An Authentication and Access Control Framework for CoAP-based Internet of Things
2015 (English)In: IECON 2014: 40th Annual Conference of the IEEE Industrial Electronics Society, Dallas, TX, USA , Oct. 29 2014 - Nov. 1 2014, Piscataway, NJ: IEEE Communications Society, 2015, 5293-5299 p.Conference paper (Refereed)
Internet of Things (IoT) and Cyber-physical Systems (CPS) are two very hot research topics today, and more and more products are starting to appear on the market. Research has shown that the use of Service Oriented Architecture (SOA) can enable distributed application and devices to device com- munication, even on very resource constrained devices, and thus play an important role for IoT and CPS.In order to realize the vision of Internet of Things, communica- tion between devices must be secured. Security mechanisms for resource constrained devices has attracted much interest from the academic community, where research groups have shown solutions like IPsec, VPN-tunnels, (D)TLS, etc. are feasible to use on this type of networks. However, even though the use of well- known security mechanisms are vital for SOA-based IoT/CPS networks and systems to be protected, they do not provide any fine-grain access control.In this paper, a CoAP-based framework for service-level access control on low-power devices is presented. The framework allows fine grain access control on a per service and method basis. For example, by using this approach a device can allow read/write access to its services to one group of users while only allowing read access to another group. Users without the right credentials are not even allowed to discover available services. To demonstrate the validity of the proposed approach, several implementations are presented together with test results.The aim is to provide a holistic framework for secure SOA- based low power networks comprise by resource constrain devices.
Place, publisher, year, edition, pages
Piscataway, NJ: IEEE Communications Society, 2015. 5293-5299 p.
Research subject Industrial Electronics
IdentifiersURN: urn:nbn:se:ltu:diva-32899DOI: 10.1109/IECON.2014.7049308Local ID: 78d95c1a-4181-49e8-bb9c-6f97cca4ca89ISBN: 9781479940325 (PDF)OAI: oai:DiVA.org:ltu-32899DiVA: diva2:1006133
Annual Conference of the IEEE Industrial Electronics Society : 29/10/2014 - 01/11/2014
Godkänd; 2015; 20140625 (pabpun)2016-09-302016-09-30Bibliographically approved