TY - CHAP
T1 - IoT Identity Management Systems: The State-of-the-Art, Challenges and a Novel Architecture
AU - Gebresilassie, Samson
AU - Rafferty, Joseph
AU - Chen, Luke
AU - Cui, Zhan
AU - Abu-Tair, Mamun
PY - 2024/4/10
Y1 - 2024/4/10
N2 - The Internet of Things (IoT) is a technology paradigm that has trans- formed several domains including manufacturing, agriculture, healthcare, power grids, travel and retail. However, the growth of this interconnected world of IoT devices with their services is not without consequences, including identity-related security challenges. Security threats to identities can be vulnerabilities, miscon- figurations, insecure credential storage, credential theft and social engineering. The range of different techniques that attackers use to get access to users, devices and other resources lead to serious consequences from the loss of an individual’s identity to the sensitive and financial data of institutions. Thus, implementing a robust and secure identity management system (IDMS) is critical in achieving an overall secure IoT environment. Approaches for strong identity management do exist, however, they carry some deficiencies making them inadequate to address the current identity-related security challenges of IoT. These challenges include failure to provide an all-in-one decentralized IDMS inclusive of profiling (reg- istration of entity’s attributes) and identification, authentication, identity-related attack risk analysis, and trust establishment mechanisms. The purpose of this work is to investigate existing IDMS and their limitations and propose a novel architecture featuring decentralization, trust, cross-platform, and identity-related attack risk-aware mechanisms with the help of deep learning, trust, and distributed ledger technologies. The proposed IDMS architecture is also compared with exist- ing solutions using qualitative features like availability, trust establishment, attack risk-aware capability, robustness, and cross-platform functionality.
AB - The Internet of Things (IoT) is a technology paradigm that has trans- formed several domains including manufacturing, agriculture, healthcare, power grids, travel and retail. However, the growth of this interconnected world of IoT devices with their services is not without consequences, including identity-related security challenges. Security threats to identities can be vulnerabilities, miscon- figurations, insecure credential storage, credential theft and social engineering. The range of different techniques that attackers use to get access to users, devices and other resources lead to serious consequences from the loss of an individual’s identity to the sensitive and financial data of institutions. Thus, implementing a robust and secure identity management system (IDMS) is critical in achieving an overall secure IoT environment. Approaches for strong identity management do exist, however, they carry some deficiencies making them inadequate to address the current identity-related security challenges of IoT. These challenges include failure to provide an all-in-one decentralized IDMS inclusive of profiling (reg- istration of entity’s attributes) and identification, authentication, identity-related attack risk analysis, and trust establishment mechanisms. The purpose of this work is to investigate existing IDMS and their limitations and propose a novel architecture featuring decentralization, trust, cross-platform, and identity-related attack risk-aware mechanisms with the help of deep learning, trust, and distributed ledger technologies. The proposed IDMS architecture is also compared with exist- ing solutions using qualitative features like availability, trust establishment, attack risk-aware capability, robustness, and cross-platform functionality.
UR - https://link.springer.com/chapter/10.1007/978-3-031-57853-3_11
M3 - Chapter
SN - 978-3-031-57852-6
VL - 2
T3 - Lecture Notes on Data Engineering and Communications Technologies
SP - 122
EP - 135
BT - Advanced Information Networking and Applications
CY - Switzerland
ER -