Access Control for the Internet of Things

As we are moving from networked "Things" towards the Internet of Things (IoT), new security requirements arise. Access control in this new environment is a burgeoning and challenging problem. On the one hand, an access control system should be generic enough to cover the equirements of all...

Full description

Saved in:
Bibliographic Details
Published in2016 International Workshop on Secure Internet of Things (SIoT) pp. 29 - 38
Main Authors Fotiou, Nikos, Kotsonis, Theodore, Marias, Giannis F., Polyzos, George C.
Format Conference Proceeding
LanguageEnglish
Published IEEE 2016
Subjects
Access control
Authentication
Encryption
Internet of Things
Privacy
Protocols
Online AccessGet full text

Cover

More Information
Summary:As we are moving from networked "Things" towards the Internet of Things (IoT), new security requirements arise. Access control in this new environment is a burgeoning and challenging problem. On the one hand, an access control system should be generic enough to cover the equirements of all the new exciting applications that become pervasive with the IoT. On the other hand, an access control system should be lightweight and easily implementable, considering at the same time the restrictions that Things impose. In this paper, we develop an access control system which enables offloading of complex access control decisions to third, trusted parties. Our system provides Thing authentication without public keys and establishes a shared symmetric encryption key that can be used to secure the communication between authorized users and Things. Our design imposes minimal overhead and it is based on a simple communication protocol. He resulting system is secure, enhances end-user privacy and the architecture facilitates the creation of new applications.
DOI:10.1109/SIoT.2016.010