Access Control Schemes for Machine to Machine Communication in IoT: Comparative Analysis and Discussion

The ubiquitous access to devices and resources brings revolution to our lifestyle. But at the same time, we are facing various challenges and issue due to weak security and access control policies. In this paper, we have studied various access control policies which are implemented in a wide variety of applications but these mechanisms are unable to fulfill the requirement of Internet of Things (IoT) services. In gap analysis, we have identified crucial factors like privacy, scalability, usability, trust, and heterogeneity and based on these factors we have done a comparative study of various access control methods. Furthermore, we have proposed a scalable framework for trust-based access control. The proposed mathematical model addresses the various aspects for the development of a trust management framework.

[1]  K. Cameron The Laws of Identity , 2005 .

[2]  Guoping Zhang,et al.  An extended role based access control model for the Internet of Things , 2010, 2010 International Conference on Information, Networking and Automation (ICINA).

[3]  Cheng Cheng,et al.  Access Control Method for Web of Things Based on Role and SNS , 2012, 2012 IEEE 12th International Conference on Computer and Information Technology.

[4]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[5]  Ramjee Prasad,et al.  Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT , 2013 .

[6]  Guoping Zhang,et al.  The Research of Access Control Based on UCON in the Internet of Things , 2011, J. Softw..

[7]  Ramjee Prasad,et al.  Identity establishment and capability based access control (IECAC) scheme for Internet of Things , 2012, The 15th International Symposium on Wireless Personal Multimedia Communications.

[8]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[9]  Daniel Mossé,et al.  Seamless Integration of Heterogeneous Devices and Access Control in Smart Homes , 2012, 2012 Eighth International Conference on Intelligent Environments.

[10]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[11]  Benjamin Aziz,et al.  Federated Identity and Access Management for the Internet of Things , 2014, 2014 International Workshop on Secure Internet of Things.

[12]  Rajendra K. Raj,et al.  Secure Access Control for Health Information Sharing Systems , 2013, 2013 IEEE International Conference on Healthcare Informatics.

[13]  Antonio F. Gómez-Skarmeta,et al.  DCapBAC: embedding authorization logic into smart things through ECC optimizations , 2016, Int. J. Comput. Math..