A model to enable application-scoped access control as a service for IoT using OAuth 2.0

Fernández Moreno, Federico Alonso and Alonso González, Álvaro and Marcos Pascual, Lourdes and Salvachúa Rodríguez, Joaquín (2017). A model to enable application-scoped access control as a service for IoT using OAuth 2.0. In: "20th Conference on Innovations in Clouds, Internet and Networks (ICIN 2017)", 07/03/2017 - 09/03/2017, Paris, France. pp. 322-324. https://doi.org/10.1109/ICIN.2017.7899433.

Description

Title: A model to enable application-scoped access control as a service for IoT using OAuth 2.0
Author/s:
  • Fernández Moreno, Federico Alonso
  • Alonso González, Álvaro
  • Marcos Pascual, Lourdes
  • Salvachúa Rodríguez, Joaquín
Item Type: Presentation at Congress or Conference (Article)
Event Title: 20th Conference on Innovations in Clouds, Internet and Networks (ICIN 2017)
Event Dates: 07/03/2017 - 09/03/2017
Event Location: Paris, France
Title of Book: 20th Conference on Innovations in Clouds, Internet and Networks (ICIN 2017)
Date: 2017
Subjects:
Faculty: E.T.S.I. Telecomunicación (UPM)
Department: Ingeniería de Sistemas Telemáticos [hasta 2014]
Creative Commons Licenses: Recognition - No derivative works - Non commercial

Full text

[img]
Preview
PDF - Requires a PDF viewer, such as GSview, Xpdf or Adobe Acrobat Reader
Download (204kB) | Preview

Abstract

Access Control is crucial for security management, but in the context of the Internet of Things it cannot be implemented the same way as traditional systems do. Indeed, devices that make the Internet of Things impose some constraints that encourage the design of new access control mechanisms, which should provide flexibility of configuration, as well as support several authorization scopes at the same time, yet being computationally light, dynamic and scalable in order to be ready for the forthcoming Cloud Computing paradigm. In this paper we propose an authorization model that is based on the OAuth 2.0 protocol. From the point of view of the identity provider, this model allows managing roles and permissions for an application-scoped authorization, to enable more flexible scenarios in which multiple tenants take part. With regard to devices, the OAuth 2.0 makes authorization extremely light, because all the required information is provided with a token. Considering all this, authorization management is completely delegated to an external system, so that an as-a-service access control mechanism is provided. The proposed model complies with the security, flexibility and performance requirements that are needed in the Internet of Things paradigm.

More information

Item ID: 50197
DC Identifier: http://oa.upm.es/50197/
OAI Identifier: oai:oa.upm.es:50197
DOI: 10.1109/ICIN.2017.7899433
Official URL: https://ieeexplore.ieee.org/document/7899433/
Deposited by: Memoria Investigacion
Deposited on: 12 Sep 2018 15:38
Last Modified: 12 Sep 2018 15:38
  • Logo InvestigaM (UPM)
  • Logo GEOUP4
  • Logo Open Access
  • Open Access
  • Logo Sherpa/Romeo
    Check whether the anglo-saxon journal in which you have published an article allows you to also publish it under open access.
  • Logo Dulcinea
    Check whether the spanish journal in which you have published an article allows you to also publish it under open access.
  • Logo de Recolecta
  • Logo del Observatorio I+D+i UPM
  • Logo de OpenCourseWare UPM