Skip to main content
SpringerLink
Log in

Instinctive and Effective Authorization for Internet of Things

  • Conference paper
  • First Online:
Proceedings of Second International Conference on Computing, Communications, and Cyber-Security

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 203))

Abstract

Internet of Things (IoT) is currently deployed across applications, most of them connected to the Internet or at least connected to a gateway (superior processing capabilities) which is in turn connected to the Internet. The wireless sensor networks (WSNs) refer to a group of spatially dispersed and dedicated sensors for monitoring or recording data and collecting the same in a centralized location. Much research has been done to address the problem of security arising due to concern of authentication, avoidance of DOS attacks, identity hijacking, spoofing, etc. Some even went in depth to address issues related to authentication in a heterogeneous environment, i.e., solves authentication among devices of different make and model deployed in different networks and still trying to connect, addressing multiple authentication or certification (chain of) authorities. However, much less of research has focused on trying to address the true identity of the device. This paper proposes a scheme in post-authentication to explore and validate the identity of the device and later take a decision that needs to be done as necessary for the dynamic authorization phase. Here, we propose the post-authentication using dynamic authorization—Nonce (one-time credential) for a device which is not associated nor owned by system to perform limited use privilege operation on sensitive resource.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cooper D, Santesson S, Farrell S, Boeyen S, Housley R, Polk W (2008) Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile RFC 5280

    Google Scholar 

  2. Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of things (IoT): a vision architectural elements and future directions. Futur Gener Comput Syst 29(7):1645–1660

    Article  Google Scholar 

  3. Pacheco J, Hariri S (2016) IoT Security framework for smart cyber infrastructures. In: IEEE 1st International workshops on foundations and applications of self* systems (FAS*W). pp 242–247

    Google Scholar 

  4. Olesia V, Leonid Kupershtein, Olga Shulyatitska, Viktor Malyushytskyy, The authentication method in wireless sensor networks based on trust model. In: IEEE first Ukraine conference on electrical and computer engineering (UKRCON), pp 993–997

    Google Scholar 

  5. Porambage P, Schmitt C, Gurtov A, Gerdes S (2014) PAuthKey: A pervasive authentication protocol and key establishment scheme for wireless sensor networks in distributed IoT applications. Int J Distrib Sens Netw (357430)

    Google Scholar 

  6. Kim H (2017) Securing the internet of things via locally centralized, globally distributed authentication and authorization. In: EECS Department, University of California, Berkeley, Technical Report No. UCB/EECS-2017–139

    Google Scholar 

  7. Hernández-Ramos J, Pawlowski M, Jara AJ, Skarmeta A, Ladid L (2015) Toward a lightweight authentication and authorization framework for smart objects. IEEE J Sel Areas Commun 33:690–702

    Article  Google Scholar 

  8. Echeverría S, Lewis GA, Klinedinst D, Seitz L (2019) Authentication and authorization for IoT devices in disadvantaged environments. In: IEEE 5th World forum on internet of things (WF-IoT), Limerick, Ireland, pp 368–373

    Google Scholar 

  9. Mahalle PN, Anggorojati B, Prasad NR, Prasad R (2013) Identity authentication and capability-based access control (IACAC) for the internet of things. J Cyber Secur Mobil 1(4):309–348

    Google Scholar 

  10. IEEE (2011) 802.15.4–2011 IEEE Standard for local and metropolitan area networks—Part 15.4: low-rate wireless personal area networks (LR-WPANs), pp 1–314

    Google Scholar 

  11. ZigBee Specification Version 1.0, ZigBee Alliance, https://www.zigbee.org/home.aspx (2008)

  12. Kushalnagar N, Montenegro G, Schumacher C (2007) IPv6 over low-power wireless personal area networks (6LoWPANs): overview assumptions problem statement and Go. RFC 4919

    Google Scholar 

  13. Shin S, Shon T, Yeh H, Kim K (2014) An effective authentication mechanism for ubiquitous collaboration in heterogeneous computing environment. Peer-To-Peer Netw Appl 7(4):612–619

    Article  Google Scholar 

  14. Liu Y, Li J, Guizani M (2012) PKC based broadcast authentication using signature amortization for WSNs. IEEE Trans Wireless Commun 11(6):2106–2115

    Article  Google Scholar 

  15. Rescorla E, Modadugu N (2006) Datagram transport layer security. In: IETF RFC 4347

    Google Scholar 

  16. Lu R, Li X, Liang X, Shen X, Lin X (2011) GRS: the green, reliability, and security of emerging machine to machine communications. IEEE Commun Mag 49(4):28–35

    Article  Google Scholar 

  17. Li CT, Hwang MS, Chu YP (2009) An efficient sensor-to sensor authenticated path-key establishment scheme for secure communications in wireless sensor networks. Int J Innov Comput Info Control 5(8):2107–2124

    Google Scholar 

  18. Icon of truck used in figure 2 made by Freepik from www.flaticon.com.

  19. Trnka M, Cerny T, Stickney N (2018) Survey of authentication and authorization for the internet of things. Hindawi Secur Commun Netw 2018(ID 4351603):1–17

    Google Scholar 

  20. Kim H, Lee EA (2017) Authentication and authorization for the internet of things. IT Professional 19(5):27–33

    Article  Google Scholar 

  21. Moosavi SR, Gia TN, Rahmani AM, Nigussie E, Virtanen S, Isoaho J, Tenhunen J (2015) SEA: a secure and efficient authentication and authorization architecture for iot-based healthcare using smart gateways procedia computer science. pp 452–459

    Google Scholar 

  22. Humayed A, Lin J, Li F, Luo B (2017) Cyber-physical systems security—a survey. IEEE Internet Things J 4(6):1802–1831

    Article  Google Scholar 

  23. Lee S-H, Huang K-W, Yang C-S (2017) TBAS: token-based authorization service architecture in internet of things scenarios. Int J Distrib Sens Netw 13

    Google Scholar 

  24. Tanwar S, Tyagi S, Kumar N (2019) Multimedia big data computing for IoT applications: concepts, paradigms and solutions. In: Intelligent systems reference library, Springer Nature Singapore Pte Ltd., Singapore, pp 1–425

    Google Scholar 

  25. Singh PK, Pawłowski W, Tanwar S, Kumar N, Rodrigues JJ, Obaidat MS (Eds) In: Proceedings of first international conference on computing, communications, and cyber-security (IC4S 2019). vol 121. Springer

    Google Scholar 

  26. Singh PK, Kar AK, Singh Y, Kolekar MH, Tanwar S (Eds) In: Proceedings of ICRIC 2019: recent innovations in computing. vol 597. Springer

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Garden City University, Bangalore, 560049, India

    Nidhi Sinha, Meenatchi Sundaram & Abhijit Sinha

Authors
  1. Nidhi Sinha
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Meenatchi Sundaram
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abhijit Sinha
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, ABES Engineering College, Ghaziabad, India

    Pradeep Kumar Singh

  2. Institute of Computer Science, Polish Academy of Sciences, Warsaw, Poland

    Sławomir T. Wierzchoń

  3. Department of Computer Science and Engineering, Institute of Technology, Nirma University, Ahmedabad, Gujarat, India

    Sudeep Tanwar

  4. Faculty of Mathematics and Information Science, Warsaw University of Technology, Warsaw, Poland

    Maria Ganzha

  5. Instituto de Telecomunicações, Federal University of Piauí (UFPI), Teresina, Piauí, Brazil

    Joel J. P. C. Rodrigues

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sinha, N., Sundaram, M., Sinha, A. (2021). Instinctive and Effective Authorization for Internet of Things. In: Singh, P.K., Wierzchoń, S.T., Tanwar, S., Ganzha, M., Rodrigues, J.J.P.C. (eds) Proceedings of Second International Conference on Computing, Communications, and Cyber-Security. Lecture Notes in Networks and Systems, vol 203. Springer, Singapore. https://doi.org/10.1007/978-981-16-0733-2_40

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-0733-2_40

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-0732-5

  • Online ISBN: 978-981-16-0733-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation