Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE

The Internet of Things (IoT) brings plenty of opportunities to enhance society’s activities, from improving a factory’s production chain to facilitating people’s household tasks. However, it has also brought new security breaches, compromising privacy and authenticity. IoT devices are vulnerable to...

Full description

Saved in:
Bibliographic Details
Published in:Sensors (Basel, Switzerland) Switzerland), 2020-08, Vol.20 (15), p.4341
Main Authors: Pozo, Alejandro, Alonso, Álvaro, Salvachúa, Joaquín
Format: Article
Language:English
Subjects:
Access control
Application programming interface
CoAP
Computer architecture
Data models
Design
Hypertext
identity management
Internet of Things
IoT
OAuth 2.0
Protocol
Protocol (computers)
security
Security management
Sensors
Smart buildings
Wireless communications
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The Internet of Things (IoT) brings plenty of opportunities to enhance society’s activities, from improving a factory’s production chain to facilitating people’s household tasks. However, it has also brought new security breaches, compromising privacy and authenticity. IoT devices are vulnerable to being accessed from the Internet; they lack sufficient resources to face cyber-attack threats. Keeping a balance between access control and the devices’ resource consumption has become one of the highest priorities of IoT research. In this paper, we evaluate an access control architecture based on the IAACaaS (IoT application-Scoped Access Control as a Service) model with the aim of protecting IoT devices that communicate using the Publish/Subscribe pattern. IAACaaS is based on the OAuth 2.0 authorization framework, which externalizes the identity and access control infrastructure of applications. In our evaluation, we implement the model using FIWARE Generic Enablers and deploy them for a smart buildings use case with a wireless communication. Then, we compare the performance of two different approaches in the data-sharing between sensors and the Publish/Subscribe broker, using Constrained Application Protocol (CoAP) and Hypertext Transfer Protocol (HTTP) protocols. We conclude that the integration of Publish/Subscribe IoT deployments with IAACaaS adds an extra layer of security and access control without compromising the system’s performance.
ISSN:1424-8220
1424-8220
DOI:10.3390/s20154341