Investigation of Access Control for Internet of Things: Service-Level Role-Based Access Control

Internet of Things (IoT) is basically a system of inter-related computing devices on a network which perform data collection and exchange of real world properties. The major developments witnessed in IoT are mainly within companies, industries, a home environment etc. To increase the scalability of IoT, various security concerns need to be overcome. IoT devices are mostly resource constrained. Complicated network produces potential vulnerabilities referred to heterogeneous devices, sensors and backend systems. So, to realize the dream of internet of things, security is to be ensured for device to device communication. Though IoT has security mechanisms at the network and device level through identification management, it is safer to have a per-service level specific access control based on the “Roles of Things” to attribute for confidentiality and Integrity. This paper presents the current security practices and puts forth the future scope of improvement in fine tuning service level access control.

[1]  Dogan Ibrahim,et al.  Security of the Internet of Things: An Overview , 2016, ICCIS '16.

[2]  Mohsin B. Tamboli,et al.  Secure and efficient CoAP based authentication and access control for Internet of Things (IoT) , 2016, 2016 IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT).

[3]  Hoan-Suk Choi,et al.  RISE: Role-based internet of things service environment , 2016, 2016 Eighth International Conference on Ubiquitous and Future Networks (ICUFN).

[4]  Jerker Delsing,et al.  An authentication and access control framework for CoAP-based Internet of Things , 2014, IECON 2014 - 40th Annual Conference of the IEEE Industrial Electronics Society.

[5]  Michele Zorzi,et al.  Web Services for the Internet of Things through CoAP and EXI , 2011, 2011 IEEE International Conference on Communications Workshops (ICC).

[6]  Imran A. Zualkernan,et al.  Internet of things (IoT) security: Current status, challenges and prospective measures , 2015, 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST).

[7]  D. Richard Kuhn,et al.  Adding Attributes to Role-Based Access Control , 2010, Computer.

[8]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.