Paul Fremantle
ABSTRACT
OAuthing and IGNITE are federated middleware that together provide an improved model for sharing data from Internet of Things (IoT) devices to Cloud Services. OAuthing provides an identity broker and authorization server that issues OAuth2 anonymised credentials based on upstream identities from the User's Identity Provider. IGNITE is a cloud-based message router that uses identity and authorization policies from OAuthing to instantiate each user a cloud-based container for sharing their data.
The demonstration will show the post-manufacturing process to register a device with OAuthing, together with a user "claiming" a device. Once the device is claimed it will be connected to a third-party cloud service, with full user consent to create an policy. We will then demonstrate the policy in action and the creation of a cloud-instance on behalf of the user.
- S. Cirani, M. Picone, P. Gonizzi, L. Veltri, and G. Ferrari. IoT-OAS: An OAuth-based Authorization Service Architecture for Secure Services in IoT Scenarios. 2015.Google Scholar
- H. Desruelle, J. Lyle, S. Isenberg, and F. Gielen. On the challenges of building a web-based ubiquitous application platform. In Proceedings of the 2012 ACM Conference on Ubiquitous Computing, pages 733--736. ACM, 2012. Google ScholarDigital Library
- S. Emerson, Y.-K. Choi, D.-Y. Hwang, K.-S. Kim, and K.-H. Kim. An oauth based authentication mechanism for iot networks. In Information and Communication Technology Convergence (ICTC), 2015 International Conference on, pages 1072--1074. IEEE, 2015.Google ScholarCross Ref
- P. Fremantle, B. Aziz, P. Scott, and J. Kopecky. Federated Identity and Access Management for the Internet of Things. In 3rd International Workshop on the Secure IoT, 2014. Google ScholarDigital Library
- P. Fremantle, J. Kopecky, and B. Aziz. Web api management meets the internet of things. In Services and Applications over Linked APIs and Data âĂŞ SALAD2015, 2015.Google Scholar
- IETF. Authentication and authorization for constrained environments (ace) - documents. https://datatracker.ietf.org/wg/ace/documents/. (Accessed on 30th August 2016).Google Scholar
- A. Niruntasukrat, C. Issariyapat, P. Pongpaibool, K. Meesublak, P. Aiumsupucgul, and A. Panya. Authorization mechanism for mqtt-based internet of things. In 2016 IEEE International Conference on Communications Workshops (ICC), pages 290--295. IEEE, 2016.Google ScholarCross Ref
Recommendations
Privacy-enhancing Federated Middleware for the Internet of Things
Middleware Doctoral Symposium'16: Proceedings of the Doctoral Symposium of the 17th International Middleware ConferenceThe Internet of Things (IoT) offers new opportunities, but alongside those come many challenges for security and privacy. Most IoT devices offer no choice to users of where data is published, which data is made available and what identities are used for ...
Privacy preserving Internet of Things
The Internet of Things (IoT) is the latest web evolution that incorporates billions of devices that are owned by different organisations and people who are deploying and using them for their own purposes. IoT-enabled harnessing of the information that ...
A data-owner centric privacy model with blockchain and adapted attribute-based encryption for internet-of-things and cloud environment
Advances in internet of things (IoT) and cloud computing technologies have led to the emergence of new applications such as in e-health domain bringing convenience for both physicians and patients. However, the development of these new technologies makes ...
Comments