Abstract
Internet growth has generated new types of services where the use of sensors and actuators is especially remarkable. These services compose what is known as the Internet of Things (IoT). One of the biggest current challenges is obtaining a safe and easy access control scheme for the data managed in these services. We propose integrating IoT devices in an access control system designed for Web-based services by modelling certain IoT communication elements as resources. This would allow us to obtain a unified access control scheme between heterogeneous devices (IoT devices, Internet-based services, etc.). To achieve this, we have analysed the most relevant communication protocols for these kinds of environments and then we have proposed a methodology which allows the modelling of communication actions as resources. Then, we can protect these resources using access control mechanisms. The validation of our proposal has been carried out by selecting a communication protocol based on message exchange, specifically Message Queuing Telemetry Transport (MQTT). As an access control scheme, we have selected User-Managed Access (UMA), an existing Open Authorization (OAuth) 2.0 profile originally developed for the protection of Internet services. We have performed tests focused on validating the proposed solution in terms of the correctness of the access control system. Finally, we have evaluated the energy consumption overhead when using our proposal.
Highlights
Internet-based services have evolved fast in the last decade, encouraging the creation of new technologies and the development of existing ones
[49] offer proprietary platforms which include mechanisms for communications, authentication, and authorization in Internet of Things (IoT) scenarios. These solutions propose the integration of all these services in a single platform, which limits the interoperability with other systems
We present the results obtained after testing our prototype implementation, following the goals defined in the Section 4.1
Summary
Internet-based services have evolved fast in the last decade, encouraging the creation of new technologies and the development of existing ones. Parallel to the growth of Internet-based services, the interconnection of devices, sensors, and other objects has resulted in the Internet of Things (IoT) paradigm [2]. The main design goal in this context has been keeping communications as lightweight as possible, given the constraints of the involved devices in terms of autonomy, memory, computational capabilities, etc., and of the underlying networks [3]. Because of this, these protocols prioritized characteristics such as simplicity
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
