Authentication and Authorization schemes for Internet of Things

Abstract

Nowadays the Internet of Things is very much in use in the real world which is the net- work of constrained devices like the sensor. The IoT devices have very limited resources in terms of computational power, memory, energy etc. The IETF (Internet Engineering Task Force) has defined several protocols especially for the resource which have con- strained environment like CoAP, RPL, MQTT etc. at different layers. Authentication and Authorization are essential to handle secure communication in IoT environment. OAuth 2.0 Protocol is an open standard protocol which is used to grant access to the restricted resource via third-party authentication for REST Web architecture. There are some challenges which are faced when we deploy Oauth 2.0 Protocol in IoT environment because of constrained resources used in IoT devices. To analyze these challenges we experimented with various OAuth servers and messaging standards which packs and un- packs messages by serialization and deserialization. Different messaging approaches for authorization and authentication for the constrained environment have been analyzed in the context of latency and energy consumption.