Abstract
We examine the use of Federated Identity and Access Management (FIAM) approaches for the Internet of Things (IoT). We look at specific challenges that devices, sensors and actuators have, and look for approaches to address them. OAuth is a widely deployed protocol - built on top of HTTP - for applying FIAM to Web systems. We explore the use of OAuth for IoT systems that instead use the lightweight MQTT 3.1 protocol. In order to evaluate this area, we built a prototype that uses OAuth 2.0 to enable access control to information distributed via MQTT. We evaluate the results of this prototyping activity, and assess the strengths and weaknesses of this approach, and the benefits of using the FIAM approaches with IoT and Machine to Machine (M2M) scenarios. Finally we outline areas for further research.
Original language | English |
---|---|
Title of host publication | 2014 International Workshop on Secure Internet of Things (SIoT) |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 10-17 |
ISBN (Electronic) | 978-1-4799-7907-3 |
DOIs | |
Publication status | Published - 12 Mar 2015 |
Event | 3rd International Workshop on the Secure IoT - Wroclaw, Poland Duration: 10 Sept 2014 → 10 Sept 2014 |
Workshop
Workshop | 3rd International Workshop on the Secure IoT |
---|---|
Country/Territory | Poland |
City | Wroclaw |
Period | 10/09/14 → 10/09/14 |
Keywords
- IoT
- Internet of Things
- Computer Network Security
- security
- Federated Identity
- Access Management