Skip to main content
SpringerLink
Log in

Access Control and Authentication in the Internet of Things Environment

  • Chapter
  • First Online:
Connectivity Frameworks for Smart Devices

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

This chapter focuses on access control, authentication techniques, and their related aspects with respect to the Internet of Things (IoT). Access control is for managing interaction and communication between users and systems. Authentication is a way of proving the identity of an entity and implemented on various layers of the IoT framework, e.g., physical or perception layer, transportation, and application layer. In the context of IoT, access control and authentication must address the issues of heterogeneity and scalability in addition to the energy and efficiency issues. The primary focus of this chapter is to target the connectivity of IoT devices. We start with the description of communication architecture of IoT, keeping security concerns in mind. For detailed comprehension, security aspects are discussed for each layer of IoT including RFID and sensor networks to traditional server-based computing. To understand the requirements of IoT systems, we compare the IoT paradigm with traditional ubiquitous computing models. Focusing on the connectivity between devices and connectivity with fixed server/cloud-based servers is the main aim of this chapter. In this context, the emphasis is on detailing and evaluating the state of the art of access and control mechanisms. To help the reader to address the significant research problems in the area, we have included open research directions related to authentication and access control mechanisms in the IoT.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Gartner (2015), Gartner Says a thirty-fold increase in internet-connected physical devices by 2020 will significantly alter how the supply chain operates. http://www.gartner.com/newsroom/id/2688717. Accessed 12 June 2015

  2. Holler J, Tsiatsis V, Mulligan C, et al (2014) From machine to machine to internet of things. Academic press, Elsevier, Oxford, UK

    Google Scholar 

  3. IoT (2015) IoT-ARM white paper. www.iot-a.eu. Accessed 12 June 2015

  4. ETSI (2015) ETSI technical specification v 2.1.1. http://www.etsi.org. Accessed 17 June 2015

  5. SENSEI (2015) SENSEI white papers. http://www.sensei-project.eu. Accessed 12 June 2015

  6. ITU (2015) ITU Joint Coordination Activity on Internet of Things (JCA-IoT) white papers. www.itu.int. Accessed 12 June 2015

  7. Open Geospatial Consortium (20115) Open geospatial consortium architecture. www.opengeospatial.org/pub/www/saa/saa_architecture.html. Accessed 17 June 2015

  8. RFID (2015) RFIDs uniform coding. http://www.epc-rfid.info/tbd-1. Accessed 15 June 2015

  9. Matt B, Joan F, John I, Angelos DK (2015) Trust management. http://www.cs.yale.edu/~jf/BFIK-SIP.pdf. Accessed 15 June 2015

  10. Thales, (2015), Key management. https://www.thales-esecurity.com/solutions/by-technology-focus/key-management. Accessed 12 June 2015

  11. Jing Q, Athanasios V et al (2014) Security of the internet of things: perspective and challenges. Wirel Netw 20(8):2481–2501, Springer US

    Article  Google Scholar 

  12. Thales (2015) Hardware based scheme. https://www.thales-esecurity.com/products-and-services/products-and-services/hardware-security-modules. Accessed 12 June 2015

  13. Granjal J, Monteiro E, De Silva J (2013) Security issues and wireless M2M systems, Wireless Networks and Security. Springer, Heidelberg, pp 133–164

    Google Scholar 

  14. Trung N (2015) A survey of WiMAX security threats project report. http://www.cse.wustl.edu/~jain/cse571-09/ftp/wimax2/. Accessed 17 June 2015

  15. Stephen N (2015) Traffic analysis. http://www.sans.edu/research/security-laboratory/article/traffic-analysis. Accessed 12 June 2015

  16. Dunkels A, Alonso J, Voigt T and Ritter H (2004) Distributed TCP caching for wireless sensor networks. Proceedings of 2004 modeling and optimization in mobile, Ad Hoc and wireless Networks, Cambridge, UK

    Google Scholar 

  17. Iyer YG, Gandham S, Venkatesan S (2005) STCP: a generic transport layer protocol for wireless sensor networks. Proceedings of 14th International Conference ICCCN 2005, pp 449–454

    Google Scholar 

  18. Yusung K, Kilnam C, Lisong XU (2008) Adjusting the aggregate throughput of parallel TCP flows without central coordination. IEICE Trans Commun 5:1615–1618, E91-B

    Google Scholar 

  19. Wan CY, Campbell AT, Krishnamurthy L (2005) Pump-slowly, fetch-quickly (PSFQ): a reliable transport protocol for sensor networks. IEEE J Sel Areas Commun 23(4):862–872

    Article  Google Scholar 

  20. Shelby Z, Hartke K, Bormann C (2014) The Constrained Application Protocol (CoAP), request for comments: 7252. Internet Engineering Task Force (IETF)

    Google Scholar 

  21. Stankovic JA (2014) Research directions for the internet of things. IEEE J Internet Things 1(1):3–9

    Article  Google Scholar 

  22. Sun K, Yin L (2014) Attribute-role-based hybrid access control in the internet of things. In: Proceedings of workshop on APWeb 2014. Changsha, China, Springer LNCS 8710, pp 333–343

    Google Scholar 

  23. Mahalle PN, Anggorojati B et al (2014) Identity establishment and capability Based access control scheme for internet of things. In: Proceedings of 2009 12th international symposium on Wireless Personal Multimedia Communications (WPMC), Sendai, Japan, pp 187–191

    Google Scholar 

  24. Liu J, Xiao Y, Philip CL (2012) Authentication and access control in the internet of things. In: Proceedings of 2012 32nd International conference on distributed computing systems workshops, Macau, China, pp 588–592

    Google Scholar 

  25. Zhang G, Tian J (2010) An extended role based access control model for the internet of things. In: Proceedings of 2010 International Conference on Information, Networking and Automation (ICINA), Kunming, China, vol 1, pp 319–323

    Google Scholar 

  26. Fremantle P, Aziz B et al. (2014) Federated identity and access management for the internet of things. In: Proceedings of 2014 I.E. international workshop on secure internet of things, Wroclaw, Poland, pp 10–17

    Google Scholar 

  27. Sitenkov D (2014) Access control in the internet of things. Master’s thesis; SICS

    Google Scholar 

  28. Liu L, Yin L et al (2014) EAC: a framework of authentication property for the IoTs. In: Proceedings of 2014 international conference on cyber-enabled distributed computing and knowledge discovery, Shanghai, China, pp 102–105

    Google Scholar 

  29. Pereira PP, Eliasson J, Delsing J (2014) An authentication and access control framework for CoAP-based internet of things. Proc 40th 2014 IECON, Dallas, US, pp 5293–5299

    Google Scholar 

  30. Mituca A, Moin HA, Prehofer C (2014) Access control for apps running on constrained devices in the internet of things. In: Proceedings of 2014 international workshop on secure internet of things, pp 1–9

    Google Scholar 

  31. Thuan DV, Butkus P, Thanh DV (2014) A user centric identity management for internet of things. In: Proceedings of 2014 international conference on IT convergence and security, pp 1–4

    Google Scholar 

  32. Banerjee D, Dong B et al (2014) Privacy-preserving channel access for internet of things. IEEE Internet Things J 1(5):430–445

    Article  Google Scholar 

  33. Hummen R, Shafagh H et al. (2014) Delegation based authentication and authorization for the IP-based internet of things. In: Proceedings of 2014 I.E. international conference on Sensing, Communication and Networking (SECON), pp 284–292

    Google Scholar 

  34. Gerdes S, Bergmann O, Bormann C (2014) Delegated authentication authorization for constrained environments. In: Proceedings of IEEE 22nd international conference on network protocols, pp 654–659

    Google Scholar 

  35. Ning H, Liu H, Yang TL (2013) Aggregated-proof based hierarchical authentication scheme for the internet of things. IEEE Trans Parallel Distrib Syst 26(3):657–667

    Article  Google Scholar 

  36. Hernandez-Ramos LJ, Pawlowski PM (2015) Toward a lightweight authentication and authorization framework for smart objects. IEEE J Sel Areas Commun 33(4):690–702

    Article  Google Scholar 

  37. Lai C, Li H et al (2014) CPAL: a conditional privacy-preserving authentication with access linkability for roaming service. IEEE Internet Things J 1(1):46–57

    Article  Google Scholar 

  38. Jan AM, Nanda P et al. (2014) A robust authentication scheme for observing resources in the internet of things environment. In: IEEE 13th International conference on trust, security and privacy in computing and communication, pp 205–211

    Google Scholar 

  39. Raheem A, Lasebae A, Loo J (2014) A secure authentication protocol for IP-based wireless sensor communications using the Location/ID Split Protocol (LISP). In: Proceedings of IEEE 13th international conference on trust, security and privacy in computing and communication, pp 840–845

    Google Scholar 

  40. Pawlowski PM, Jara JA and Ogorzalek JM et al. (2015) EAP for IoT:more efficient transport of authentication data- TEPANOM case study. In: Proceedings of 2015 29th international conference on advanced information networking and applications workshop, pp 694–699

    Google Scholar 

  41. Druml N, Menghin M, et al (2014) A flexible and lightweight ECC-based authentication solution for resource constrained systems. In: Proceeding of 2014 17th Euromicro conference on digital system design, pp 372–378

    Google Scholar 

  42. Schukat M, Flood P (2014) Zero-knowledge proofs in M2M communication. In: Proceedings of ISSC 2014/CHCT 2014, pp 269–273

    Google Scholar 

  43. Flood P, Schukat M (2014) Peer to peer authentication for small embedded systems. In: Proceedings of 10th international conference on digital technology, pp 68–72

    Google Scholar 

  44. Porambage P, Schmitt C et al (2014) Two phase authentication protocol for wireless sensor networks in distributed IoT applications. In: Proc IEEE WCNC 2014, pp 2728–2733

    Google Scholar 

  45. Yao X, Han X et al (2013) A lightweight multicast authentication mechanism for small scale IoT applications. IEEE Sensors J 13(10):3693–3701

    Article  Google Scholar 

  46. Kothmayr T, Schmitt C et al (2012) A DTLS based end-to-end security architecture for the internet of things with two-way authentication. In: Proceedings of 2012 37th local computer network workshop, pp 956–963

    Google Scholar 

  47. Lee JY, Lin W, Huang Y (2014) A lightweight authentication protocol for internet of things. In: Proceedings of 2014 international symposium on next generation electronics, pp 1–2

    Google Scholar 

  48. Mahalle NP, Prasad RN, Prased R (2014) Threshold cryptography based group authentication scheme for internet of things. In: Proceedings of 2014 4th international conference on aerospace & electronic systems, pp 1–5

    Google Scholar 

  49. Adiga BS, Balamuralidhar P et al. (2012) An identity based encryption using Elliptic curve cryptography for secure M2M communication. In: Proceedings of 2012 SecurIT, pp 68–74

    Google Scholar 

  50. Liao Y, Hsiao C (2013) A secure ECC-based RFID authentication scheme using hybrid protocols. Adv Intell Syst Appl 2(21):1–13

    Article  Google Scholar 

  51. Liao Y, Hsiao C (2014) A secure ECC-based RFID authentication scheme integrated with ID-verifier transfer protocol. Ad Hoc Netw 18:133–146

    Article  Google Scholar 

  52. Chou J (2014) An efficient mutual authentication RFID scheme based on elliptic curve cryptography. J Supercomput 70(1):75–94

    Article  Google Scholar 

  53. Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. Comput Netw 57:2266–2279

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Central University of Rajasthan, Ajmer, India

    Aditya Kaushal Ranjan & Gaurav Somani

Authors
  1. Aditya Kaushal Ranjan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gaurav Somani
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aditya Kaushal Ranjan .

Editor information

Editors and Affiliations

  1. Department of Computing and Mathematics, University of Derby, Derby, Derbyshire, United Kingdom

    Zaigham Mahmood

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Ranjan, A.K., Somani, G. (2016). Access Control and Authentication in the Internet of Things Environment. In: Mahmood, Z. (eds) Connectivity Frameworks for Smart Devices. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-33124-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-33124-9_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-33122-5

  • Online ISBN: 978-3-319-33124-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation