Access Management in Lightweight IoT: A Comprehensive review of ACE-OAuth framework
Shrestha, Bikesh (2023-12-21)
Access Management in Lightweight IoT: A Comprehensive review of ACE-OAuth framework
(21.12.2023)
Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.
avoin
Julkaisun pysyvä osoite on:
https://urn.fi/URN:NBN:fi-fe20231222157044
https://urn.fi/URN:NBN:fi-fe20231222157044
Tiivistelmä
With the expansion of Internet of Things (IoT), the need for secure and scalable authentication and
authorization mechanism for resource-constrained devices is becoming increasingly important. This
thesis reviews the authentication and authorization mechanisms in resource-constrained Internet of
Things (IoT) environments. The thesis focuses on the ACE-OAuth framework, which is a lightweight
and scalable solution for access management in IoT. Traditional access management protocols are not
well-suited for the resource-constrained environment of IoT devices. This makes the lightweight
devices vulnerable to cyber-attacks and unauthorized access. This thesis explores the security
mechanisms and standards, the protocol flow and comparison of ACE-OAuth profiles. It underlines
their potential risks involved with the implementation. The thesis delves into the existing and
emerging trends technologies of resource-constrained IoT and identifies limitations and potential
threats in existing authentication and authorization methods.
Furthermore, comparative analysis of ACE profiles demonstrated that the DTLS profile enables
constrained servers to effectively handle client authentication and authorization. The OSCORE
provides enhanced security and non-repudiation due to the Proof-of-Possession (PoP) mechanism,
requiring client to prove the possession of cryptographic key to generate the access token.
The key findings in this thesis, including security implications, strengths, and weaknesses for ACE
OAuth profiles are covered in-depth. It shows that the ACE-OAuth framework’s strengths lie in its
customization capabilities and scalability. This thesis demonstrates the practical applications and
benefits of ACE-OAuth framework in diverse IoT deployments through implementation in smart
home and factory use cases. Through these discussions, the research advances the application of
authentication and authorization mechanisms and provides practical insights into overcoming the
challenges in constrained IoT settings.
authorization mechanism for resource-constrained devices is becoming increasingly important. This
thesis reviews the authentication and authorization mechanisms in resource-constrained Internet of
Things (IoT) environments. The thesis focuses on the ACE-OAuth framework, which is a lightweight
and scalable solution for access management in IoT. Traditional access management protocols are not
well-suited for the resource-constrained environment of IoT devices. This makes the lightweight
devices vulnerable to cyber-attacks and unauthorized access. This thesis explores the security
mechanisms and standards, the protocol flow and comparison of ACE-OAuth profiles. It underlines
their potential risks involved with the implementation. The thesis delves into the existing and
emerging trends technologies of resource-constrained IoT and identifies limitations and potential
threats in existing authentication and authorization methods.
Furthermore, comparative analysis of ACE profiles demonstrated that the DTLS profile enables
constrained servers to effectively handle client authentication and authorization. The OSCORE
provides enhanced security and non-repudiation due to the Proof-of-Possession (PoP) mechanism,
requiring client to prove the possession of cryptographic key to generate the access token.
The key findings in this thesis, including security implications, strengths, and weaknesses for ACE
OAuth profiles are covered in-depth. It shows that the ACE-OAuth framework’s strengths lie in its
customization capabilities and scalability. This thesis demonstrates the practical applications and
benefits of ACE-OAuth framework in diverse IoT deployments through implementation in smart
home and factory use cases. Through these discussions, the research advances the application of
authentication and authorization mechanisms and provides practical insights into overcoming the
challenges in constrained IoT settings.