Access Control and Authentication in the Internet of Things Environment

Abstract

This chapter focuses on access control, authentication techniques, and their related aspects with respect to the Internet of Things (IoT). Access control is for managing interaction and communication between users and systems. Authentication is a way of proving the identity of an entity and implemented on various layers of the IoT framework, e.g., physical or perception layer, transportation, and application layer. In the context of IoT, access control and authentication must address the issues of heterogeneity and scalability in addition to the energy and efficiency issues. The primary focus of this chapter is to target the connectivity of IoT devices. We start with the description of communication architecture of IoT, keeping security concerns in mind. For detailed comprehension, security aspects are discussed for each layer of IoT including RFID and sensor networks to traditional server-based computing. To understand the requirements of IoT systems, we compare the IoT paradigm with traditional ubiquitous computing models. Focusing on the connectivity between devices and connectivity with fixed server/cloud-based servers is the main aim of this chapter. In this context, the emphasis is on detailing and evaluating the state of the art of access and control mechanisms. To help the reader to address the significant research problems in the area, we have included open research directions related to authentication and access control mechanisms in the IoT.