Security and Communication Networks

Review Article

Survey of Authentication and Authorization for the Internet of Things

Table 4

Summary of authorization articles.


Article	Centralized	Decentralized	U2M	M2M	Context-aware	Policies creator	Domain	Policies based on	Specifics

[18]	Yes	Yes	N/A	N/A	No	Data creator	Healthcare	Roles	Rules tied to the data
[20]	No	Yes	Yes	Yes	No	Resource owner	Any	N/A	Constrained devices
[21]	Yes	No	No	Yes	No	Administrator	Any	N/A	ARM compliant; describes access control generally
[23]	Yes	No	Yes	Yes	No	Administrator	Any	N/A	OAuth; tokens
[26]	N/A	N/A	Yes	No	Yes	N/A	Any	Data itself	Biometric information used
[28]	Yes	No	Yes	Yes	Yes	Administrator	Healthcare	Attributes	Supports with attribute inheritance
[30]	N/A	N/A	No	Yes	No	Administrator	Any	N/A	WS-Security adaptation for IoT
[32]	Yes	No	Yes	Yes	Yes	Administrator	Healthcare	Attributes	Full security framework
[33]	No	Yes	Yes	Yes	No	Resource owner	Any	OrBAC	Reinforced learning to update rules
[36]	Yes	Yes	Yes	Yes	No	N/A	Any	Attributes	ARM compliant; Attributes extended with trust based on various concerns in the network
[37]	No	Yes	Yes	No	No	Resource owner	Any	Direct grants	Tokens; Possible to share permissions
[38]	No	Yes	N/A	N/A	Yes	Data creator	Any	Attributes	Data decryption only with correct attributes
[39]	No	Yes	N/A	Yes	Yes	System	Any	Bayesian decision	Bayesian decision theory for authorization
[40]	No	Yes	Yes	Yes	No	Resource owner	Any	Direct grant	Propagation through blockchain
[41]	Yes	No	Yes	Yes	No	N/A	Healthcare	N/A	OAuth; tokens
[34]	N/A	N/A	Yes	Yes	Yes	Resource owner	Any	Attributes	Perception layer framework
[42]	Yes	Yes	Yes	Yes	No	Resource owner	Any	Direct grant	Access control specified for functionalities
[43]	Yes	Yes	No	Yes	No	Resource owner	Smart building	Attributes	OAuth; XACML; tokens
[44]	N/A	N/A	No	Yes	No	N/A	Any	N/A	Constrained devices
[45]	Yes	Yes	No	Yes	No	Data creator	Cloud	Attributes	Gateway, device and cloud share data encryption