Identity in the internet-of-things (IoT): New challenges and opportunities

Abstract

From digitization to datafication, Internet-of-Things (IoT) plays an important role as enabler in the value creation process from big data. As is expected, security has naturally become one main concern in the IoT deployment. Due to the unique features and requirements of IoT, including limited compute resources, power, bandwidth and massive number of deployed IoT objects, and its loosely coupled networked architecture, new strategies and techniques are needed to provide feasible and practical solutions to IoT security. While substantial research efforts have been focusing on the lightweight communication protocols and cryptography/compression engines, one fundamental science question being asked is on the notion of “Identity in the Internet-of-Things” (or IDoT). In this paper, we would like to first explore the concept of IDoT and analyze why it is so unique as compared to the concept of “Identity of Users” (IDoU) in traditional networks and systems. Then we will survey on attribute-based, multi-factor authentication as an important approach to put this IDoT concept into practice. We will conclude this paper with open research issues in this direction.