Next Article in Journal
An Effective Grouping Method for Privacy-Preserving Bike Sharing Data Publishing
Next Article in Special Issue
Secure and Dynamic Memory Management Architecture for Virtualization Technologies in IoT Devices
Previous Article in Journal
Collaborative Web Service Discovery and Recommendation Based on Social Link
Previous Article in Special Issue
Extensions and Enhancements to “the Secure Remote Update Protocol”
Open AccessArticle

IAACaaS: IoT Application-Scoped Access Control as a Service

Departamento de Ingeniería de Sistemas Telemáticos, Universidad Politécnica de Madrid, 28040 Madrid, Spain
*
Author to whom correspondence should be addressed.
This paper is an extended version of our paper published in Fernández, F.; Alonso, A.; Marco, L.; Salvachúa, J. A model to enable application-scoped access control as a service for IoT using OAuth 2.0. 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN), 2017; pp. 322–324.
Future Internet 2017, 9(4), 64; https://doi.org/10.3390/fi9040064
Received: 1 September 2017 / Revised: 4 October 2017 / Accepted: 13 October 2017 / Published: 17 October 2017
(This article belongs to the Special Issue IoT Security and Privacy)
access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability. View Full-Text
Keywords: IoT; security; access control; identity management; OAuth 2.0; IAACaaS IoT; security; access control; identity management; OAuth 2.0; IAACaaS
Show Figures

Figure 1

MDPI and ACS Style

Alonso, Á.; Fernández, F.; Marco, L.; Salvachúa, J. IAACaaS: IoT Application-Scoped Access Control as a Service. Future Internet 2017, 9, 64.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Search more from Scilit
 
Search
Back to TopTop