SlideShare a Scribd company logo

A Model to Enable Application-scoped Access Control as a Service for IoT Using OAuth2.0

F
Federico Fernández Moreno

The document presents a model for application-scoped access control in IoT using OAuth 2.0, focusing on securing interactions between IoT devices and services. It comprises components such as identity provider, policy administration point, policy enforcement point, and policy decision point to manage permissions and roles. The paper concludes with future implementation and validation plans in the context of FIWARE.

Technology
1 of 7
1
2
3
4
5
6
7
A Model to Enable Application-scoped Access Control as a Service for IoT Using OAuth 2.0 Federico Fernández (Technical University of Madrid), Álvaro Alonso (Technical University of Madrid), Lourdes Marco (Technical University of Madrid), Joaquín Salvachúa (Technical University of Madrid) Special Session: Trust and Access Control for the Internet of Things March 8, 2017
Outline 1. Introduction • Interaction between services and IoT devices • Requirements 2. Contribution • As-a-service access control using OAuth 2.0 • Main components of our model 3. Conclusions • Achievements • Future lines 2March 8, 2017 Special Session: Trust and Access Control for the Internet of Things
Securing interactions IoT↔Services • Devices in IoT interact with services – Sensors: publish information – Actuators: read information • Requirements to secure these interactions – Application-scoped – Client-independent – Flexible – Delegated 3March 8, 2017 Special Session: Trust and Access Control for the Internet of Things
4March 8, 2017 Special Session: Trust and Access Control for the Internet of Things As-a-service AC using OAuth 2.0
• Identity Provider (IdP) – Credentials (username+password) – Groups of devices – Role assignment – Service registration (OAuth 2.0 credentials) • Policy Administration Point (PAP) – Permissions & roles management • Policy Enforcement Point (PEP) – Roles information retrieval from IdP – One for each service • Policy Decision Point (PDP) – Policies fetch from database to make final decision 5March 8, 2017 Special Session: Trust and Access Control for the Internet of Things As-a-service AC using OAuth 2.0
• Enable access control in IoT contexts • OAuth 2.0 protocol – Interoperability with other RESTful services – Light for devices • An as-a-service authorization layer that can be added • Centrally-managed policies Future lines • Implement and validate – Already on-going in the scope of FIWARE 6March 8, 2017 Special Session: Trust and Access Control for the Internet of Things Conclusions
Thank you! #ICIN2017 Special Session: Trust and Access Control for the Internet of Things March 8, 2017

More Related Content

DOCX
International Journal of Network Security &Its Applications (IJNSA)
MiajackB
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
MiajackB
 
DOCX
Call for Papers - 6th International Conference on Cryptography and Informatio...
IJNSA Journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
PDF
6th International Conference on Cryptography and Information Security (CRIS 2...
IJNSA Journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
PDF
CALL FOR PAPERS - 4th International Conference on Networks and Security (NSEC...
pijans
 
International Journal of Network Security &Its Applications (IJNSA)
MiajackB
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
MiajackB
 
Call for Papers - 6th International Conference on Cryptography and Informatio...
IJNSA Journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
6th International Conference on Cryptography and Information Security (CRIS 2...
IJNSA Journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
CALL FOR PAPERS - 4th International Conference on Networks and Security (NSEC...
pijans
 

What's hot (17)

DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
Ijisa
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
Ijisa
ijfcst journal
 
DOCX
6th International Conference on Cryptography and Information Security (CRIS 2...
IJNSA Journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
PDF
6th International Conference on Cryptography and Information Security (CRIS 2...
IJNSA Journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
Ijisa
ijfcst journal
 
DOCX
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
DOCX
Ijisa
ijfcst journal
 
DOCX
Ijisa
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
Ijisa
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
Ijisa
ijfcst journal
 
6th International Conference on Cryptography and Information Security (CRIS 2...
IJNSA Journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
6th International Conference on Cryptography and Information Security (CRIS 2...
IJNSA Journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
Ijisa
ijfcst journal
 
International Journal of Network Security & Its Applications (IJNSA)
ijfcst journal
 
Ijisa
ijfcst journal
 
Ijisa
ijfcst journal
 
Ad

Viewers also liked (20)

PDF
Semiconductor industry for IoT Entrepreneurs
Dr. Shivananda Koteshwar
 
PDF
SCiO Molecular Sensor from Consumer Physics: Mobile Spectrometer Dongle - tea...
Yole Developpement
 
PPTX
How to Install and Configure your own Identity Manager GE
Federico Fernández Moreno
 
PPTX
EU data protection issues in IoT
Francesca Giannoni-Crystal
 
PPTX
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
Nordic APIs
 
PPTX
FIWARE NGSI: Managing Context Information at Large Scale
FIWARE
 
PDF
IBM Aspera - Moving the world’s data at maximum speed
Mohamed Morsi
 
PPTX
Fine grained access control for cloud-based services using ABAC and XACML
David Brossard
 
PPTX
Blind spots in big data erez koren @ forter
Ido Shilon
 
PPTX
Welcome to the 1st FIWARE Summit
FIWARE
 
PDF
Capacitive Fingerprint Sensors Sample
Knowmade
 
PDF
Biomedical Photoacoustic Imaging Patent Landscape Sample
Knowmade
 
PDF
Honeywell Microbolometer Patent Landscape Sample
Knowmade
 
PDF
Non invasive Glucose Patent Landscape sample
Knowmade
 
PDF
Sample Resistive Memory Patent Landscape
Knowmade
 
PDF
TSV Stacked Memory Patent Landscape Sample
Knowmade
 
PDF
Microbattery Patent Landscape Sample
Knowmade
 
PDF
Microfluidic technologies for diagnostic applications - Sample
Knowmade
 
PDF
Miniaturized Gas Sensors Patent Landscape 2016 Sample
Knowmade
 
PDF
Capsule endoscopy Patent Landscape 2014 Sample
Knowmade
 
Semiconductor industry for IoT Entrepreneurs
Dr. Shivananda Koteshwar
 
SCiO Molecular Sensor from Consumer Physics: Mobile Spectrometer Dongle - tea...
Yole Developpement
 
How to Install and Configure your own Identity Manager GE
Federico Fernández Moreno
 
EU data protection issues in IoT
Francesca Giannoni-Crystal
 
OAuth 2.0 and the Internet of Things (IoT) (Jacob Ideskog)
Nordic APIs
 
FIWARE NGSI: Managing Context Information at Large Scale
FIWARE
 
IBM Aspera - Moving the world’s data at maximum speed
Mohamed Morsi
 
Fine grained access control for cloud-based services using ABAC and XACML
David Brossard
 
Blind spots in big data erez koren @ forter
Ido Shilon
 
Welcome to the 1st FIWARE Summit
FIWARE
 
Capacitive Fingerprint Sensors Sample
Knowmade
 
Biomedical Photoacoustic Imaging Patent Landscape Sample
Knowmade
 
Honeywell Microbolometer Patent Landscape Sample
Knowmade
 
Non invasive Glucose Patent Landscape sample
Knowmade
 
Sample Resistive Memory Patent Landscape
Knowmade
 
TSV Stacked Memory Patent Landscape Sample
Knowmade
 
Microbattery Patent Landscape Sample
Knowmade
 
Microfluidic technologies for diagnostic applications - Sample
Knowmade
 
Miniaturized Gas Sensors Patent Landscape 2016 Sample
Knowmade
 
Capsule endoscopy Patent Landscape 2014 Sample
Knowmade
 
Ad

Similar to A Model to Enable Application-scoped Access Control as a Service for IoT Using OAuth2.0 (20)

PDF
IoT/M2M Security
Yu-Hsin Hung
 
PPTX
Authorization for Internet of Things using OAuth 2.0
Hannes Tschofenig
 
PPTX
Anonymous Individual Integration for IoT
Paul Fremantle
 
PDF
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Mahmud Hossain
 
PPTX
Securing the Internet of Things
Paul Fremantle
 
PDF
Security in Cyber-Physical Systems
Bob Marcus
 
PDF
The Future of Authentication for IoT
FIDO Alliance
 
PDF
IRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET Journal
 
PDF
The Convergence of IT, Operational Technology and the Internet of Things (IoT)
Jackson Shaw
 
PDF
IERC_Position_Paper_IoT_Governance_Privacy_Security_Final.pdf
JyothiBR3
 
PDF
Internet of Things (IoT) Security Measures Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
PPTX
Security challenges for internet of things
Monika Keerthi
 
PDF
Securing IoT Applications
WSO2
 
PDF
RISE OF THE MACHINES: IRM IN AN IOT WORLD
ForgeRock
 
PPTX
Onboarding in the IoT
Paul Madsen
 
PDF
IoT Security and Privacy Considerations
Kenny Huang Ph.D.
 
PDF
1 importance of light weight authentication in iot
Chintan Patel
 
PDF
inteross-iot.pdf
EonisGonzara1
 
PDF
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
Mahmud Hossain
 
PDF
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
Maxim Salnikov
 
IoT/M2M Security
Yu-Hsin Hung
 
Authorization for Internet of Things using OAuth 2.0
Hannes Tschofenig
 
Anonymous Individual Integration for IoT
Paul Fremantle
 
Towards a Holistic Framework for Secure, Privacy-aware, and Trustworthy Inter...
Mahmud Hossain
 
Securing the Internet of Things
Paul Fremantle
 
Security in Cyber-Physical Systems
Bob Marcus
 
The Future of Authentication for IoT
FIDO Alliance
 
IRJET- Authentication and Context Awareness Access Control in Internet of Things
IRJET Journal
 
The Convergence of IT, Operational Technology and the Internet of Things (IoT)
Jackson Shaw
 
IERC_Position_Paper_IoT_Governance_Privacy_Security_Final.pdf
JyothiBR3
 
Internet of Things (IoT) Security Measures Insights from Patents
Alex G. Lee, Ph.D. Esq. CLP
 
Security challenges for internet of things
Monika Keerthi
 
Securing IoT Applications
WSO2
 
RISE OF THE MACHINES: IRM IN AN IOT WORLD
ForgeRock
 
Onboarding in the IoT
Paul Madsen
 
IoT Security and Privacy Considerations
Kenny Huang Ph.D.
 
1 importance of light weight authentication in iot
Chintan Patel
 
inteross-iot.pdf
EonisGonzara1
 
HSC-IoT: A Hardware and Software Co-Verification based Authentication Scheme ...
Mahmud Hossain
 
How to Make Your IoT Devices Secure, Act Autonomously & Trusted Subjects
Maxim Salnikov
 

Recently uploaded (20)

PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
KodekX | Application Modernization Development
KodekX
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Cloud computing and distributed systems.
kkkkkhan
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 

A Model to Enable Application-scoped Access Control as a Service for IoT Using OAuth2.0

  • 1. A Model to Enable Application-scoped Access Control as a Service for IoT Using OAuth 2.0 Federico Fernández (Technical University of Madrid), Álvaro Alonso (Technical University of Madrid), Lourdes Marco (Technical University of Madrid), Joaquín Salvachúa (Technical University of Madrid) Special Session: Trust and Access Control for the Internet of Things March 8, 2017
  • 2. Outline 1. Introduction • Interaction between services and IoT devices • Requirements 2. Contribution • As-a-service access control using OAuth 2.0 • Main components of our model 3. Conclusions • Achievements • Future lines 2March 8, 2017 Special Session: Trust and Access Control for the Internet of Things
  • 3. Securing interactions IoT↔Services • Devices in IoT interact with services – Sensors: publish information – Actuators: read information • Requirements to secure these interactions – Application-scoped – Client-independent – Flexible – Delegated 3March 8, 2017 Special Session: Trust and Access Control for the Internet of Things
  • 4. 4March 8, 2017 Special Session: Trust and Access Control for the Internet of Things As-a-service AC using OAuth 2.0
  • 5. • Identity Provider (IdP) – Credentials (username+password) – Groups of devices – Role assignment – Service registration (OAuth 2.0 credentials) • Policy Administration Point (PAP) – Permissions & roles management • Policy Enforcement Point (PEP) – Roles information retrieval from IdP – One for each service • Policy Decision Point (PDP) – Policies fetch from database to make final decision 5March 8, 2017 Special Session: Trust and Access Control for the Internet of Things As-a-service AC using OAuth 2.0
  • 6. • Enable access control in IoT contexts • OAuth 2.0 protocol – Interoperability with other RESTful services – Light for devices • An as-a-service authorization layer that can be added • Centrally-managed policies Future lines • Implement and validate – Already on-going in the scope of FIWARE 6March 8, 2017 Special Session: Trust and Access Control for the Internet of Things Conclusions
  • 7. Thank you! #ICIN2017 Special Session: Trust and Access Control for the Internet of Things March 8, 2017

Editor's Notes

  • #4: Hablar de related work!