Skip to main content
. 2021 Oct 14;21(20):6832. doi: 10.3390/s21206832

Table 2.

Summary of Access Control Mechanisms for the IoT based on ProBAC.

Ref. Purposes Key Contribution Implementation
[47] Examining the employment of data security and access control for an IoT-based system. Proposes a protocol called Intelligent Service Security Application Protocol (ISSAP) that uses a data packet encapsulation mechanism for IoT access control. No
[48] Building an access control model supported by DTLS. Proposes an approach for securing IoT access control using DTLS protocol and existing Internet standards. Yes
[49] Employment of light-weight key management mechanism for securing IoT access control. Proposes a centralized access control model using CoAP supported by DTLS for transport security. Yes
[51] Employment of lightweight key management mechanisms by avoiding resource expensive public key cryptography. Proposes a flexible and delegation based authentication and authorization framework for constrained IoT devices. Yes
[52] Providing a holistic framework for securing SOA-based low power networks that are composed of constrained IoT devices. Develops an access control framework considering the resource limited nature of the IoT devices using CoAP and Kerberos. Yes
[53] Building a smart gateway-based authentication and authorization method to prevent unauthorized access of medical information in an IoT-enabled smart healthcare facility. Develops an access control framework combined with DTLS and CoAP-based authentication scheme for the IoT to provide high-end security in the datagram transport. Yes
[54] Examining an access control delegation using lightweight key management protocol. Proposes a framework for delegating client authentication and authorization in a constrained environment using symmetric key cryptography. No
[55] Examining the use of PKI for IoT access control. Develops an authorization and access control framework for IoT environment using a PKI scheme. Yes
[56] Examining the authentication in the life-cycle of an IoT device to secure access control. Develops an Authentication of Things (AoT) protocol that addresses authentication and access control during the entire life-cycle of an IoT device. Yes
[57] Building an access control framework for resource-rich devices to perform expensive computation and processing tasks. Proposes a cryptographic scheme for access control in IoT devices named Efficient and Tiny Authentication (ETA). No
[58] Overcoming the overhead of heavy-weight PKI based cryptosystems within the resource limited IoT devices. Proposes an end-to-end authentication framework for IoT by employing IBC and ECC. No
[59] Examining how to reduce the computational load requirements for sensor networks. Proposes a user authentication protocol for WSNs using ECC and smart cards. No
[60] Examining how to reduce the computational load requirements for IoT systems. Proposes a flexible and light-weight ECC based authentication scheme for resource constrained IoT systems. No
[61] Investigating the use of OAuth2 to build a federated and user-directed access control framework for the IoT. Develops an access control framework for IoT based on OAuth. Yes
[62] Investigating the use OAuth2 to build an IoT access control framework. Develops an access control framework, called ‘OAuth-IoT’, for the IoT based on open standards OAuth protocol. Yes
[63] Building a unified access control scheme that integrates heterogeneous IoT devices and internet-based services. Develops an IoT access control framework by integrating IoT devices with web-based services. Yes
[64] Designing a light-weight access control mechanism for IoT systems. Discusses an access control enforcement mechanism within MQTT-based IoT systems. Yes
[65] Building an access control framework by providing fine-grained (remote) customization of access policies. Proposes an architecture called ‘IoT-OAS’ which is an OAuth-Based authorization service architecture for secure services in IoT scenarios. Yes
[66] Examining light-weight access control frameworks to provide flexibility to existing Web-based services. Proposes an access control framework for IoT based on CoAP. No