MultiAuth-WoT - a Multimodal Service for Web of Things Athentication and Identification

Resumo

The Web of Things (WoT) is a new paradigm regarding the integration of the real world objects to the virtual world through the Web. This paradigm enables the development of powerful applications and services. In this context, security of data users and devices, and system reliability are important aspects. OpenId Connect is the identity layer designed to provide access authentication and identification to services by applications. Designed to be an extensible protocol and based on a Web REST architecture, it is able to serve different types of applications. This paper proposes the use of OpenId Connect protocol into the WoT context, in order to provide multiple mechanisms for user authentication. The proposed model is implemented into an infrastructure that provides access to physical devices on the Web through an Enterprise Service Bus (ESB). In this ESB, the MultiAuthWoT service should perform the authentication by intermediating the communication between the application and the OpenId Connect provider. As a case study, we used a Smart Room application, which controls devices like security cameras, air-conditioning, lightning and sensors. Finally, we analyze the extension of the OpenId Connect protocol into the WoT context as technology capable to fulfill the multimodality authentication requirement.