{"title":"Enhanced Authentication for Decentralized IoT Access Control Architecture","authors":"Jeong Hwa Kang, Minhye Seo","doi":"10.3390/cryptography7030042","DOIUrl":null,"url":null,"abstract":"The internet of things (IoT) enables a hyperconnected society, offering intelligent services and convenience through various connections between people, objects, and services. However, the current state of the IoT still faces limitations in security. Security issues in the IoT are of significant concern, leading to the proposal of numerous security frameworks and solutions to address these challenges. Authentication and authorization are crucial security requirements in the IoT environment, considering the potential risks posed by inadequate authentication and incorrect authorization. To comprehensively mitigate these issues, we presents a novel IoT access control architecture in this paper. The proposed architecture leverages the OAuth framework for authorization and the decentralized identity technology to enhance the authentication and authorization processes.","PeriodicalId":36072,"journal":{"name":"Cryptography","volume":null,"pages":null},"PeriodicalIF":1.8000,"publicationDate":"2023-08-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cryptography","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.3390/cryptography7030042","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The internet of things (IoT) enables a hyperconnected society, offering intelligent services and convenience through various connections between people, objects, and services. However, the current state of the IoT still faces limitations in security. Security issues in the IoT are of significant concern, leading to the proposal of numerous security frameworks and solutions to address these challenges. Authentication and authorization are crucial security requirements in the IoT environment, considering the potential risks posed by inadequate authentication and incorrect authorization. To comprehensively mitigate these issues, we presents a novel IoT access control architecture in this paper. The proposed architecture leverages the OAuth framework for authorization and the decentralized identity technology to enhance the authentication and authorization processes.
物联网(internet of things, IoT)通过人、物、服务之间的各种连接,实现超连接社会,提供智能服务和便利。然而,物联网的现状仍然面临着安全方面的限制。物联网中的安全问题备受关注,因此提出了许多安全框架和解决方案来应对这些挑战。考虑到不充分的身份验证和不正确的授权所带来的潜在风险,身份验证和授权是物联网环境中至关重要的安全需求。为了全面缓解这些问题,我们在本文中提出了一种新的物联网访问控制架构。所建议的体系结构利用OAuth框架进行授权,并利用分散身份技术增强身份验证和授权过程。