Visible to the public Biblio

Filters: Keyword is Identity management  [Clear All Filters]
2021-05-20
Dua, Amit, Barpanda, Siddharth Sekhar, Kumar, Neeraj, Tanwar, Sudeep.  2020.  Trustful: A Decentralized Public Key Infrastructure and Identity Management System. 2020 IEEE Globecom Workshops GC Wkshps. :1—6.

Modern Internet TCP uses Secure Sockets Layers (SSL)/Transport Layer Security (TLS) for secure communication, which relies on Public Key Infrastructure (PKIs) to authenticate public keys. Conventional PKI is done by Certification Authorities (CAs), issuing and storing Digital Certificates, which are public keys of users with the users identity. This leads to centralization of authority with the CAs and the storage of CAs being vulnerable and imposes a security concern. There have been instances in the past where CAs have issued rogue certificates or the CAs have been hacked to issue malicious certificates. Motivated from these facts, in this paper, we propose a method (named as Trustful), which aims to build a decentralized PKI using blockchain. Blockchains provide immutable storage in a decentralized manner and allows us to write smart contracts. Ethereum blockchain can be used to build a web of trust model where users can publish attributes, validate attributes about other users by signing them and creating a trust store of users that they trust. Trustful works on the Web-of-Trust (WoT) model and allows for any entity on the network to verify attributes about any other entity through a trusted network. This provides an alternative to the conventional CA-based identity verification model. The proposed model has been implemented and tested for efficacy and known major security attacks.

2021-03-29
Tang, C., Fu, X., Tang, P..  2020.  Policy-Based Network Access and Behavior Control Management. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :1102—1106.

Aiming at the requirements of network access control, illegal outreach control, identity authentication, security monitoring and application system access control of information network, an integrated network access and behavior control model based on security policy is established. In this model, the network access and behavior management control process is implemented through abstract policy configuration, network device and application server, so that management has device-independent abstraction, and management simplification, flexibility and automation are improved. On this basis, a general framework of policy-based access and behavior management control is established. Finally, an example is given to illustrate the method of device connection, data drive and fusion based on policy-based network access and behavior management control.

Luecking, M., Fries, C., Lamberti, R., Stork, W..  2020.  Decentralized Identity and Trust Management Framework for Internet of Things. 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC). :1—9.

Today, Internet of Things (IoT) devices mostly operate in enclosed, proprietary environments. To unfold the full potential of IoT applications, a unifying and permissionless environment is crucial. All IoT devices, even unknown to each other, would be able to trade services and assets across various domains. In order to realize those applications, uniquely resolvable identities are essential. However, quantifiable trust in identities and their authentication are not trivially provided in such an environment due to the absence of a trusted authority. This research presents a new identity and trust framework for IoT devices, based on Distributed Ledger Technology (DLT). IoT devices assign identities to themselves, which are managed publicly and decentralized on the DLT's network as Self Sovereign Identities (SSI). In addition to the Identity Management System (IdMS), the framework provides a Web of Trust (WoT) approach to enable automatic trust rating of arbitrary identities. For the framework we used the IOTA Tangle to access and store data, achieving high scalability and low computational overhead. To demonstrate the feasibility of our framework, we provide a proof-of-concept implementation and evaluate the set objectives for real world applicability as well as the vulnerability against common threats in IdMSs and WoTs.

Li, K., Ren, A., Ding, Y., Shi, Y., Wang, X..  2020.  Research on Decentralized Identity and Access Management Model Based on the OIDC Protocol. 2020 International Conference on E-Commerce and Internet Technology (ECIT). :252—255.

In the increasingly diverse information age, various kinds of personal information security problems continue to break out. According to the idea of combination of identity authentication and encryption services, this paper proposes a personal identity access management model based on the OIDC protocol. The model will integrate the existing personal security information and build a set of decentralized identity authentication and access management application cluster. The advantage of this model is to issue a set of authentication rules, so that all users can complete the authentication of identity access of all application systems in the same environment at a lower cost, and can well compatible and expand more categories of identity information. Therefore, this method not only reduces the number of user accounts, but also provides a unified and reliable authentication service for each application system.

Moreno, R. T., Rodríguez, J. G., López, C. T., Bernabe, J. B., Skarmeta, A..  2020.  OLYMPUS: A distributed privacy-preserving identity management system. 2020 Global Internet of Things Summit (GIoTS). :1—6.

Despite the latest initiatives and research efforts to increase user privacy in digital scenarios, identity-related cybercrimes such as identity theft, wrong identity or user transactions surveillance are growing. In particular, blanket surveillance that might be potentially accomplished by Identity Providers (IdPs) contradicts the data minimization principle laid out in GDPR. Hence, user movements across Service Providers (SPs) might be tracked by malicious IdPs that become a central dominant entity, as well as a single point of failure in terms of privacy and security, putting users at risk when compromised. To cope with this issue, the OLYMPUS H2020 EU project is devising a truly privacy-preserving, yet user-friendly, and distributed identity management system that addresses the data minimization challenge in both online and offline scenarios. Thus, OLYMPUS divides the role of the IdP among various authorities by relying on threshold cryptography, thereby preventing user impersonation and surveillance from malicious or nosy IdPs. This paper overviews the OLYMPUS framework, including requirements considered, the proposed architecture, a series of use cases as well as the privacy analysis from the legal point of view.

Khan, S., Jadhav, A., Bharadwaj, I., Rooj, M., Shiravale, S..  2020.  Blockchain and the Identity based Encryption Scheme for High Data Security. 2020 Fourth International Conference on Computing Methodologies and Communication (ICCMC). :1005—1008.

Using the blockchain technology to store the privatedocuments of individuals will help make data more reliable and secure, preventing the loss of data and unauthorized access. The Consensus algorithm along with the hash algorithms maintains the integrity of data simultaneously providing authentication and authorization. The paper incorporates the block chain and the Identity Based Encryption management concept. The Identity based Management system allows the encryption of the user's data as well as their identity and thus preventing them from Identity theft and fraud. These two technologies combined will result in a more secure way of storing the data and protecting the privacy of the user.

Nguyen, V.-Q.-H., Ngo, D.-H..  2020.  Private Identity-Based Encryption For Key Management. 2020 7th NAFOSTED Conference on Information and Computer Science (NICS). :416—420.

An Identity-Based Encryption (IBE) scheme uses public identities of entities for cryptographic purposes. Unlike that, we introduce a new scheme which is based on private identities, and we call it Private Identity-Based Encryption. A Private IBE scheme makes sure the adversaries cannot get the information that somebody uses for encryption in order to decrypt the data. Moreover, thanks to using identities as secret keys, an user-friendly system can be designed to support users in protecting data without storing any keys privately. This allows builds decentralized applications to manage keys that is often long and difficult to remember.

Amin, A. H. M., Abdelmajid, N., Kiwanuka, F. N..  2020.  Identity-of-Things Model using Composite Identity on Permissioned Blockchain Network. 2020 Seventh International Conference on Software Defined Systems (SDS). :171—176.

The growing prevalence of Internet-of-Things (IoT) technology has led to an increase in the development of heterogeneous smart applications. Smart applications may involve a collaborative participation between IoT devices. Participation of IoT devices for specific application requires a tamper-proof identity to be generated and stored, in order to completely represent the device, as well as to eliminate the possibility of identity spoofing and presence of rogue devices in a network. In this paper, we present a composite Identity-of-Things (IDoT) approach on IoT devices with permissioned blockchain implementation for distributed identity management model. Our proposed approach considers both application and device domains in generating the composite identity. In addition, the use of permissioned blockchain for identity storage and verification allows the identity to be immutable. A simulation has been carried out to demonstrate the application of the proposed identity management model.

Gururaj, P..  2020.  Identity management using permissioned blockchain. 2020 International Conference on Mainstreaming Block Chain Implementation (ICOMBI). :1—3.

Authenticating a person's identity has always been a challenge. While attempts are being made by government agencies to address this challenge, the citizens are being exposed to a new age problem of Identity management. The sharing of photocopies of identity cards in order to prove our identity is a common sight. From score-card to Aadhar-card, the details of our identity has reached many unauthorized hands during the years. In India the identity thefts accounts for 77% [1] of the fraud cases, and the threats are trending. Programs like e-Residency by Estonia[2], Bitnation using Ethereum[3] are being devised for an efficient Identity Management. Even the US Home Land Security is funding a research with an objective of “Design information security and privacy concepts on the Blockchain to support identity management capabilities that increase security and productivity while decreasing costs and security risks for the Homeland Security Enterprise (HSE).” [4] This paper will discuss the challenges specific to India around Identity Management, and the possible solution that the Distributed ledger, hashing algorithms and smart contracts can offer. The logic of hashing the personal data, and controlling the distribution of identity using public-private keys with Blockchain technology will be discussed in this paper.

Naik, N., Jenkins, P..  2020.  Governing Principles of Self-Sovereign Identity Applied to Blockchain Enabled Privacy Preserving Identity Management Systems. 2020 IEEE International Symposium on Systems Engineering (ISSE). :1—6.

Digital identity is the key element of digital transformation in representing any real-world entity in the digital form. To ensure a successful digital future the requirement for an effective digital identity is paramount, especially as demand increases for digital services. Several Identity Management (IDM) systems are developed to cope with identity effectively, nonetheless, existing IDM systems have some limitations corresponding to identity and its management such as sovereignty, storage and access control, security, privacy and safeguarding, all of which require further improvement. Self-Sovereign Identity (SSI) is an emerging IDM system which incorporates several required features to ensure that identity is sovereign, secure, reliable and generic. It is an evolving IDM system, thus it is essential to analyse its various features to determine its effectiveness in coping with the dynamic requirements of identity and its current challenges. This paper proposes numerous governing principles of SSI to analyse any SSI ecosystem and its effectiveness. Later, based on the proposed governing principles of SSI, it performs a comparative analysis of the two most popular SSI ecosystems uPort and Sovrin to present their effectiveness and limitations.

Naik, N., Jenkins, P..  2020.  uPort Open-Source Identity Management System: An Assessment of Self-Sovereign Identity and User-Centric Data Platform Built on Blockchain. 2020 IEEE International Symposium on Systems Engineering (ISSE). :1—7.

Managing identity across an ever-growing digital services landscape has become one of the most challenging tasks for security experts. Over the years, several Identity Management (IDM) systems were introduced and adopted to tackle with the growing demand of an identity. In this series, a recently emerging IDM system is Self-Sovereign Identity (SSI) which offers greater control and access to users regarding their identity. This distinctive feature of the SSI IDM system represents a major development towards the availability of sovereign identity to users. uPort is an emerging open-source identity management system providing sovereign identity to users, organisations, and other entities. As an emerging identity management system, it requires meticulous analysis of its architecture, working, operational services, efficiency, advantages and limitations. Therefore, this paper contributes towards achieving all of these objectives. Firstly, it presents the architecture and working of the uPort identity management system. Secondly, it develops a Decentralized Application (DApp) to demonstrate and evaluate its operational services and efficiency. Finally, based on the developed DApp and experimental analysis, it presents the advantages and limitations of the uPort identity management system.

2021-02-15
Maldonado-Ruiz, D., Torres, J., Madhoun, N. El.  2020.  3BI-ECC: a Decentralized Identity Framework Based on Blockchain Technology and Elliptic Curve Cryptography. 2020 2nd Conference on Blockchain Research Applications for Innovative Networks and Services (BRAINS). :45–46.

Most of the authentication protocols assume the existence of a Trusted Third Party (TTP) in the form of a Certificate Authority or as an authentication server. The main objective of this research is to present an autonomous solution where users could store their credentials, without depending on TTPs. For this, the use of an autonomous network is imperative, where users could use their uniqueness in order to identify themselves. We propose the framework “Three Blockchains Identity Management with Elliptic Curve Cryptography (3BI-ECC)”. Our proposed framework is a decentralize identity management system where users' identities are self-generated.

2021-02-03
Kaneriya, J., Patel, H..  2020.  A Comparative Survey on Blockchain Based Self Sovereign Identity System. 2020 3rd International Conference on Intelligent Sustainable Systems (ICISS). :1150—1155.

The Internet has changed business, education, healthcare, banking etc. and it is the main part of technological evolution. Internet provides us a connecting world to perform our day to day life activities easily. Internet is designed in such a way that it can uniquely identify machine, not a person, on the network hence there is need to design a system that can perform entity identification on the Internet. Currently on Internet, service providers provide identity of a user with user name and password and store this information on a centralized server. These servers become honey pot for hackers to steal user’s personal identity information and service provider can utilize user identity information using data mining, artificial intelligence for economic benefits. Aim of Self sovereign identity system is to provide decentralized, user centric identity system which is controlled by identity owner that can be developed along with distributed ledger technology i.e. blockchain. In this paper, we intend to make an exhaustive study on different blockchain based self sovereign identity implementations (such as Sovrin, Uport, EverID, LifeID, Sora, SelfKey) along with its architectural components and discuss about use case of self sovereign identity.

2020-10-05
Lowney, M. Phil, Liu, Hong, Chabot, Eugene.  2018.  Trust Management in Underwater Acoustic MANETs based on Cloud Theory using Multi-Parameter Metrics. 2018 International Carnahan Conference on Security Technology (ICCST). :1—5.

With wide applications like surveillance and imaging, securing underwater acoustic Mobile Ad-hoc NETworks (MANET) becomes a double-edged sword for oceanographic operations. Underwater acoustic MANET inherits vulnerabilities from 802.11-based MANET which renders traditional cryptographic approaches defenseless. A Trust Management Framework (TMF), allowing maintained confidence among participating nodes with metrics built from their communication activities, promises secure, efficient and reliable access to terrestrial MANETs. TMF cannot be directly applied to the underwater environment due to marine characteristics that make it difficult to differentiate natural turbulence from intentional misbehavior. This work proposes a trust model to defend underwater acoustic MANETs against attacks using a machine learning method with carefully chosen communication metrics, and a cloud model to address the uncertainty of trust in harsh underwater environments. By integrating the trust framework of communication with the cloud model to combat two kinds of uncertainties: fuzziness and randomness, trust management is greatly improved for underwater acoustic MANETs.

2020-07-13
Grüner, Andreas, Mühle, Alexander, Meinel, Christoph.  2019.  Using Probabilistic Attribute Aggregation for Increasing Trust in Attribute Assurance. 2019 IEEE Symposium Series on Computational Intelligence (SSCI). :633–640.
Identity management is an essential cornerstone of securing online services. Service provisioning relies on correct and valid attributes of a digital identity. Therefore, the identity provider is a trusted third party with a specific trust requirement towards a verified attribute supply. This trust demand implies a significant dependency on users and service providers. We propose a novel attribute aggregation method to reduce the reliance on one identity provider. Trust in an attribute is modelled as a combined assurance of several identity providers based on probability distributions. We formally describe the proposed aggregation model. The resulting trust model is implemented in a gateway that is used for authentication with self-sovereign identity solutions. Thereby, we devise a service provider specific web of trust that constitutes an intermediate approach bridging a global hierarchical model and a locally decentralized peer to peer scheme.
2020-03-18
Padmashree, M G, Khanum, Shahela, Arunalatha, J S, Venugopal, K R.  2019.  SIRLC: Secure Information Retrieval using Lightweight Cryptography in HIoT. TENCON 2019 - 2019 IEEE Region 10 Conference (TENCON). :269–273.

Advances in new Communication and Information innovations has led to a new paradigm known as Internet of Things (IoT). Healthcare environment uses IoT technologies for Patients care which can be used in various medical applications. Patient information is encrypted consistently to maintain the access of therapeutic records by authoritative entities. Healthcare Internet of Things (HIoT) facilitate the access of Patient files immediately in emergency situations. In the proposed system, the Patient directly provides the Key to the Doctor in normal care access. In Emergency care, a Patient shares an Attribute based Key with a set of Emergency Supporting Representatives (ESRs) and access permission to the Doctor for utilizing Emergency key from ESR. The Doctor decrypts the medical records by using Attribute based key and Emergency key to save the Patient's life. The proposed model Secure Information Retrieval using Lightweight Cryptography (SIRLC) reduces the secret key generation time and cipher text size. The performance evaluation indicates that SIRLC is a better option to utilize in Healthcare IoT than Lightweight Break-glass Access Control(LiBAC) with enhanced security and reduced computational complexity.

2020-03-16
de Matos Patrocínio dos Santos, Bernardo, Dzogovic, Bruno, Feng, Boning, Do, Van Thuan, Jacot, Niels, van Do, Thanh.  2019.  Towards Achieving a Secure Authentication Mechanism for IoT Devices in 5G Networks. 2019 6th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/ 2019 5th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom). :130–135.

Upon the new paradigm of Cellular Internet of Things, through the usage of technologies such as Narrowband IoT (NB-IoT), a massive amount of IoT devices will be able to use the mobile network infrastructure to perform their communications. However, it would be beneficial for these devices to use the same security mechanisms that are present in the cellular network architecture, so that their connections to the application layer could see an increase on security. As a way to approach this, an identity management and provisioning mechanism, as well as an identity federation between an IoT platform and the cellular network is proposed as a way to make an IoT device deemed worthy of using the cellular network and perform its actions.

2020-01-21
Zhang, Chiyu, Hwang, Inseok.  2019.  Decentralized Multi-Sensor Scheduling for Multi-Target Tracking and Identity Management. 2019 18th European Control Conference (ECC). :1804–1809.
This paper proposes a multi-target tracking and identity management method with multiple sensors: a primary sensor with a large detection range to provide the targets' state estimates, and multiple secondary sensors capable of recognizing the targets' identities. Each of the secondary sensors is assigned to a sector of the operation area; a secondary sensor decides which target in its assigned sector to be identified and controls itself to identify the target. We formulate the decision-making process as an optimization problem to minimize the uncertainty of the targets' identities subject to the sensor dynamic constraints. The proposed algorithm is decentralized since the secondary sensors only communicate with the primary sensor for the target information, and need not to synchronize with each other. By integrating the proposed algorithm with the existing multi-target tracking algorithms, we develop a closed-loop multi-target tracking and identity management algorithm. The effectiveness of the proposed algorithm is demonstrated with illustrative numerical examples.
Vo, Tri Hoang, Fuhrmann, Woldemar, Fischer-Hellmann, Klaus-Peter, Furnell, Steven.  2019.  Efficient Privacy-Preserving User Identity with Purpose-Based Encryption. 2019 International Symposium on Networks, Computers and Communications (ISNCC). :1–8.
In recent years, users may store their Personal Identifiable Information (PII) in the Cloud environment so that Cloud services may access and use it on demand. When users do not store personal data in their local machines, but in the Cloud, they may be interested in questions such as where their data are, who access it except themselves. Even if Cloud services specify privacy policies, we cannot guarantee that they will follow their policies and will not transfer user data to another party. In the past 10 years, many efforts have been taken in protecting PII. They target certain issues but still have limitations. For instance, users require interacting with the services over the frontend, they do not protect identity propagation between intermediaries and against an untrusted host, or they require Cloud services to accept a new protocol. In this paper, we propose a broader approach that covers all the above issues. We prove that our solution is efficient: the implementation can be easily adapted to existing Identity Management systems and the performance is fast. Most importantly, our approach is compliant with the General Data Protection Regulation from the European Union.
Soltani, Reza, Nguyen, Uyen Trang, An, Aijun.  2019.  Practical Key Recovery Model for Self-Sovereign Identity Based Digital Wallets. 2019 IEEE Intl Conf on Dependable, Autonomic and Secure Computing, Intl Conf on Pervasive Intelligence and Computing, Intl Conf on Cloud and Big Data Computing, Intl Conf on Cyber Science and Technology Congress (DASC/PiCom/CBDCom/CyberSciTech). :320–325.
Recent years have seen an increased interest in digital wallets for a multitude of use cases including online banking, cryptocurrency, and digital identity management. Digital wallets play a pivotal role in the secure management of cryptographic keys and credentials, and for providing certain identity management services. In this paper, we examine a proof-of-concept digital wallet in the context of Self-Sovereign Identity and provide a practical decentralized key recovery solution using Shamir's secret sharing scheme and Hyperledger Indy distributed ledger technology.
Shehu, Abubakar-Sadiq, Pinto, António, Correia, Manuel E..  2019.  Privacy Preservation and Mandate Representation in Identity Management Systems. 2019 14th Iberian Conference on Information Systems and Technologies (CISTI). :1–6.
The growth in Internet usage has increased the use of electronic services requiring users to register their identity on each service they subscribe to. This has resulted in the prevalence of redundant users data on different services. To protect and regulate access by users to these services identity management systems (IdMs)are put in place. IdMs uses frameworks and standards e.g SAML, OAuth and Shibboleth to manage digital identities of users for identification and authentication process for a service provider. However, current IdMs have not been able to address privacy issues (unauthorised and fine-grained access)that relate to protecting users identity and private data on web services. Many implementations of these frameworks are only concerned with the identification and authentication process of users but not authorisation. They mostly give full control of users digital identities and data to identity and service providers with less or no users participation. This results in a less privacy enhanced solutions that manage users available data in the electronic space. This article proposes a user-centred mandate representation system that empowers resource owners to take full of their digital data; determine and delegate access rights using their mobile phone. Thereby giving users autonomous powers on their resources to grant access to authenticated entities at their will. Our solution is based on the OpenID Connect framework for authorisation service. To evaluate the proposal, we've compared it with some related works and the privacy requirements yardstick outlined in GDPR regulation [1] and [2]. Compared to other systems that use OAuth 2.0 or SAML our solution uses an additional layer of security, where data owner assumes full control over the disclosure of their identity data through an assertion issued from their mobile phones to authorisation server (AS), which in turn issues an access token. This would enable data owners to assert the authenticity of a request, while service providers and requestors also benefit from the correctness and freshness of identity data disclosed to them.
Selvanathan, Nirojan, Jayakody, Dileepa, Damjanovic-Behrendt, Violeta.  2019.  Federated Identity Management and Interoperability for Heterogeneous Cloud Platform Ecosystems. Proceedings of the 14th International Conference on Availability, Reliability and Security. :1–7.
This paper describes an approach to overcome the interoperability challenges related to identity management systems supporting cross-collaboration between heterogeneous manufacturing platforms. Traditional identity management systems have shown many weaknesses when it comes to cloud platforms and their federations, from not being able to support a simplified login process, to information disclosure and complexity of implementation in practice. This paper discusses workflows to practically implement federated identity management across the heterogeneous manufacturing platforms and design interoperability at different levels, e.g. at the platform level and at the platform integration level. Our motivation to find the best federated identity management solution for heterogeneous cloud-based platforms is related to practical requirements coming from the ongoing European project eFactory.
Rana, Rima, Zaeem, Razieh Nokhbeh, Barber, K. Suzanne.  2019.  An Assessment of Blockchain Identity Solutions: Minimizing Risk and Liability of Authentication. 2019 IEEE/WIC/ACM International Conference on Web Intelligence (WI). :26–33.
Personally Identifiable Information (PII) is often used to perform authentication and acts as a gateway to personal and organizational information. One weak link in the architecture of identity management services is sufficient to cause exposure and risk identity. Recently, we have witnessed a shift in identity management solutions with the growth of blockchain. Blockchain-the decentralized ledger system-provides a unique answer addressing security and privacy with its embedded immutability. In a blockchain-based identity solution, the user is given the control of his/her identity by storing personal information on his/her device and having the choice of identity verification document used later to create blockchain attestations. Yet, the blockchain technology alone is not enough to produce a better identity solution. The user cannot make informed decisions as to which identity verification document to choose if he/she is not presented with tangible guidelines. In the absence of scientifically created practical guidelines, these solutions and the choices they offer may become overwhelming and even defeat the purpose of providing a more secure identity solution.We analyze different PII options given to users for authentication on current blockchain-based solutions. Based on our Identity Ecosystem model, we evaluate these options and their risk and liability of exposure. Powered by real world data of about 6,000 identity theft and fraud stories, our model recommends some authentication choices and discourages others. Our work paves the way for a truly effective identity solution based on blockchain by helping users make informed decisions and motivating blockchain identity solution providers to introduce better options to their users.
Petrovska, Jovana, Memeti, Agon, Imeri, Florinda.  2019.  SOA Approach - Identity and Access Management for the Risk Management Platform. 2019 8th Mediterranean Conference on Embedded Computing (MECO). :1–4.
The Risk Management system should help customs to more easily and effectively detect irregularities in import, export or transit of goods. Customs administrations today are required to provide extensive facilitation while maintaining control over the international movement of goods, means of transport and persons. The level of risk is determined in the context of the priorities of the Customs administrations e.g. whether the priority is collection of duties and taxes or checking prohibitions and restrictions or any other specific area that has been identified. The aim of the proposed platform in this paper is to achieve a high-quality, multi-layered approach to risk management that is effective and efficient, i.e. the platform is built on decoupled microservices, the different components are working together and an interruption in one segment does not have major effect on the overall system. The main motivation behind this case study is the hands-on experience we have and the close proximity to the project, i.e. information exchange and team discussions as the main available resources.
Pal, Shantanu.  2019.  Limitations and Approaches in Access Control and Identity Management for Constrained IoT Resources. 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :431–432.
The Internet of Things (IoT), smart sensors and mobile wearable devices are helping to provide services that are more ubiquitous, smarter, faster and easily accessible to users. However, security is a significant concern for the IoT, with access control and identity management are being two major issues. With the growing size and presence of these systems and the resource constrained nature of the IoT devices, an important question is how to manage policies in a manner that is both scalable and flexible. In this research, we aim at proposing a fine-grained and flexible access control architecture, and to examine an identity model for constrained IoT resources. To achieve this, first, we outline some key limitations in the state of the art access control and identity management for IoT. Then we devise our approach to address those limitations in a systematic way.