Descripción
|
|
---|---|
Access Control is crucial for security management, but in the context of the Internet of Things it cannot be implemented the same way as traditional systems do. Indeed, devices that make the Internet of Things impose some constraints that encourage the design of new access control mechanisms, which should provide ?exibility of con?guration, as well as support several authorization scopes at the same time, yet being computationally light, dynamic and scalable in order to be ready for the forthcoming Cloud Computing paradigm. In this paper we propose an authorization model that is based on the OAuth 2.0 protocol. From the point of view of the identity provider, this model allows managing roles and permissions for an application-scoped authorization, to enable more ?exible scenarios in which multiple tenants take part. With regard to devices, the OAuth 2.0 makes authorization extremely light, because all the required information is provided with a token. Considering all this, authorization management is completely delegated to an external system, so that an as-a-service access control mechanism is provided. The proposed model complies with the security, ?exibility and performance requirements that are needed in the Internet of Things paradigm. | |
Internacional
|
Si |
Nombre congreso
|
ICIN 2017 : 20th Innovations in Cloud, Internet and Networks |
Tipo de participación
|
960 |
Lugar del congreso
|
Paris, France |
Revisores
|
Si |
ISBN o ISSN
|
2472-8144 |
DOI
|
|
Fecha inicio congreso
|
07/03/2016 |
Fecha fin congreso
|
09/03/2017 |
Desde la página
|
322 |
Hasta la página
|
324 |
Título de las actas
|
PROCEEDINGS OF THE 2017 20TH CONFERENCE ON INNOVATIONS IN CLOUDS, INTERNET AND NETWORKS (ICIN) |