IDEAS home Printed from https://ideas.repec.org/a/gam/jftint/v9y2017i4p64-d115231.html
   My bibliography  Save this article

IAACaaS: IoT Application-Scoped Access Control as a Service

Author

Listed:
  • Álvaro Alonso

    (Departamento de Ingeniería de Sistemas Telemáticos, Universidad Politécnica de Madrid, 28040 Madrid, Spain)

  • Federico Fernández

    (Departamento de Ingeniería de Sistemas Telemáticos, Universidad Politécnica de Madrid, 28040 Madrid, Spain)

  • Lourdes Marco

    (Departamento de Ingeniería de Sistemas Telemáticos, Universidad Politécnica de Madrid, 28040 Madrid, Spain)

  • Joaquín Salvachúa

    (Departamento de Ingeniería de Sistemas Telemáticos, Universidad Politécnica de Madrid, 28040 Madrid, Spain)

Abstract

access control is a key element when guaranteeing the security of online services. However, devices that make the Internet of Things have some special requirements that foster new approaches to access control mechanisms. Their low computing capabilities impose limitations that make traditional paradigms not directly applicable to sensors and actuators. In this paper, we propose a dynamic, scalable, IoT-ready model that is based on the OAuth 2.0 protocol and that allows the complete delegation of authorization, so that an as a service access control mechanism is provided. Multiple tenants are also supported by means of application-scoped authorization policies, whose roles and permissions are fine-grained enough to provide the desired flexibility of configuration. Besides, OAuth 2.0 ensures interoperability with the rest of the Internet, yet preserving the computing constraints of IoT devices, because its tokens provide all the necessary information to perform authorization. The proposed model has been fully implemented in an open-source solution and also deeply validated in the scope of FIWARE, a European project with thousands of users, the goal of which is to provide a framework for developing smart applications and services for the future Internet. We provide the details of the deployed infrastructure and offer the analysis of a sample smart city setup that takes advantage of the model. We conclude that the proposed solution enables a new access control as a service paradigm that satisfies the special requirements of IoT devices in terms of performance, scalability and interoperability.

Suggested Citation

  • Álvaro Alonso & Federico Fernández & Lourdes Marco & Joaquín Salvachúa, 2017. "IAACaaS: IoT Application-Scoped Access Control as a Service," Future Internet, MDPI, vol. 9(4), pages 1-16, October.
    • Handle: RePEc:gam:jftint:v:9:y:2017:i:4:p:64-:d:115231
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/1999-5903/9/4/64/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/1999-5903/9/4/64/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Lee, In & Lee, Kyoochun, 2015. "The Internet of Things (IoT): Applications, investments, and challenges for enterprises," Business Horizons, Elsevier, vol. 58(4), pages 431-440.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Juhani Latvakoski & Jouni Heikkinen, 2019. "A Trustworthy Communication Hub for Cyber-Physical Systems," Future Internet, MDPI, vol. 11(10), pages 1-38, October.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Leonel Jorge Ribeiro Nunes & Radu Godina & João Carlos de Oliveira Matias, 2019. "Technological Innovation in Biomass Energy for the Sustainable Growth of Textile Industry," Sustainability, MDPI, vol. 11(2), pages 1-12, January.
    2. Nino Paresashvili & Maia Nikvashvili, 2019. "Career Management Peculiarities in Educational Institutions," European Journal of Economics and Business Studies Articles, Revistia Research and Publishing, vol. 5, January -.
    3. Athanasios Tsipis & Asterios Papamichail & Ioannis Angelis & George Koufoudakis & Georgios Tsoumanis & Konstantinos Oikonomou, 2020. "An Alertness-Adjustable Cloud/Fog IoT Solution for Timely Environmental Monitoring Based on Wildfire Risk Forecasting," Energies, MDPI, vol. 13(14), pages 1-35, July.
    4. Bent Flyvbjerg & Alexander Budzier & Jong Seok Lee & Mark Keil & Daniel Lunn & Dirk W. Bester, 2022. "The Empirical Reality of IT Project Cost Overruns: Discovering A Power-Law Distribution," Papers 2210.01573, arXiv.org.
    5. Chae, Bongsug (Kevin), 2018. "The Internet of Things (IoT): A Survey of Topics and Trends using Twitter Data and Topic Modeling," 22nd ITS Biennial Conference, Seoul 2018. Beyond the boundaries: Challenges for business, policy and society 190376, International Telecommunications Society (ITS).
    6. Bettina Freitag & Lukas Häfner & Verena Pfeuffer & Jochen Übelhör, 2020. "Evaluating investments in flexible on-demand production capacity: a real options approach," Business Research, Springer;German Academic Association for Business Research, vol. 13(1), pages 133-161, April.
    7. Akhtar, Pervaiz & Khan, Zaheer & Tarba, Shlomo & Jayawickrama, Uchitha, 2018. "The Internet of Things, dynamic data and information processing capabilities, and operational agility," Technological Forecasting and Social Change, Elsevier, vol. 136(C), pages 307-316.
    8. Li, Ying & Dai, Jing & Cui, Li, 2020. "The impact of digital technologies on economic and environmental performance in the context of industry 4.0: A moderated mediation model," International Journal of Production Economics, Elsevier, vol. 229(C).
    9. Osterrieder, Philipp & Budde, Lukas & Friedli, Thomas, 2020. "The smart factory as a key construct of industry 4.0: A systematic literature review," International Journal of Production Economics, Elsevier, vol. 221(C).
    10. Elias G. Carayannis & David F. J. Campbell, 2021. "Democracy of Climate and Climate for Democracy: the Evolution of Quadruple and Quintuple Helix Innovation Systems," Journal of the Knowledge Economy, Springer;Portland International Center for Management of Engineering and Technology (PICMET), vol. 12(4), pages 2050-2082, December.
    11. Kumar, V. & Ramachandran, Divya & Kumar, Binay, 2021. "Influence of new-age technologies on marketing: A research agenda," Journal of Business Research, Elsevier, vol. 125(C), pages 864-877.
    12. Rasha Allam & Hesham Dinana, 2021. "The Future of TV and Online Video Platforms: A Study on Predictors of Use and Interaction with Content in the Egyptian Evolving Telecomm, Media & Entertainment Industries," SAGE Open, , vol. 11(3), pages 21582440211, August.
    13. Madhukar Patil & M. Suresh, 2019. "Modelling the Enablers of Workforce Agility in IoT Projects: A TISM Approach," Global Journal of Flexible Systems Management, Springer;Global Institute of Flexible Systems Management, vol. 20(2), pages 157-175, June.
    14. Abdel Ghafar, Ahmed Ismail & Vazquez Castro, Ágeles & Essam Khedr, Mohamed, 2019. "Multidimensional Self-Organizing Chord-Based Networking for Internet of Things," 2nd Europe – Middle East – North African Regional ITS Conference, Aswan 2019: Leveraging Technologies For Growth 201736, International Telecommunications Society (ITS).
    15. Vasja Roblek & Maja Meško & Alojz Krapež, 2016. "A Complex View of Industry 4.0," SAGE Open, , vol. 6(2), pages 21582440166, June.
    16. Artur Pollak & Agata Hilarowicz & Maciej Walczak & Damian Gąsiorek, 2020. "A Framework of Action for Implementation of Industry 4.0. an Empirically Based Research," Sustainability, MDPI, vol. 12(14), pages 1-16, July.
    17. Ardito, Lorenzo & D'Adda, Diego & Messeni Petruzzelli, Antonio, 2018. "Mapping innovation dynamics in the Internet of Things domain: Evidence from patent analysis," Technological Forecasting and Social Change, Elsevier, vol. 136(C), pages 317-330.
    18. Roberto Casado-Vara & Angel Martín del Rey & Ricardo S. Alonso & Saber Trabelsi & Juan M. Corchado, 2020. "A New Stability Criterion for IoT Systems in Smart Buildings: Temperature Case Study," Mathematics, MDPI, vol. 8(9), pages 1-13, August.
    19. Mohamed Kais Msakni & Anders Risan & Peter Schütz, 2023. "Using machine learning prediction models for quality control: a case study from the automotive industry," Computational Management Science, Springer, vol. 20(1), pages 1-28, December.
    20. Lee, In & Shin, Yong Jae, 2018. "Fintech: Ecosystem, business models, investment decisions, and challenges," Business Horizons, Elsevier, vol. 61(1), pages 35-46.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:9:y:2017:i:4:p:64-:d:115231. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.