• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于OAuth和角色的多物联网平台可互操作访问控制框架

An Interoperable Access Control Framework for Diverse IoT Platforms Based on OAuth and Role.

作者信息

Oh Se-Ra, Kim Young-Gab, Cho Sanghyun

机构信息

Department of Computer and Information Security, Sejong University, Seoul 05006, Korea.

Security Team, Naver Corporation, Bundang 13561, Korea.

出版信息

Sensors (Basel). 2019 Apr 20;19(8):1884. doi: 10.3390/s19081884.

DOI:10.3390/s19081884
PMID:31010030
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC6514541/
Abstract

Due to the rapid development of Internet of Things (IoT), IoT platforms that can provide common functions for things are becoming increasingly important. However, access control frameworks in diverse IoT platforms have been developed for individual security goals, designs, and technologies. In particular, current OAuth-based access control frameworks that are widely used in IoT research have not been providing interoperability among IoT platforms even though sharing resources and services is a critical issue for IoT platforms. Therefore, we analyze the main requirements for an IoT access control framework to properly design our framework and propose an interoperable access control framework based on OAuth 2.0 and Role. Our approach describes a new extended authorization grant flow to issue an Interoperable Access Token (IAT) that has a global access scope across IoT platforms using multiple pairs of clients' credentials. With the IAT and proposed framework, we can access client-specific domains in heterogeneous IoT platforms, then valuable resources (e.g., data and services) in the domains can be accessed by validating the roles, which will greatly simplify permission management. Furthermore, IAT supports a simple token management (e.g., token issuance, refreshing, and revocation) by managing only one token for diverse IoT platforms. In addition, we implement our interoperable access control framework on Mobius and FIWARE, which are promising open-source IoT platforms, and test an interoperability scenario to demonstrate our approach with the implementation. Furthermore, the proposed framework is compared with other IoT access control approaches based on the selected requirements in this paper.

摘要

由于物联网(IoT)的快速发展,能够为物联网设备提供通用功能的物联网平台正变得越来越重要。然而,不同物联网平台中的访问控制框架是为各自的安全目标、设计和技术而开发的。特别是,目前在物联网研究中广泛使用的基于OAuth的访问控制框架,即使共享资源和服务对物联网平台来说是一个关键问题,也未能在物联网平台之间提供互操作性。因此,我们分析了物联网访问控制框架的主要需求,以正确设计我们的框架,并提出了一个基于OAuth 2.0和角色的可互操作访问控制框架。我们的方法描述了一种新的扩展授权授予流程,以颁发可互操作访问令牌(IAT),该令牌使用多对客户端凭证在物联网平台间具有全局访问范围。借助IAT和所提出的框架,我们可以访问异构物联网平台中特定于客户端的域,然后通过验证角色来访问这些域中的宝贵资源(如数据和服务),这将大大简化权限管理。此外,IAT通过仅为不同的物联网平台管理一个令牌来支持简单的令牌管理(如令牌颁发、刷新和撤销)。此外,我们在Mobius和FIWARE这两个有前景的开源物联网平台上实现了我们的可互操作访问控制框架,并测试了一个互操作性场景以通过实现来展示我们的方法。此外,本文还根据选定的要求将所提出的框架与其他物联网访问控制方法进行了比较。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/3d6aff4033ce/sensors-19-01884-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/5655cb32189b/sensors-19-01884-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/e96afe9dddfb/sensors-19-01884-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/a19b83a8960a/sensors-19-01884-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/f1e9df5f5d69/sensors-19-01884-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/1c34dfd60997/sensors-19-01884-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/e4a86ee1ebf3/sensors-19-01884-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/4c1ce21c48ef/sensors-19-01884-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/1e03f7d318e3/sensors-19-01884-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/66d83e6478dd/sensors-19-01884-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/19f7ff6edfb0/sensors-19-01884-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/3d6aff4033ce/sensors-19-01884-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/5655cb32189b/sensors-19-01884-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/e96afe9dddfb/sensors-19-01884-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/a19b83a8960a/sensors-19-01884-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/f1e9df5f5d69/sensors-19-01884-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/1c34dfd60997/sensors-19-01884-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/e4a86ee1ebf3/sensors-19-01884-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/4c1ce21c48ef/sensors-19-01884-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/1e03f7d318e3/sensors-19-01884-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/66d83e6478dd/sensors-19-01884-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/19f7ff6edfb0/sensors-19-01884-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/9f2c/6514541/3d6aff4033ce/sensors-19-01884-g011.jpg

相似文献

1
An Interoperable Access Control Framework for Diverse IoT Platforms Based on OAuth and Role.基于OAuth和角色的多物联网平台可互操作访问控制框架
Sensors (Basel). 2019 Apr 20;19(8):1884. doi: 10.3390/s19081884.
2
Device Identification Interoperability in Heterogeneous IoT Platforms.异构物联网平台中的设备标识互操作性。
Sensors (Basel). 2019 Mar 23;19(6):1433. doi: 10.3390/s19061433.
3
Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE.基于 FIWARE 的物联网应用范围访问控制模型在发布/订阅架构上的评估。
Sensors (Basel). 2020 Aug 4;20(15):4341. doi: 10.3390/s20154341.
4
A Semantic-Enabled Platform for Realizing an Interoperable Web of Things.一种实现物联网互操作的语义化平台。
Sensors (Basel). 2019 Feb 19;19(4):869. doi: 10.3390/s19040869.
5
Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources.基于将通信过程建模为资源的物联网环境访问控制机制
Sensors (Basel). 2018 Mar 20;18(3):917. doi: 10.3390/s18030917.
6
Blockchain-Based Context-Aware Authorization Management as a Service in IoT.基于区块链的物联网上下文感知授权管理即服务。
Sensors (Basel). 2021 Nov 18;21(22):7656. doi: 10.3390/s21227656.
7
A Multi-Protocol IoT Platform Based on Open-Source Frameworks.基于开源框架的多协议物联网平台。
Sensors (Basel). 2019 Sep 28;19(19):4217. doi: 10.3390/s19194217.
8
Development of Virtual Resource Based IoT Proxy for Bridging Heterogeneous Web Services in IoT Networks.基于虚拟资源的物联网代理的开发,用于弥合物联网网络中异构 Web 服务之间的差距。
Sensors (Basel). 2018 May 26;18(6):1721. doi: 10.3390/s18061721.
9
Breaking Vendors and City Locks through a Semantic-enabled Global Interoperable Internet-of-Things System: A Smart Parking Case.通过语义支持的全球可互操作的物联网系统打破供应商和城市的锁定:智能停车案例。
Sensors (Basel). 2019 Jan 9;19(2):229. doi: 10.3390/s19020229.
10
A Proof-of-Concept for Semantically Interoperable Federation of IoT Experimentation Facilities.物联网实验设施语义互操作联盟的概念验证
Sensors (Basel). 2016 Jun 29;16(7):1006. doi: 10.3390/s16071006.

引用本文的文献

1
Systematic Review of Authentication and Authorization Advancements for the Internet of Things.物联网身份验证和授权技术的系统评价
Sensors (Basel). 2022 Feb 10;22(4):1361. doi: 10.3390/s22041361.
2
Building Topic-Driven Virtual IoTs in a Multiple IoTs Scenario.在多物联网场景中构建主题驱动的虚拟物联网
Sensors (Basel). 2019 Jul 4;19(13):2956. doi: 10.3390/s19132956.