New Paradigms for Authorization and Access Control in Constrained Environnements

Cherkaoui, Abdelkarim and Bossuet, Lilian and Seitz, Ludwig and Selander, Göran and Borgaonkar, Ravi (2014) New Paradigms for Authorization and Access Control in Constrained Environnements. In: 9th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC 2014), 26-28 March 2014, Montpellier, France.

Full text not available from this repository.

Official URL:


The Internet of Things (IoT) is here, more than 10 billion units are already connected and five times more devices are expected to be deployed in the next five years. Technological standarization and the management and fostering of rapid innovation by governments are among the main challenges of the IoT. However, security and privacy are the key to make the IoT reliable and trusted. Security mechanisms for the IoT should provide features such as scalability, interoperability and lightness. This paper adresses authentication, authorization and access control in the frame of the IoT. It describes two technologies which, used in conjunction, provide all the credentials for secure authorization and access control in wireless constrained hardware systems with scalability and interoperability requirements. Physical Unclonable Functions (PUF) are lightweight cryptographic primitives that can be easily embedded in reconfigurable hardware. They provide secure, low-cost authentication means for constrained devices. Embedded Subscriber Identity Module (eSIM) provide cellular connectivity with scalability, interoperability and standard compliant security protocols. An authorization scheme involving a client, an authorization server and a constrained resource server is proposed based on PUF and eSIM features. Concrete IoT uses cases are discussed (SCADA and building automation).

Item Type:Conference or Workshop Item (Paper)
ID Code:5725
Deposited By:Ludwig Seitz
Deposited On:04 Nov 2014 09:06
Last Modified:04 Nov 2014 09:06

Repository Staff Only: item control page