Access control in Internet-of-Things: a survey

Sowmya Ravidas (Corresponding author), Alexios Lekidis, Federica Paci, Nicola Zannone

Research output: Contribution to journalArticleAcademicpeer-review

1 Citation (Scopus)

Abstract

The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.

Original languageEnglish
Pages (from-to)79-101
Number of pages23
JournalJournal of Network and Computer Applications
Volume144
DOIs
Publication statusPublished - 15 Oct 2019

Fingerprint

Access control
Internet of things
Ecosystems
Industry

Keywords

  • Access control
  • IoT
  • Literature study

Cite this

@article{5efccc5e6c5b49bbb4e288bb90458d45,
title = "Access control in Internet-of-Things: a survey",
abstract = "The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.",
keywords = "Access control, IoT, Literature study",
author = "Sowmya Ravidas and Alexios Lekidis and Federica Paci and Nicola Zannone",
year = "2019",
month = "10",
day = "15",
doi = "10.1016/j.jnca.2019.06.017",
language = "English",
volume = "144",
pages = "79--101",
journal = "Journal of Network and Computer Applications",
issn = "1084-8045",
publisher = "Academic Press Inc.",

}

Access control in Internet-of-Things : a survey. / Ravidas, Sowmya (Corresponding author); Lekidis, Alexios; Paci, Federica; Zannone, Nicola.

In: Journal of Network and Computer Applications, Vol. 144, 15.10.2019, p. 79-101.

Research output: Contribution to journalArticleAcademicpeer-review

TY - JOUR

T1 - Access control in Internet-of-Things

T2 - a survey

AU - Ravidas, Sowmya

AU - Lekidis, Alexios

AU - Paci, Federica

AU - Zannone, Nicola

PY - 2019/10/15

Y1 - 2019/10/15

N2 - The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.

AB - The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.

KW - Access control

KW - IoT

KW - Literature study

UR - http://www.scopus.com/inward/record.url?scp=85068597013&partnerID=8YFLogxK

U2 - 10.1016/j.jnca.2019.06.017

DO - 10.1016/j.jnca.2019.06.017

M3 - Article

AN - SCOPUS:85068597013

VL - 144

SP - 79

EP - 101

JO - Journal of Network and Computer Applications

JF - Journal of Network and Computer Applications

SN - 1084-8045

ER -