments. However, unlike the ACE framework, [20] displays a considerably higher level of complexity and requires the intermediary gateway to be fully trusted.…”

Section: Related Workmentioning

confidence: 99%

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

Aragon

Tiloca

Maaß

et al. 2018

2018 IEEE Conference on Communications and Network Security (CNS)

View full text Add to dashboard Cite

The Authentication and Authorization for Constrained Environments (ACE) framework provides fine-grained access control in the Internet of Things, where devices are resource-constrained and with limited connectivity. The ACE framework defines separate profiles to specify how exactly entities interact and what security and communication protocols to use. This paper presents the novel ACE IPsec profile, which specifies how a client establishes a secure IPsec channel with a resource server, contextually using the ACE framework to enforce authorized access to remote resources. The profile makes it possible to establish IPsec Security Associations, either through their direct provisioning or through the standard IKEv2 protocol. We provide the first Open Source implementation of the ACE IPsec profile for the Contiki OS and test it on the resource-constrained Zolertia Firefly platform. Our experimental performance evaluation confirms that the IPsec profile and its operating modes are affordable and deployable also on constrained IoT platforms.

show abstract

“…OAuth 2.0 is a standard protocol that can be supported by a range of technologies and programming languages [27]. This makes it easy to integrate in any device.…”

Section: The Iot Devicementioning

confidence: 99%

IAACaaS: IoT Application-Scoped Access Control as a Service

et al. 2017

View full text Add to dashboard Cite

access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

show abstract

OAuth-IoT: An access control framework for the Internet of Things based on open standards

Cited by 69 publications

References 10 publications

An Attribute-Based Collaborative Access Control Scheme Using Blockchain for IoT Devices

An Attribute-Based Collaborative Access Control Scheme Using Blockchain for IoT Devices

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

IAACaaS: IoT Application-Scoped Access Control as a Service

Contact Info

Product

Resources

About