Big Challenges in IoT’s Identity and Access Management Systems
摘要
On the Internet of Things (IoT), entities (devices, objects, people, applications, services, etc.) are represented by digital identities, which are the keystone of all digital interactions and the foundation on which security mechanisms such as authentication and authorisation are built. To manage these identities and control access to protected resources, identity and access management (IAM) systems are emerged. These systems provide a centralised framework for identification, authenticating, authorising and provisioning users, in order to protect sensitive data and prevent unauthorised access. In this paper, we will present the benefits of implementing an IAM system and its main functionalities. Next, we provide an overview of popular IAM protocols such as Security Assertion Markup Language (SAML), Open Authorization (OAuth) and OpenID Connect, exploring their use cases and limitations. Then we will highlight the challenges of building IAM systems for the IoT.