Performance Evaluation of OpenID Connect for an IoT Information Marketplace

Blázquez, Alberto; Tsiatsis, Vlasios; Vandikas, Konstantinos

doi:10.1109/vtcspring.2015.7146004

Cited by 16 publications

(9 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Future work in this area includes, e.g., designing and evaluating a proxy solution for DIDs, an evaluation of the benefits and drawbacks of DIDs compared to other identifier solutions, including roles/attributes-based solutions (e.g., [44]), token-based solutions (e.g., OpenID as used in [45]), capabilities-based solutions (e.g., [46]), and others. Another area for future work is studying how the use of DIDs could enhance the general IoT authorisation problem, i.e., how the user gets access to some device, which is managed by some party.…”

Section: Discussionmentioning

confidence: 99%

Improving the Privacy of IoT with Decentralised Identifiers (DIDs)

Kortesniemi

Lagutin²,

Elo³

et al. 2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

When IoT devices operate not only with the owner of the device but also with third parties, identifying the device using a permanent identifier, e.g., a hardware identifier, can present privacy problems due to the identifier facilitating tracking and correlation attacks. A changeable identifier can be used to reduce the risk on privacy. This paper looks at using decentralised identifiers (DIDs), an upcoming standard of self-sovereign identifiers with multiple competing implementations, with IoT devices. The paper analyses the resource requirements of running DIDs on the IoT devices and finds that even quite small devices can successfully deploy DIDs and proposes that the most constrained devices could rely on a proxy approach. Finally, the privacy benefits and limitations of using DIDs are analysed, with the conclusion that DIDs significantly improve the users’ privacy when utilised properly.

show abstract

Section: Discussionmentioning

confidence: 99%

Improving the Privacy of IoT with Decentralised Identifiers (DIDs)

Kortesniemi

Lagutin²,

Elo³

et al. 2019

Journal of Computer Networks and Communications

View full text Add to dashboard Cite

show abstract

“… Authentication factor Identity: An information presented by one party to another to authenticate itself. Identity-based authentication schemes can use one (or a combination) of hash, symmetric or asymmetric cryptographic algorithms.Context: which can be: Physical: Biometric information based on physical characteristics of an individual, e.g., fingerprints, hand geometry, retinal scans, etc.Behavioral: Biometric based on behavioral characteristics of an individual, e.g., keystroke dynamics (pattern of rhythm and timing created when a person types), gait analysis (method used to assess the way we walk or run), voice ID (voice authentication that uses voice-print), etc. Use of tokens Token-based Authentication: Authenticates a user/device based on an identification token (piece of data) created by a server such as OAuth2 protocol [65,66] or open ID [67]. Non-Token based authentication: Involves the use of the credentials (username/password) every time there is a need to exchange data (e.g., TLS/DTLS [12,68,69]). Authentication procedure One-way authentication: In a scenario of two parties wishing to communicate with each other, only one party will authenticate itself to the other, while the other one remains unauthenticated.Two-way authentication: It is also called mutual authentication, in which both entities authenticate each other.Three-way authentication: Where a central authority authenticates the two parties and helps them to mutually authenticate themselves. Authentication architecture Distributed: Using a distributed straight authentication method between the communicating parties.Centralized: Using a centralized server or a trusted third party to distribute and manage the credentials used for authentication.Whether centralized or distributed, the authentication scheme architecture can be: Hierarchical: Utilizing a multi-level architecture to handle the authentication procedure.Flat: No hierarchical architecture is used to deal with the authentication procedure. IoT layer : Indicates the layer at which the authentication procedure is applied.…”

Section: Taxonomy Of Iot Authentication Schemesmentioning

confidence: 99%

A Survey of Internet of Things (IoT) Authentication Schemes

El-Hajj

Fadlallah

Chamoun

et al. 2019

Sensors

333

151

View full text Add to dashboard Cite

The Internet of Things (IoT) is the ability to provide everyday devices with a way of identification and another way for communication with each other. The spectrum of IoT application domains is very large including smart homes, smart cities, wearables, e-health, etc. Consequently, tens and even hundreds of billions of devices will be connected. Such devices will have smart capabilities to collect, analyze and even make decisions without any human interaction. Security is a supreme requirement in such circumstances, and in particular authentication is of high interest given the damage that could happen from a malicious unauthenticated device in an IoT system. This paper gives a near complete and up-to-date view of the IoT authentication field. It provides a summary of a large range of authentication protocols proposed in the literature. Using a multi-criteria classification previously introduced in our work, it compares and evaluates the proposed authentication protocols, showing their strengths and weaknesses, which constitutes a fundamental first step for researchers and developers addressing this domain.

show abstract

“…Since this work uses OpenID, it inherits well-know challenges of this platform. For example, if we consider the latency and throughput of the network and the use of computational resources of the devices, the OpenID contributes to highload environments, resulting in a performance loss [105]. Furthermore, since the access token mechanism of the OpenID Connect protocol utilizes the same token across different requests, a malicious user can acquire this token to use in a man-in-the-middle attack and get unauthorized access to data.…”

Section: User-centric Iamsmentioning

confidence: 99%

Survey on Identity and Access Management for Internet of Things

Cremonezi

Vieira

Nacif

et al. 2020

Preprint

View full text Add to dashboard Cite

The Internet of Things (IoT) encompasses a large number of connected devices, generating and sharing diﬀerent types of data among themselves. These data enable the creation of society-changing applications, such as health monitoring and autonomous vehicles. Under this context, protecting the access of these connected devices and their data is critical to IoT applications’ success, since a single data breach can incur into a cascade eﬀect, which leads to devastating consequences. Identity and Access Management (IAM) systems provide mechanisms to identify individuals at the network and determine their access privileges, thus avoiding inappropriate access. However, the current IAMs system struggles to provide the scale or manage the complex relationships that IoT brings. In this work, we present a comprehensive state-of-the-art survey of IAMs and the main concepts and challenges when applied to IoT. First, we overview the IoT technology, giving its essential characteristics and communication architectures and its main applications. Then, we present IAMs state-of-the-art and the main concepts, existing architectures, and challenges. Finally, we focus on current IAMs that aims to tackle the IoT complexity, along with an in-depth analysis of their proposals and future directions in the ﬁeld.

show abstract

Performance Evaluation of OpenID Connect for an IoT Information Marketplace

Cited by 16 publications

References 3 publications

Improving the Privacy of IoT with Decentralised Identifiers (DIDs)

Improving the Privacy of IoT with Decentralised Identifiers (DIDs)

A Survey of Internet of Things (IoT) Authentication Schemes

Survey on Identity and Access Management for Internet of Things

Contact Info

Product

Resources

About