Federated Identity and Access Management for the Internet of Things

Paul Fremantle, Benjamin Aziz, Jack Kopecky, Philip Scott

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2203 Downloads (Pure)

Abstract

We examine the use of Federated Identity and Access Management (FIAM) approaches for the Internet of Things (IoT). We look at specific challenges that devices, sensors and actuators have, and look for approaches to address them. OAuth is a widely deployed protocol - built on top of HTTP - for applying FIAM to Web systems. We explore the use of OAuth for IoT systems that instead use the lightweight MQTT 3.1 protocol. In order to evaluate this area, we built a prototype that uses OAuth 2.0 to enable access control to information distributed via MQTT. We evaluate the results of this prototyping activity, and assess the strengths and weaknesses of this approach, and the benefits of using the FIAM approaches with IoT and Machine to Machine (M2M) scenarios. Finally we outline areas for further research.
Original languageEnglish
Title of host publication2014 International Workshop on Secure Internet of Things (SIoT)
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages10-17
ISBN (Electronic)978-1-4799-7907-3
DOIs
Publication statusPublished - 12 Mar 2015
Event3rd International Workshop on the Secure IoT - Wroclaw, Poland
Duration: 10 Sept 201410 Sept 2014

Workshop

Workshop3rd International Workshop on the Secure IoT
Country/TerritoryPoland
CityWroclaw
Period10/09/1410/09/14

Keywords

  • IoT
  • Internet of Things
  • Computer Network Security
  • security
  • Federated Identity
  • Access Management

Fingerprint

Dive into the research topics of 'Federated Identity and Access Management for the Internet of Things'. Together they form a unique fingerprint.

Cite this