Access control in Internet-of-Things: a survey

Sowmya Ravidas (Corresponding author), Alexios Lekidis, Federica Paci, Nicola Zannone

Research output: Contribution to journalArticleAcademicpeer-review

106 Citations (Scopus)
2 Downloads (Pure)


The Internet of Things (IoT) is an emerging technology that is revolutionizing the global economy and society. IoT enables a collaborative environment where different entities – devices, people and applications – exchange information for service provision. Despite the benefits that IoT technology brings to individuals, society and industry, its wide adoption opens new security and privacy challenges. Among them, a vital challenge is the protection of devices and resources produced within IoT ecosystems. This need has attracted growing attention from the research community and industry, and several authorization frameworks have been designed specifically for IoT. In this survey, we investigate the main trends in access control in IoT and perform an extensive analysis of existing authorization frameworks tailored to IoT systems. Driven by the needs of representative IoT applications and key requirements for IoT, we elicit the main requirements that authorization frameworks for IoT should satisfy along with criteria for their assessment. These criteria and requirements form a baseline for our literature study. Based on this study, we identify the main open issues in the field of access control for IoT and draw directions for future research.

Original languageEnglish
Pages (from-to)79-101
Number of pages23
JournalJournal of Network and Computer Applications
Publication statusPublished - 15 Oct 2019


  • Access control
  • IoT
  • Literature study


Dive into the research topics of 'Access control in Internet-of-Things: a survey'. Together they form a unique fingerprint.

Cite this