Uma Infraestrutura de Autenticação e de Autorização para Internet das Coisas baseada no SAML e XACML
Abstract
The adoption of an Authentication and Authorization Infrastructure (IAA) is an important factor to the effective use of the Internet of Things (IoT). This work aims to provide authentication and authorization of users and smart devices that are in different administrative security domains and that use different communication technology. For this, an IAA based in the federated identity model and that adopts SAML and XACML standards is being developed. For the impacts evaluation of the IAA, an IoT application of remote control and monitoring of industrial machines is being developed.
References
Atzori, L., Iera, A. e Morabito, G. (2010), “The Internet of Things: A survey”, In: Computer Networks, n. 54, pages 2787-2805.
Babar, S., Stango, A., Prasad, N., Sen, J. e Prasad, R. (2011). Proposed embedded security framework for internet of things (iot). In Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), 2011 2nd International Conference on, pages 1–5.
Guinard, D. e Trifa, V. (2009), “Towards the Web of Things: Web Mashups for Embedded Devices”, In: International World Wide Web conferences, Proceedings of Workshop on Mashups, Enterprise Mashups and Lightweight Composition on the Web, pages 196199, IEEE Press.
IETF. (2001), “Policy Core Information Model”. https://www.ietf.org/rfc/rfc3060.txt, Set 2013.
ITU-T (2009), “NGN identity management framework. Recommendation Y.2720”, [link], Maio 2013.
Liu, J., Xiao, Y., e Chen, C. P. (2012), “Authentication And Access Control in the Internet of Things”, In: 32nd International Conference, Distributed Computing Systems Workshops, pages 588-592, IEEE Computer Society.
Mahalle, P., Babar, S., Prasad, N. R., & Prasad, R. (2010), “Identity Management Framework towards Internet of Things (IoT): Roadmap and Key Challenges”, In: Recent Trends in Network Security and Applications, v. 89, pages 430 – 439.
OASIS (2003), “A Brief Introduction to XACML”, [link], 2013.
OASIS (2008), “Security Assertion Markup Language (SAML) V2.0 Technical Overview”, [link], Junho 2013.
Babar, S., Stango, A., Prasad, N., Sen, J. e Prasad, R. (2011). Proposed embedded security framework for internet of things (iot). In Wireless Communication, Vehicular Technology, Information Theory and Aerospace & Electronic Systems Technology (Wireless VITAE), 2011 2nd International Conference on, pages 1–5.
Guinard, D. e Trifa, V. (2009), “Towards the Web of Things: Web Mashups for Embedded Devices”, In: International World Wide Web conferences, Proceedings of Workshop on Mashups, Enterprise Mashups and Lightweight Composition on the Web, pages 196199, IEEE Press.
IETF. (2001), “Policy Core Information Model”. https://www.ietf.org/rfc/rfc3060.txt, Set 2013.
ITU-T (2009), “NGN identity management framework. Recommendation Y.2720”, [link], Maio 2013.
Liu, J., Xiao, Y., e Chen, C. P. (2012), “Authentication And Access Control in the Internet of Things”, In: 32nd International Conference, Distributed Computing Systems Workshops, pages 588-592, IEEE Computer Society.
Mahalle, P., Babar, S., Prasad, N. R., & Prasad, R. (2010), “Identity Management Framework towards Internet of Things (IoT): Roadmap and Key Challenges”, In: Recent Trends in Network Security and Applications, v. 89, pages 430 – 439.
OASIS (2003), “A Brief Introduction to XACML”, [link], 2013.
OASIS (2008), “Security Assertion Markup Language (SAML) V2.0 Technical Overview”, [link], Junho 2013.
Published
2013-11-11
How to Cite
DOMENECH, Marlon C.; WANGHAM, Michelle S..
Uma Infraestrutura de Autenticação e de Autorização para Internet das Coisas baseada no SAML e XACML. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 13. , 2013, Manaus.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2013
.
p. 342-345.
DOI: https://doi.org/10.5753/sbseg.2013.19557.
