Scalable and secure authorization of smart things is of the crucial essence for the successful deployment of the Internet of Things (IoT). Unauthorized access to smart things could exacerbate the security and privacy concern, which could, in turn, lead to the reduced adoption of the IoT, and ultimately to the emergence of severe threats. Even though there are a variety of IoT solutions for secure authorization, authorization schemes in highly dynamic distributed environments remain a daunting challenge. Access rights can dynamically change due to the heterogeneous nature of shared IoT devices and, thus, the identity and access control management are challenging. This survey provides a comprehensive comparative analysis of the current state-of-the-art IoT authorization schemes to highlight their strengths and weaknesses. Then, it defines the most important requirements and highlights the authorization threats and weaknesses impacting authorization in the IoT. Finally, the survey presents the ongoing open authorization challenges and provides recommendations for future research.

Authorization schemes for internet of things: requirements, weaknesses, future challenges and trends / A. Khan, A. Ahmad, M. Ahmed, J. Sessa, M. Anisetti. - In: COMPLEX & INTELLIGENT SYSTEMS. - ISSN 2199-4536. - 8:5(2022 Oct), pp. 3919-3941. [10.1007/s40747-022-00765-y]

Authorization schemes for internet of things: requirements, weaknesses, future challenges and trends

J. Sessa
;
M. Anisetti
Ultimo
2022

Abstract

Scalable and secure authorization of smart things is of the crucial essence for the successful deployment of the Internet of Things (IoT). Unauthorized access to smart things could exacerbate the security and privacy concern, which could, in turn, lead to the reduced adoption of the IoT, and ultimately to the emergence of severe threats. Even though there are a variety of IoT solutions for secure authorization, authorization schemes in highly dynamic distributed environments remain a daunting challenge. Access rights can dynamically change due to the heterogeneous nature of shared IoT devices and, thus, the identity and access control management are challenging. This survey provides a comprehensive comparative analysis of the current state-of-the-art IoT authorization schemes to highlight their strengths and weaknesses. Then, it defines the most important requirements and highlights the authorization threats and weaknesses impacting authorization in the IoT. Finally, the survey presents the ongoing open authorization challenges and provides recommendations for future research.
Access control; Security attacks; Security threat
Settore INF/01 - Informatica
ott-2022
19-mag-2022
Article (author)
File in questo prodotto:
File Dimensione Formato  
s40747-022-00765-y.pdf

accesso aperto

Tipologia: Publisher's version/PDF
Dimensione 761.57 kB
Formato Adobe PDF
761.57 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/952623
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 22
  • ???jsp.display-item.citation.isi??? 9
social impact