TY - JOUR
T1 - Access control in Internet-of-Things
T2 - a survey
AU - Ravidas, Sowmya
AU - Lekidis, Alexios
AU - Paci, Federica
AU - Zannone, Nicola
PY - 2019/10/15
Y1 - 2019/10/15
N2 - The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.
AB - The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.
KW - Access control
KW - IoT
KW - Literature study
UR - http://www.scopus.com/inward/record.url?scp=85068597013&partnerID=8YFLogxK
U2 - 10.1016/j.jnca.2019.06.017
DO - 10.1016/j.jnca.2019.06.017
M3 - Article
AN - SCOPUS:85068597013
SN - 1084-8045
VL - 144
SP - 79
EP - 101
JO - Journal of Network and Computer Applications
JF - Journal of Network and Computer Applications
ER -