Next Article in Journal
Arc-Induced Long Period Gratings from Standard to Polarization-Maintaining and Photonic Crystal Fibers
Next Article in Special Issue
A Low-Cost Tracking System for Running Race Applications Based on Bluetooth Low Energy Technology
Previous Article in Journal
Measurement of Temperature and Relative Humidity with Polymer Optical Fiber Sensors Based on the Induced Stress-Optic Effect
Previous Article in Special Issue
Method of the Determination of Exterior Orientation of Sensors in Hilbert Type Space
Article Menu
Issue 3 (March) cover image

Export Article

Open AccessArticle

Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

Departamento de Automática, Escuela Politécnica Superior, Universidad de Alcalá, 28805 Alcalá de Henares, Madrid, Spain
Author to whom correspondence should be addressed.
Sensors 2018, 18(3), 917;
Received: 27 February 2018 / Revised: 15 March 2018 / Accepted: 18 March 2018 / Published: 20 March 2018
(This article belongs to the Special Issue I3S 2017 Selected Papers)
PDF [665 KB, uploaded 20 March 2018]


Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal. View Full-Text
Keywords: access control; Internet of Things; security; MQTT; OAuth access control; Internet of Things; security; MQTT; OAuth

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).

Share & Cite This Article

MDPI and ACS Style

Cruz-Piris, L.; Rivera, D.; Marsa-Maestre, I.; De la Hoz, E.; Velasco, J.R. Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources. Sensors 2018, 18, 917.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics



[Return to top]
Sensors EISSN 1424-8220 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top