Internet of Things Security, Device Authentication and Access Control: A Review

TL;DR

This paper reviews IoT security challenges, cyberattacks, and the limitations of traditional solutions, while providing a comprehensive survey of device authentication and access control techniques in IoT.

Contribution

It offers the first comprehensive survey focusing specifically on device authentication and access control methods in IoT security.

Findings

Classifies cyberattacks across IoT architecture layers.

Highlights challenges of applying cryptography in IoT.

Summarizes state-of-the-art authentication techniques.

Abstract

The Internet of Things (IoT) is one of the emerging technologies that has grabbed the attention of researchers from academia and industry. The idea behind Internet of things is the interconnection of internet enabled things or devices to each other and to humans, to achieve some common goals. In near future IoT is expected to be seamlessly integrated into our environment and human will be wholly solely dependent on this technology for comfort and easy life style. Any security compromise of the system will directly affect human life. Therefore security and privacy of this technology is foremost important issue to resolve. In this paper we present a thorough study of security problems in IoT and classify possible cyberattacks on each layer of IoT architecture. We also discuss challenges to traditional security solutions such as cryptographic solutions, authentication mechanisms and key management in IoT. Device authentication and access controls is an essential area of IoT security, which is not surveyed so far. We spent our efforts to bring the state of the art device authentication and access control techniques on a single paper.