TY - JOUR
T1 - Authorization schemes for internet of things
T2 - Requirements, weaknesses, future challenges and trends
AU - Khan, Abid
AU - Ahmad, Awais
AU - Ahmed, Mansoor
AU - Sessa, Jadran
AU - Anisetti, Marco
N1 - Funding Information:
This work has received funding from European Union’s Horizon 2020 research and innovation programme under Grant Agreement No 830927, under the Marie Sklodowska-Curie Grant Agreement No. 801522, by Science Foundation Ireland and co-funded by the European Regional Development Fund through the ADAPT Centre for Digital Content Technology Grant Number 13/RC/2106_P2. It has also co-funded by Università degli Studi di Milano under the program “Piano sostegno alla ricerca”.
Publisher Copyright:
© 2022, The Author(s).
PY - 2022/10/1
Y1 - 2022/10/1
N2 - Scalable and secure authorization of smart things is of the crucial essence for the successful deployment of the Internet of Things (IoT). Unauthorized access to smart things could exacerbate the security and privacy concern, which could, in turn, lead to the reduced adoption of the IoT, and ultimately to the emergence of severe threats. Even though there are a variety of IoT solutions for secure authorization, authorization schemes in highly dynamic distributed environments remain a daunting challenge. Access rights can dynamically change due to the heterogeneous nature of shared IoT devices and, thus, the identity and access control management are challenging. This survey provides a comprehensive comparative analysis of the current state-of-the-art IoT authorization schemes to highlight their strengths and weaknesses. Then, it defines the most important requirements and highlights the authorization threats and weaknesses impacting authorization in the IoT. Finally, the survey presents the ongoing open authorization challenges and provides recommendations for future research.
AB - Scalable and secure authorization of smart things is of the crucial essence for the successful deployment of the Internet of Things (IoT). Unauthorized access to smart things could exacerbate the security and privacy concern, which could, in turn, lead to the reduced adoption of the IoT, and ultimately to the emergence of severe threats. Even though there are a variety of IoT solutions for secure authorization, authorization schemes in highly dynamic distributed environments remain a daunting challenge. Access rights can dynamically change due to the heterogeneous nature of shared IoT devices and, thus, the identity and access control management are challenging. This survey provides a comprehensive comparative analysis of the current state-of-the-art IoT authorization schemes to highlight their strengths and weaknesses. Then, it defines the most important requirements and highlights the authorization threats and weaknesses impacting authorization in the IoT. Finally, the survey presents the ongoing open authorization challenges and provides recommendations for future research.
KW - Access control
KW - Security attacks
KW - Security threat
UR - http://www.scopus.com/inward/record.url?scp=85134222542&partnerID=8YFLogxK
U2 - 10.1007/s40747-022-00765-y
DO - 10.1007/s40747-022-00765-y
M3 - Article
SN - 2199-4536
VL - 8
SP - 3919
EP - 3941
JO - Complex & Intelligent Systems
JF - Complex & Intelligent Systems
IS - 5
ER -