{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,3,26]],"date-time":"2026-03-26T14:12:24Z","timestamp":1774534344188,"version":"3.50.1"},"reference-count":77,"publisher":"Springer Science and Business Media LLC","issue":"7-8","license":[{"start":{"date-parts":[[2019,3,2]],"date-time":"2019-03-02T00:00:00Z","timestamp":1551484800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Ann. Telecommun."],"published-print":{"date-parts":[[2019,8]]},"DOI":"10.1007\/s12243-019-00709-7","type":"journal-article","created":{"date-parts":[[2019,3,2]],"date-time":"2019-03-02T21:48:19Z","timestamp":1551563299000},"page":"375-388","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":63,"title":["Access control in the Internet of Things: a survey of existing approaches and open research questions"],"prefix":"10.1007","volume":"74","author":[{"given":"Emmanuel","family":"Bertin","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dina","family":"Hussein","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Cigdem","family":"Sengul","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vincent","family":"Frey","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,3,2]]},"reference":[{"issue":"1","key":"709_CR1","first-page":"35","volume":"19","author":"C Shang","year":"2014","unstructured":"Shang C, Zhou MC, Chen C (Mar. 2014) Cellphone data and applications. Int J Intell Control Syst 19(1):35\u201345","journal-title":"Int J Intell Control Syst"},{"key":"709_CR2","unstructured":"TRUSTe (2015) Majority of consumers want to own the personal data collected from their smart devices, availabile online: \n                    https:\/\/www.trustarc.com\/blog\/2015\/01\/05\/majorityconsumers-want-own-personal-data-survey\/\n                    \n                  . Accessed 28 Feb 2019"},{"key":"709_CR3","doi-asserted-by":"crossref","unstructured":"Brooks S, Garcia M, Lefkovitz N, Lightman S, Nadeau E (2017) \"An introduction to privacy engineering and risk management in federal systems,\" National Institute of Standards and Technology Internal Report 8062","DOI":"10.6028\/NIST.IR.8062"},{"key":"709_CR4","unstructured":"Hugo Teufel III CPO (2008) Fair Information Practice Principles: framework for privacy, Privacy Policy Guidance Memorandum"},{"key":"709_CR5","unstructured":"International Organization for Standardization (ISO), ISO\/IEC 29100 (2011) Information technology, security techniques, privacy framework, Dec. 2011"},{"key":"709_CR6","unstructured":"Cavoukian A (2012) Privacy by Design and the emerging personal data ecosystem, accessible online: \n                    https:\/\/www.ipc.on.ca\/wp-content\/uploads\/Resources\/pbd-pde.pdf\n                    \n                  . Accessed 28 Feb 2019"},{"key":"709_CR7","unstructured":"General Data Protection Regulation (GDPR) (2018) General data protection regulation (GDPR) [online]. Available at: \n                    https:\/\/gdpr-info.eu\/\n                    \n                  . Accessed 28 Feb 2019"},{"issue":"5","key":"709_CR8","doi-asserted-by":"publisher","first-page":"96","DOI":"10.1109\/MIC.2015.108","volume":"19","author":"VG Cerf","year":"2015","unstructured":"Cerf VG (2015) Access control and the Internet of Things. IEEE Internet Comput 19(5):96","journal-title":"IEEE Internet Comput"},{"key":"709_CR9","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1016\/j.comnet.2014.11.008","volume":"76","author":"S Sicari","year":"2015","unstructured":"Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A (2015) Security privacy and trust in Internet of Things: the road ahead. Comput Netw 76:146\u2013164","journal-title":"Comput Netw"},{"issue":"September 1978","key":"709_CR10","doi-asserted-by":"publisher","first-page":"310","DOI":"10.1145\/320263.320288","volume":"3, 3","author":"R Fagin","year":"1978","unstructured":"Fagin R (1978) On an authorization mechanism. ACM Trans Database Syst 3, 3(September 1978):310\u2013319","journal-title":"ACM Trans Database Syst"},{"issue":"September 1993","key":"709_CR11","doi-asserted-by":"publisher","first-page":"706","DOI":"10.1145\/155183.155225","volume":"15, 4","author":"M Abadi","year":"1993","unstructured":"Abadi M, Burrows M, Lampson B, Gordon P (1993) A calculus for access control in distributed systems. ACM Trans Program Lang Syst 15, 4(September 1993):706\u2013734","journal-title":"ACM Trans Program Lang Syst"},{"issue":"5","key":"709_CR12","doi-asserted-by":"publisher","first-page":"1189","DOI":"10.1016\/j.mcm.2013.02.006","volume":"58","author":"S Gusmeroli","year":"2013","unstructured":"Gusmeroli S, Piccione S, Rotondi D (2013) A capability-based security approach to manage access control in the Internet of Things. Math Comput Model 58(5):1189\u20131205","journal-title":"Math Comput Model"},{"issue":"5","key":"709_CR13","doi-asserted-by":"publisher","first-page":"508","DOI":"10.1109\/JIOT.2014.2358296","volume":"1","author":"S Cirani","year":"2014","unstructured":"Cirani S, Davoli L, Ferrari G, L\u00e9one R, Medagliani P, Picone M, Veltri L (2014) A scalable and self-configuring architecture for service discovery in the Internet of Things. IEEE Internet Things J 1(5):508\u2013521","journal-title":"IEEE Internet Things J"},{"issue":"10","key":"709_CR14","doi-asserted-by":"publisher","first-page":"2266","DOI":"10.1016\/j.comnet.2012.12.018","volume":"57","author":"R Roman","year":"2013","unstructured":"Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed Internet of Things. Comput Netw 57(10):2266\u20132279","journal-title":"Comput Netw"},{"key":"709_CR15","volume-title":"RFC 7452, IETF","author":"H Tschofenig","year":"2015","unstructured":"Tschofenig H, Arkko J, Thaler D, McPherson DR (2015) Architectural considerations in smart object networking. In: RFC 7452, IETF"},{"key":"709_CR16","doi-asserted-by":"crossref","unstructured":"Ouaddah A, Mousannif H, Abou El Kalam A, Ouahman AAIT (2017) Access control in the Internet of Things: big challenges and new opportunities. Comput Netw 112:237\u2013262","DOI":"10.1016\/j.comnet.2016.11.007"},{"key":"709_CR17","doi-asserted-by":"crossref","unstructured":"Bui DT, Douville R, Boussard M (2016) \"Supporting multicast and broadcast traffic for groups of connected devices,\" 2016 IEEE NetSoft Conference and Workshops (NetSoft), Seoul, 2016, pp. 48\u201352","DOI":"10.1109\/NETSOFT.2016.7502441"},{"key":"709_CR18","volume-title":"Technical report, Technical Report MTIS AD-A023588","author":"DE Bell","year":"1975","unstructured":"Bell DE, La Padula LJ (1975) Secure computer system: unified exposition and Multics interpretation. In: Technical report, Technical Report MTIS AD-A023588. MITRE Corporation, McLean"},{"issue":"2","key":"709_CR19","doi-asserted-by":"publisher","first-page":"236","DOI":"10.1145\/360051.360056","volume":"19","author":"DE Denning","year":"1976","unstructured":"Denning DE (1976) A lattice model of secure information flow. Commun ACM 19(2):236\u2013243","journal-title":"Commun ACM"},{"issue":"9","key":"709_CR20","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1109\/35.312842","volume":"32","author":"RS Sandhu","year":"1994","unstructured":"Sandhu RS, Samarati P (1994) Access control: principle and practice. IEEE Commun Mag 32(9):40\u201348","journal-title":"IEEE Commun Mag"},{"key":"709_CR21","doi-asserted-by":"publisher","first-page":"237","DOI":"10.1016\/S0065-2458(08)60206-5","volume":"46","author":"RS Sandhu","year":"1998","unstructured":"Sandhu RS (1998) Role-based access control. Adv Comput 46:237\u2013286","journal-title":"Adv Comput"},{"key":"709_CR22","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/3-540-45608-2_3","volume":"2171","author":"P Samarati","year":"2001","unstructured":"Samarati P, Di Vimercati SDC (2001) Access control: policies, models, and mechanisms. Found Secur Anal Des 2171:137\u2013196","journal-title":"Found Secur Anal Des"},{"key":"709_CR23","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1109\/POLICY.2003.1206966","volume-title":"Proc. POLICY 2003. IEEE 4th Int. Work. Policies Distrib. Syst. Networks, IEEE Comput. Soc","author":"A Kalam","year":"2003","unstructured":"Kalam A, Baida R, Balbiani P, Benferhat S, Cuppens F, Deswarte Y, Miege A, Saurel C, Trouessin G (2003) Organization based access control. In: Proc. POLICY 2003. IEEE 4th Int. Work. Policies Distrib. Syst. Networks, IEEE Comput. Soc, pp 120\u2013131"},{"key":"709_CR24","unstructured":"Zhang G, Tian J (2010) An extended role based access control model for the Internet of Things, 2010 International Conference on Information, Networking and Automation (ICINA), 1, IEEE, pp. V1\u2013319"},{"key":"709_CR25","unstructured":"Jindou J, Xiaofeng Q, Cheng C (2012) Access control method for Web of Things based on role and SNS, in: 2012 IEEE 12th Int. Conf. Comput. Inf. Technol.,IEEE, pp. 316\u2013321"},{"key":"709_CR26","first-page":"14","volume-title":"Securing the Web of Things with role-based access control","author":"E Barka","year":"2015","unstructured":"Barka E, Mathew SS, Atif Y (2015) Securing the Web of Things with role-based access control. Springer International Publishing, New York City, pp 14\u201326"},{"key":"709_CR27","unstructured":"Liu J, Xiao Y, Chen CP (2012) Authentication and access control in the Internet of Things, in: 2012 32nd Int. Conf. Distrib. Comput. Syst. Work., IEEE, pp. 588\u2013592"},{"key":"709_CR28","first-page":"1","volume-title":"SmartOrBAC security and privacy in the Internet of Things, 2015 IEEE\/ACS 12th International Conference of Computer Systems and Applications","author":"I Bouij","year":"2015","unstructured":"I. Bouij - Pasquier, A. Ait Ouahman, A. Abou El Kalam and M. Ouabiba de Montfort, SmartOrBAC security and privacy in the Internet of Things, 2015 IEEE\/ACS 12th International Conference of Computer Systems and Applications (AICCSA), Marrakech, 2015, pp. 1\u20138"},{"key":"709_CR29","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2005.25","volume-title":"Attributed based access control (ABAC) for Web services, in: IEEE Int. Conf Web Serv, IEEE","author":"E Yuan","year":"2005","unstructured":"E. Yuan, J. Tong, Attributed based access control (ABAC) for Web services, in: IEEE Int. Conf Web Serv, IEEE, 2005"},{"issue":"4","key":"709_CR30","doi-asserted-by":"publisher","first-page":"1617","DOI":"10.12785\/amis\/080416","volume":"1624","author":"N Ye","year":"2014","unstructured":"Ye N, Zhu Y, Wang R-C, Malekian R, Qiao-min L (2014) An efficient authentication and access control scheme for perception layer of Internet of Things. Appl Math Inf Sci An Int J 1624(4):1617\u20131624","journal-title":"Appl Math Inf Sci An Int J"},{"key":"709_CR31","first-page":"1","volume-title":"2016 IEEE 7th Annual Information Technology","author":"M Hemdi","year":"2016","unstructured":"Hemdi M, Deters R (2016) Using REST-based protocol to enable ABAC within IoT systems. In: 2016 IEEE 7th Annual Information Technology. Electronics and Mobile Communication Conference (IEMCON), Vancouver, BC, pp 1\u20137"},{"key":"709_CR32","volume-title":"Interoperability and open-source solutions for the Internet of Things. InterOSS-IoT 2016. Lecture Notes in Computer Science","author":"S Sciancalepore","year":"2017","unstructured":"Sciancalepore S et al (2017) Attribute-based access control scheme in federated IoT platforms. In: Podnar \u017darko I, Broering A, Soursos S, Serrano M (eds) Interoperability and open-source solutions for the Internet of Things. InterOSS-IoT 2016. Lecture Notes in Computer Science, vol 10218. Springer, Cham"},{"key":"709_CR33","first-page":"545","volume-title":"\"Towards a self-adaptive access control middleware for the Internet of Things,\" 2018 International Conference on Information Networking (ICOIN), Chiang Mai, Thailand","author":"H Ouechtati","year":"2018","unstructured":"Ouechtati H, Ben Azzouna N, Ben Said L (2018) \"Towards a self-adaptive access control middleware for the Internet of Things,\" 2018 International Conference on Information Networking (ICOIN), Chiang Mai, Thailand, pp 545\u2013550"},{"key":"709_CR34","first-page":"328","volume-title":"\"Access control in IoT: from requirements to a candidate vision,\" 2017 20th Conference on Innovations in Clouds","author":"D Hussein","year":"2017","unstructured":"Hussein D, Bertin E, Frey V (2017) \"Access control in IoT: from requirements to a candidate vision,\" 2017 20th Conference on Innovations in Clouds. Internet and Networks (ICIN), Paris, pp 328\u2013330"},{"key":"709_CR35","first-page":"878","volume-title":"\"Multi-level privacy-preserving access control as a service for personal healthcare monitoring,\" 2017 IEEE International Conference on Web Services (ICWS), Honolulu, HI","author":"U Salama","year":"2017","unstructured":"Salama U, Yao L, Wang X, Paik HY, Beheshti A (2017) \"Multi-level privacy-preserving access control as a service for personal healthcare monitoring,\" 2017 IEEE International Conference on Web Services (ICWS), Honolulu, HI, pp 878\u2013881"},{"key":"709_CR36","first-page":"122","volume-title":"Proc. 1992 IEEE Comput. Soc. Symp. Res. Secur. Priv., IEEE Comput. Soc. Press","author":"R Sandhu","year":"1992","unstructured":"Sandhu R (1992) The typed access matrix model. In: Proc. 1992 IEEE Comput. Soc. Symp. Res. Secur. Priv., IEEE Comput. Soc. Press, pp 122\u2013136"},{"key":"709_CR37","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1145\/775265.775268","volume":"8","author":"B Lampson","year":"1974","unstructured":"Lampson B (1974) Protection, ACM SIGOPS. Oper Syst Rev 8:18\u201324","journal-title":"Oper Syst Rev"},{"key":"709_CR38","first-page":"749","volume-title":"Decentralized access permission control using resource-oriented architecture for the Web of Things, 16th International Conference on Advanced Communication Technology, Pyeongchang","author":"SW Oh","year":"2014","unstructured":"Oh SW, Kim HS (2014) Decentralized access permission control using resource-oriented architecture for the Web of Things, 16th International Conference on Advanced Communication Technology, Pyeongchang, pp 749\u2013753"},{"issue":"3","key":"709_CR39","doi-asserted-by":"publisher","first-page":"143","DOI":"10.1145\/365230.365252","volume":"9","author":"JB Dennis","year":"1966","unstructured":"Dennis JB, Van Horn EC (1966) Programming semantics for multiprogrammed computations. Commun ACM 9(3):143\u2013155","journal-title":"Commun ACM"},{"key":"709_CR40","first-page":"604","volume-title":"Capability-based access control delegation model on the federated IoT network, 2012 15th Int\u2019l. Symp. Wireless Personal Multimedia Commun","author":"B Anggorojati","year":"2012","unstructured":"Anggorojati B, Prasad NR, Prasad R (2012) Capability-based access control delegation model on the federated IoT network, 2012 15th Int\u2019l. Symp. Wireless Personal Multimedia Commun, pp 604\u2013608"},{"key":"709_CR41","first-page":"309","volume":"1","author":"P Mahalle","year":"2013","unstructured":"Mahalle P (2013) Identity authentication and capability-based access control (IACAC) for the Internet of Things. J Cyber Secur Mobility 1:309\u2013348","journal-title":"J Cyber Secur Mobility"},{"issue":"3\/4","key":"709_CR42","first-page":"1","volume":"3","author":"JL Hern\u00e1ndez-Ramos","year":"2013","unstructured":"Hern\u00e1ndez-Ramos JL et al (2013) Distributed capability-based access control for the Internet of Things. J Internet Serv Info Secur 3(3\/4):1\u201316","journal-title":"J Internet Serv Info Secur"},{"key":"709_CR43","doi-asserted-by":"publisher","unstructured":"Hern\u00e1ndez-Ramos JL, Jara AJ, Mar\u00edn L, G\u00f3mez AFS (2016) DCapBac: embedding authorization logic into smart things through ECC optimizations. Int J Comput Math 93(2):345\u2013366. \n                    https:\/\/doi.org\/10.1080\/00207160.2014.915316","DOI":"10.1080\/00207160.2014.915316"},{"key":"709_CR44","unstructured":"Gusmeroli S, Piccione S, Rotondi D (2012) IoT access control issues: a capability-based approach, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, Palermo, pp. 787\u2013792"},{"issue":"5","key":"709_CR45","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1109\/MIC.2011.119","volume":"15","author":"L Lynch","year":"2011","unstructured":"Lynch L (2011) Inside the identity management game. IEEE Internet Comput 15(5):78\u201382","journal-title":"IEEE Internet Comput"},{"issue":"6","key":"709_CR46","doi-asserted-by":"publisher","first-page":"18","DOI":"10.1109\/MIC.2014.128","volume":"18","author":"V Beltran","year":"2014","unstructured":"Beltran V, Bertin E, Crespi N (2014) User identity for WebRTC services: a matter of trust. IEEE Internet Comput 18(6):18\u201325","journal-title":"IEEE Internet Comput"},{"issue":"February 2017","key":"709_CR47","doi-asserted-by":"publisher","first-page":"429","DOI":"10.1016\/j.compeleceng.2016.12.008","volume":"58, C","author":"D Hussein","year":"2017","unstructured":"Hussein D, Han SN, Lee GM, Crespi N, Bertin E (2017) Towards a dynamic discovery of smart services in the social Internet of Things. Comput Electr Eng 58, C(February 2017):429\u2013443","journal-title":"Comput Electr Eng"},{"key":"709_CR48","first-page":"1","volume-title":"Proceedings of the 6th ACM workshop on Formal methods in security engineering","author":"A Armando","year":"2008","unstructured":"Armando A, Carbone R, Compagna L, Cuellar J, Tobarra L (2008) Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for Google apps. In: Proceedings of the 6th ACM workshop on Formal methods in security engineering. ACM, New York City, pp 1\u201310"},{"key":"709_CR49","unstructured":"Hardt D (2012) The OAuth 2.0 authorization framework, IETF RFC 6749, Oct. 2012, IETF. [online] \n                    http:\/\/tools.ietf.org\/html\/rfc6749\n                    \n                  . Accessed 28 Feb 2019"},{"key":"709_CR50","unstructured":"Home - WG \u2013 User-Managed Access - Kantara Initiative, [online] Available at \n                    https:\/\/kantarainitiative.org\/confluence\/display\/uma\/Home\n                    \n                  . Accessed 28 Feb 2019"},{"issue":"February","key":"709_CR51","first-page":"47","volume":"1","author":"G Zhang","year":"2011","unstructured":"Zhang G, Liu J (2011) A model of workflow-oriented attributed based access control. Int J Comput Netw Inf Secur 1(February):47\u201353","journal-title":"Int J Comput Netw Inf Secur"},{"key":"709_CR52","volume-title":"Security Assertion Markup Language (SAML) v2.0 technical overview","author":"J Hughes","year":"2005","unstructured":"Hughes J, Maler E (2005) Security Assertion Markup Language (SAML) v2.0 technical overview. OASIS SSTC Working Group, Clovis"},{"key":"709_CR53","volume-title":"Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0","author":"J Hughes","year":"2005","unstructured":"Hughes J, Cantor S, Hodges J, Hirsch F, Mishra P, Philpott R, Maler E (2005) Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, Burlington"},{"key":"709_CR54","volume-title":"eXtensible Access Control Markup Language (XACML), version 2.0","author":"T Moses","year":"2005","unstructured":"Moses T (2005) eXtensible Access Control Markup Language (XACML), version 2.0. OASIS Standard, Burlington"},{"issue":"3","key":"709_CR55","doi-asserted-by":"publisher","first-page":"62","DOI":"10.5815\/ijwmt.2012.03.10","volume":"2","author":"G Zhang","year":"2012","unstructured":"Zhang G, Liu J (2012) The study of access control for service-oriented computing in Internet of Things. Int J Wireless Microwave Technol (IJWMT) 2(3):62\u201368","journal-title":"Int J Wireless Microwave Technol (IJWMT)"},{"key":"709_CR56","unstructured":"Seitz L, Selander G, Gehrmann C (2013) Authorization framework for the Internet of Things, 2013 IEEE 14th International Symposium on \u201cA World of Wireless, Mobile and Multimedia Networks\u201d (WoWMoM), Madrid, pp. 1\u20136"},{"issue":"3","key":"709_CR57","doi-asserted-by":"publisher","first-page":"146","DOI":"10.1109\/MCOM.2017.1600611CM","volume":"55","author":"D Hussein","year":"2017","unstructured":"Hussein D, Bertin E, Frey V (March 2017) A community-driven access control approach in distributed IoT environments. IEEE Commun Mag 55(3):146\u2013153","journal-title":"IEEE Commun Mag"},{"key":"709_CR58","doi-asserted-by":"crossref","unstructured":"Jones M, Hildebrand J (2015) JSON Web Encryption (JWE). RFC 7516, IETF, available at \n                    http:\/\/tools.ietf.org\/html\/rfc7516\n                    \n                  . Accessed 28 Feb 2019","DOI":"10.17487\/RFC7516"},{"key":"709_CR59","unstructured":"Hammer-Lahav E (2010) The OAuth 1.0 protocol. RFC 5849, IETF, available at \n                    http:\/\/tools.ietf.org\/html\/rfc5849\n                    \n                  . Accessed 28 Feb 2019"},{"issue":"1","key":"709_CR60","doi-asserted-by":"publisher","first-page":"74","DOI":"10.1109\/MIC.2012.11","volume":"16","author":"B Leiba","year":"2012","unstructured":"Leiba B (2012) OAuth web authorization protocol. IEEE Internet Comput 16(1):74\u201377","journal-title":"IEEE Internet Comput"},{"key":"709_CR61","doi-asserted-by":"crossref","unstructured":"Fremantle P, Aziz B, Kopeck\u00fd J, Scott P (2014) Federated identity and access management for the Internet of Things, 2014 International Workshop on Secure Internet of Things, Wroclaw, pp 10\u201317","DOI":"10.1109\/SIoT.2014.8"},{"key":"709_CR62","unstructured":"Denniss W, Bradley J, Jones M, Tschofenig H OAuth 2.0 device flow for browserless and input constrained devices, Internet-draft, IETF, draft-ietf-oauth-device-flow-09"},{"key":"709_CR63","unstructured":"Seitz L, Gerdes S, Selander G, Mani M, Kumar S (2016) Use cases for authentication and authorization in constrained environments, RFC 7744, January 2016, IETF"},{"key":"709_CR64","volume-title":"CBOR Web Token (CWT), RFC 8392, May 2018","author":"M Jones","year":"2018","unstructured":"Jones M, Wahlstroem E, Erdtman S, Tschofenig H (2018) CBOR Web Token (CWT), RFC 8392, May 2018. IETF, Fremont"},{"key":"709_CR65","doi-asserted-by":"publisher","first-page":"706","DOI":"10.1109\/WF-IoT.2016.7845482","volume-title":"2016 IEEE 3rd World Forum on Internet of Things (WF-IoT)","author":"V Beltran","year":"2016","unstructured":"Beltran V, Skarmeta AF (2016) An overview on delegated authorization for CoAP: authentication and authorization for constrained environments (ACE). In: 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), pp 706\u2013710"},{"key":"709_CR66","first-page":"49","volume-title":"Computer, vol. 49, no. 11","author":"X Su","year":"2016","unstructured":"Su X et al (2016) Privacy as a service: protecting the individual in healthcare data processing. In: Computer, vol. 49, no. 11, pp 49\u201359"},{"key":"709_CR67","unstructured":"OMA (2017) Lightweight machine to machine requirements, Candidate Version 1.1 \u2013 08 Dec 2017, Open Mobile Alliance"},{"key":"709_CR68","unstructured":"Costa D, Mingozzi E, Tanganelli G, Vallati C (2016) An AllJoyn to CoAP bridge, 2016 IEEE 3rd World Forum on Internet of Things (WF-IoT), Reston, VA, pp. 395\u2013400"},{"issue":"2","key":"709_CR69","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MSP.2017.43","volume":"15","author":"E Fernandes","year":"2017","unstructured":"Fernandes E, Rahmati A, Jung J, Prakash A (2017) Security implications of permission models in smart-home application frameworks. IEEE Secur Priv 15(2):24\u201330","journal-title":"IEEE Secur Priv"},{"issue":"6","key":"709_CR70","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1109\/MWC.2010.5675777","volume":"17","author":"M Zorzi","year":"2010","unstructured":"Zorzi M, Gluhak A, Lange S, Bassi A (2010) From today\u2019s INTRAnet of things to a future INTERnet of things: a wireless- and mobility-related view. IEEE Wirel Commun 17(6):44\u201351","journal-title":"IEEE Wirel Commun"},{"key":"709_CR71","unstructured":"Dillet R (2017) Netatmo is trying really hard to make the smart home happen. January 3, 2017, Techcrunch. Available at: \n                    https:\/\/techcrunch.com\/2017\/01\/03\/netatmo-is-trying-really-hard-to-make-the-smart-home-happen\n                    \n                  . Accessed 28 Feb 2019"},{"issue":"3\u20134","key":"709_CR72","doi-asserted-by":"publisher","first-page":"187","DOI":"10.1007\/s12243-008-0080-z","volume":"64","author":"E Bertin","year":"2009","unstructured":"Bertin E, Crespi N (2009) Service business processes for the next generation of services: a required step to achieve service convergence. Ann Telecommun 64(3\u20134):187\u2013196","journal-title":"Ann Telecommun"},{"issue":"2","key":"709_CR73","first-page":"370","volume":"14","author":"RH Sloan","year":"2014","unstructured":"Sloan RH, Warner R (2014) Beyond notice and choice: privacy, norms, and consent. Suffolk Univ J High Technol 14(2):370\u2013412","journal-title":"Suffolk Univ J High Technol"},{"key":"709_CR74","unstructured":"Rastogi V, Welbourne E, Khoussainova N, Kriplean T, Balazinska M, Borriello G, Kohno T, Suciu D (2007) \u201cExpressing privacy policies using authorisation views,\u201d in Proc. of the 5th International Workshop on Privacy in UbiComp (UbiPriv\u201907)"},{"issue":"7","key":"709_CR75","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MC.2017.201","volume":"50","author":"C Kolias","year":"2017","unstructured":"Kolias C, Kambourakis G, Stavrou A, Voas J (2017) DDoS in the IoT: Mirai and other botnets. IEEE Comput 50(7):80\u201384","journal-title":"IEEE Comput"},{"key":"709_CR76","unstructured":"Kovacs E (2016) Hosting provider OVH hit by 1 Tbps DDoS attack. Retrieved from \n                    http:\/\/www.securityweek.com\/hosting-provider-ovh-hit-1-tbps-ddos-attack\n                    \n                  . Accessed 28 Feb 2019"},{"key":"709_CR77","volume-title":"USENIX security conference","author":"Y Tian","year":"2017","unstructured":"Tian Y, Zhang N, Lin Y-H, Wang XF, Ur B, Guo XZ, Tague P (2017) SmartAuth: user-centered authorization for the Internet of Things. In: USENIX security conference"}],"container-title":["Annals of Telecommunications"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12243-019-00709-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s12243-019-00709-7\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s12243-019-00709-7.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,3,1]],"date-time":"2020-03-01T00:22:18Z","timestamp":1583022138000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s12243-019-00709-7"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,3,2]]},"references-count":77,"journal-issue":{"issue":"7-8","published-print":{"date-parts":[[2019,8]]}},"alternative-id":["709"],"URL":"https:\/\/doi.org\/10.1007\/s12243-019-00709-7","relation":{},"ISSN":["0003-4347","1958-9395"],"issn-type":[{"value":"0003-4347","type":"print"},{"value":"1958-9395","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,3,2]]},"assertion":[{"value":"11 July 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 February 2019","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"2 March 2019","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}