{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T07:50:38Z","timestamp":1777276238476,"version":"3.51.4"},"reference-count":89,"publisher":"Springer Science and Business Media LLC","issue":"5","license":[{"start":{"date-parts":[[2022,5,19]],"date-time":"2022-05-19T00:00:00Z","timestamp":1652918400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,5,19]],"date-time":"2022-05-19T00:00:00Z","timestamp":1652918400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/100012352","name":"Universit\u00e0 degli Studi di Milano","doi-asserted-by":"crossref","award":["PSR 2021"],"award-info":[{"award-number":["PSR 2021"]}],"id":[{"id":"10.13039\/100012352","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Complex Intell. Syst."],"published-print":{"date-parts":[[2022,10]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>Scalable and secure authorization of smart things is of the crucial essence for the successful deployment of the Internet of Things (IoT). Unauthorized access to smart things could exacerbate the security and privacy concern, which could, in turn, lead to the reduced adoption of the IoT, and ultimately to the emergence of severe threats. Even though there are a variety of IoT solutions for secure authorization, authorization schemes in highly dynamic distributed environments remain a daunting challenge. Access rights can dynamically change due to the heterogeneous nature of shared IoT devices and, thus, the identity and access control management are challenging. This survey provides a comprehensive comparative analysis of the current state-of-the-art IoT authorization schemes to highlight their strengths and weaknesses. Then, it defines the most important requirements and highlights the authorization threats and weaknesses impacting authorization in the IoT. Finally, the survey presents the ongoing open authorization challenges and provides recommendations for future research.<\/jats:p>","DOI":"10.1007\/s40747-022-00765-y","type":"journal-article","created":{"date-parts":[[2022,5,19]],"date-time":"2022-05-19T13:03:41Z","timestamp":1652965421000},"page":"3919-3941","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":37,"title":["Authorization schemes for internet of things: requirements, weaknesses, future challenges and trends"],"prefix":"10.1007","volume":"8","author":[{"given":"Abid","family":"Khan","sequence":"first","affiliation":[]},{"given":"Awais","family":"Ahmad","sequence":"additional","affiliation":[]},{"given":"Mansoor","family":"Ahmed","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1299-7752","authenticated-orcid":false,"given":"Jadran","family":"Sessa","sequence":"additional","affiliation":[]},{"given":"Marco","family":"Anisetti","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,5,19]]},"reference":[{"key":"765_CR1","unstructured":"Ferraiolo D, Kuhn DR, Chandramouli R (2003) Role-based access control, Artech House,"},{"key":"765_CR2","doi-asserted-by":"crossref","unstructured":"Yuan E, Tong J (2005) Attributed based access control (abac) for web services, in: IEEE International Conference on Web Services (ICWS\u201905), IEEE","DOI":"10.1109\/ICWS.2005.25"},{"key":"765_CR3","doi-asserted-by":"crossref","unstructured":"Seitz L, Selander G, Gehrmann C (2013) Authorization framework for the internet-of-things, in, IEEE 14th International Symposium on A World of Wireless, Mobile and Multimedia Networks(WoWMoM). IEEE 2013:1\u20136","DOI":"10.1109\/WoWMoM.2013.6583465"},{"issue":"5\u20136","key":"765_CR4","doi-asserted-by":"crossref","first-page":"1189","DOI":"10.1016\/j.mcm.2013.02.006","volume":"58","author":"S Gusmeroli","year":"2013","unstructured":"Gusmeroli S, Piccione S, Rotondi D (2013) A capability-based security approach to manage access control in the internet of things. Math Comput Model 58(5\u20136):1189\u20131205","journal-title":"Math Comput Model"},{"key":"765_CR5","doi-asserted-by":"crossref","unstructured":"Vu\u010dini\u0107 M, Tourancheau B, Rousseau F, Duda A, Damon L, Guizzetti R (2014) Oscar: Object security architecture for the internet of things. In: Proceeding of IEEE international symposium on a world of wireless, mobile and multimedia networks 2014, IEEE, pp. 1\u201310","DOI":"10.1109\/WoWMoM.2014.6918975"},{"issue":"4","key":"765_CR6","first-page":"309","volume":"1","author":"PN Mahalle","year":"2013","unstructured":"Mahalle PN, Anggorojati B, Prasad NR, Prasad R (2013) Identity authentication and capability based access control (iacac) for the internet of things. J Cyber Secur Mob 1(4):309\u2013348","journal-title":"J Cyber Secur Mob"},{"key":"765_CR7","doi-asserted-by":"crossref","unstructured":"Skarmeta AF, Hernandez-Ramos JL, Moreno MV (2014) A decentralized approach for security and privacy challenges in the internet of things. In: IEEE world forum on Internet of Things (WF-IoT). IEEE, 67\u201372","DOI":"10.1109\/WF-IoT.2014.6803122"},{"issue":"3\/4","key":"765_CR8","first-page":"1","volume":"3","author":"JL Hern\u00e1ndez-Ramos","year":"2013","unstructured":"Hern\u00e1ndez-Ramos JL, Jara AJ, Marin L, Skarmeta AF (2013) Distributed capability-based access control for the internet of things. J Int Serv Inf Secur (JISIS) 3(3\/4):1\u201316","journal-title":"J Int Serv Inf Secur (JISIS)"},{"key":"765_CR9","doi-asserted-by":"crossref","unstructured":"Mahalle PN, Thakre PA, Prasad NR, Prasad R (2013) A fuzzy approach to trust based access control in internet of things. In: Wireless VITAE 2013, IEEE, pp 1\u20135","DOI":"10.1109\/VITAE.2013.6617083"},{"key":"765_CR10","doi-asserted-by":"crossref","unstructured":"Hummen R, Shafagh H, Raza S, Voig T, Wehrle K (2014) Delegation-based authentication and authorization for the ip-based internet of things. In: eleventh annual IEEE international conference on Sensing, Communication, and Networking (SECON). Ieee, pp 284\u2013292","DOI":"10.1109\/SAHCN.2014.6990364"},{"key":"765_CR11","doi-asserted-by":"crossref","unstructured":"Garcia-Morchon O, Keoh SL, Kumar S, Moreno-Sanchez P, Vidal-Meca F, Ziegeldorf JH (2013) Securing the ip-based internet of things with hip and dtls. In: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks, pp 119\u2013124","DOI":"10.1145\/2462096.2462117"},{"key":"765_CR12","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1016\/j.future.2013.10.016","volume":"33","author":"J Su","year":"2014","unstructured":"Su J, Cao D, Zhao B, Wang X, You I (2014) epass: an expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the internet of things. Fut Gen Comput Syst 33:11\u201318","journal-title":"Fut Gen Comput Syst"},{"key":"765_CR13","unstructured":"Ye N, Zhu Y, Wang R-c, Malekian R, Lin Q-M, An efficient authentication and access control scheme for perception layer of internet of things"},{"key":"765_CR14","doi-asserted-by":"crossref","unstructured":"Kaiwen S, Lihua Y (2014) Attribute-role-based hybrid access control in the internet of things. In: Asia-Pacific Web Conference, Springer, New York, pp 333\u2013343","DOI":"10.1007\/978-3-319-11119-3_31"},{"issue":"2","key":"765_CR15","doi-asserted-by":"crossref","first-page":"1224","DOI":"10.1109\/JSEN.2014.2361406","volume":"15","author":"S Cirani","year":"2014","unstructured":"Cirani S, Picone M, Gonizzi P, Veltri L, Ferrari G (2014) Iot-oas: An oauth-based authorization service architecture for secure services in iot scenarios. IEEE Sens J 15(2):1224\u20131234","journal-title":"IEEE Sens J"},{"key":"765_CR16","doi-asserted-by":"crossref","unstructured":"Fremantle P, Aziz B, Kopeck\u1ef3 J, Scott P (2014) Federated identity and access management for the internet of things. In: International Workshop on Secure Internet of Things. IEEE 2014:10\u201317","DOI":"10.1109\/SIoT.2014.8"},{"issue":"3","key":"765_CR17","doi-asserted-by":"crossref","first-page":"657","DOI":"10.1109\/TPDS.2014.2311791","volume":"26","author":"H Ning","year":"2014","unstructured":"Ning H, Liu H, Yang LT (2014) Aggregated-proof based hierarchical authentication scheme for the internet of things. IEEE Trans Parallel Distrib Syst 26(3):657\u2013667","journal-title":"IEEE Trans Parallel Distrib Syst"},{"key":"765_CR18","doi-asserted-by":"crossref","unstructured":"Alohali B, Merabti M, Kifayat K (2014) A secure scheme for a smart house based on cloud of things (cot). In: 6th Computer science and electronic engineering conference (CEEC), IEEE 2014:115\u2013120","DOI":"10.1109\/CEEC.2014.6958565"},{"issue":"5","key":"765_CR19","doi-asserted-by":"crossref","first-page":"1763","DOI":"10.1007\/s00500-015-1705-6","volume":"20","author":"JB Bernabe","year":"2016","unstructured":"Bernabe JB, Ramos JLH, Gomez AFS (2016) Taciot: multidimensional trust-aware access control system for the internet of things. Soft Comput 20(5):1763\u20131779","journal-title":"Soft Comput"},{"key":"765_CR20","doi-asserted-by":"crossref","first-page":"452","DOI":"10.1016\/j.procs.2015.05.013","volume":"52","author":"SR Moosavi","year":"2015","unstructured":"Moosavi SR, Gia TN, Rahmani A-M, Nigussie E, Virtanen S, Isoaho J, Tenhunen H (2015) Sea: a secure and efficient authentication and authorization architecture for iot-based healthcare using smart gateways. Procedia Comput Sci 52:452\u2013459","journal-title":"Procedia Comput Sci"},{"issue":"4","key":"765_CR21","doi-asserted-by":"crossref","first-page":"690","DOI":"10.1109\/JSAC.2015.2393436","volume":"33","author":"JL Hernandez-Ramos","year":"2015","unstructured":"Hernandez-Ramos JL, Pawlowski MP, Jara AJ, Skarmeta AF, Ladid L (2015) Toward a lightweight authentication and authorization framework for smart objects. IEEE J Sel Areas Commun 33(4):690\u2013702","journal-title":"IEEE J Sel Areas Commun"},{"key":"765_CR22","doi-asserted-by":"crossref","unstructured":"Hern\u00e1ndez-Ramos JL, Jara AJ, Mar\u00edn L, Skarmeta G\u00f3mez AF (2016) Dcapbac: embedding authorization logic into smart things through ecc optimizations. Int J Comput Math 93(2) 345\u2013366","DOI":"10.1080\/00207160.2014.915316"},{"key":"765_CR23","doi-asserted-by":"crossref","first-page":"104","DOI":"10.1016\/j.future.2014.10.010","volume":"49","author":"X Yao","year":"2015","unstructured":"Yao X, Chen Z, Tian Y (2015) A lightweight attribute-based encryption scheme for the internet of things. Fut Gen Comput Syst 49:104\u2013112","journal-title":"Fut Gen Comput Syst"},{"key":"765_CR24","doi-asserted-by":"crossref","unstructured":"Thatmann D, Zickau S, F\u00f6rster A, K\u00fcpper A (2015) Applying attribute-based encryption on publish subscribe messaging patterns for the internet of things. In: 2015 IEEE International Conference on Data Science and Data Intensive Systems, IEEE, pp 556\u2013563","DOI":"10.1109\/DSDIS.2015.52"},{"issue":"17","key":"765_CR25","doi-asserted-by":"crossref","first-page":"17735","DOI":"10.1007\/s11042-015-2967-9","volume":"76","author":"J Yang","year":"2017","unstructured":"Yang J, He S, Lin Y, Lv Z (2017) Multimedia cloud transmission and storage system based on internet of things. Multimed Tools Appl 76(17):17735\u201317750","journal-title":"Multimed Tools Appl"},{"key":"765_CR26","doi-asserted-by":"crossref","unstructured":"Niruntasukrat A, Issariyapat C, Pongpaibool P, Meesublak K, Aiumsupucgul P, Panya A (2016) Authorization mechanism for mqtt-based internet of things. In: 2016 IEEE International Conference on Communications Workshops (ICC), IEEE, pp 290\u2013295","DOI":"10.1109\/ICCW.2016.7503802"},{"key":"765_CR27","doi-asserted-by":"crossref","first-page":"154","DOI":"10.1016\/j.comcom.2016.03.007","volume":"89","author":"F Li","year":"2016","unstructured":"Li F, Han Y, Jin C (2016) Practical access control for sensor networks in the context of the internet of things. Comput Commun 89:154\u2013164","journal-title":"Comput Commun"},{"key":"765_CR28","doi-asserted-by":"crossref","unstructured":"Hosseinzadeh S, Virtanen S, D\u00edaz-Rodr\u00edguez N, Lilius J (2016) A semantic security framework and context-aware role-based access control ontology for smart spaces. In: Proceedings of the International Workshop on Semantic Big Data, pp 1\u20136","DOI":"10.1145\/2928294.2928300"},{"key":"765_CR29","doi-asserted-by":"crossref","first-page":"285","DOI":"10.1016\/j.future.2016.12.036","volume":"76","author":"F Li","year":"2017","unstructured":"Li F, Hong J, Omala AA (2017) Efficient certificateless access control for industrial internet of things. Futur Gen Comput Syst 76:285\u2013292","journal-title":"Futur Gen Comput Syst"},{"issue":"18","key":"765_CR30","doi-asserted-by":"crossref","first-page":"5943","DOI":"10.1002\/sec.1748","volume":"9","author":"A Ouaddah","year":"2016","unstructured":"Ouaddah A, Abou Elkalam A, Ait Ouahman A (2016) Fairaccess: a new blockchain-based access control framework for the internet of things. Secur Commun Netw 9(18):5943\u20135964","journal-title":"Secur Commun Netw"},{"key":"765_CR31","doi-asserted-by":"publisher","unstructured":"Pinno OJA, Gregio ARA, De Bona LCE (2017) Controlchain: Blockchain as a central enabler for access control authorizations in the iot. In: GLOBECOM 2017 - 2017 IEEE Global Communications Conference, pp. 1\u20136.https:\/\/doi.org\/10.1109\/GLOCOM.2017.8254521","DOI":"10.1109\/GLOCOM.2017.8254521"},{"key":"765_CR32","doi-asserted-by":"crossref","unstructured":"Tapas N, Merlino G, Longo F (2018) Blockchain-based iot-cloud authorization and delegation. In: 2018 IEEE International Conference on Smart Computing (SMARTCOMP), IEEE, pp 411\u2013416","DOI":"10.1109\/SMARTCOMP.2018.00038"},{"key":"765_CR33","doi-asserted-by":"crossref","unstructured":"Fayad A, Hammi B, Khatoun R (2018) An adaptive authentication and authorization scheme for iot\u2019s gateways: a blockchain based approach. In: 2018 Third International Conference on Security of Smart Cities, Industrial Control System and Communications (SSIC), IEEE, pp 1\u20137","DOI":"10.1109\/SSIC.2018.8556668"},{"key":"765_CR34","doi-asserted-by":"crossref","first-page":"58800","DOI":"10.1109\/ACCESS.2020.2982542","volume":"8","author":"G Ali","year":"2020","unstructured":"Ali G, Ahmad N, Cao Y, Khan S, Cruickshank H, Qazi EA, Ali A (2020) xdbauth: Blockchain based cross domain authentication and authorization framework for internet of things. IEEE Access 8:58800\u201358816","journal-title":"IEEE Access"},{"key":"765_CR35","doi-asserted-by":"crossref","first-page":"38431","DOI":"10.1109\/ACCESS.2019.2905846","volume":"7","author":"S Ding","year":"2019","unstructured":"Ding S, Cao J, Li C, Fan K, Li H (2019) A novel attribute-based access control scheme using blockchain for iot. IEEE Access 7:38431\u201338441","journal-title":"IEEE Access"},{"key":"765_CR36","doi-asserted-by":"crossref","first-page":"243","DOI":"10.1016\/j.comcom.2020.01.030","volume":"152","author":"VA Siris","year":"2020","unstructured":"Siris VA, Dimopoulos D, Fotiou N, Voulgaris S, Polyzos GC (2020) Decentralized authorization in constrained iot environments exploiting interledger mechanisms. Comput Commun 152:243\u2013251","journal-title":"Comput Commun"},{"key":"765_CR37","doi-asserted-by":"crossref","unstructured":"Khalid U, Asim M, Baker T, Hung PC, Tariq MA, Rafferty L (2020) A decentralized lightweight blockchain-based authentication mechanism for iot systems, Cluster Computing 1\u201321","DOI":"10.1007\/s10586-020-03058-6"},{"issue":"2","key":"765_CR38","doi-asserted-by":"crossref","first-page":"1646","DOI":"10.1109\/TNSM.2021.3077276","volume":"18","author":"GD Putra","year":"2021","unstructured":"Putra GD, Dedeoglu V, Kanhere SS, Jurdak R, Ignjatovic A (2021) Trust-based blockchain authorization for iot. IEEE Trans Netw Serv Manag 18(2):1646\u20131658","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"765_CR39","doi-asserted-by":"crossref","unstructured":"Wickstr\u00f6m J, Westerlund M, Pulkkis G (2021) Smart contract based distributed iot security: A protocol for autonomous device management. In: IEEE\/ACM 21st International Symposium on Cluster, Cloud and Internet Computing (CCGrid). IEEE 2021:776\u2013781","DOI":"10.1109\/CCGrid51090.2021.00094"},{"key":"765_CR40","first-page":"1","volume":"46","author":"A Lohachab","year":"2019","unstructured":"Lohachab A et al (2019) Ecc based inter-device authentication and authorization scheme using mqtt for iot networks. J Inf Secur Appl 46:1\u201312","journal-title":"J Inf Secur Appl"},{"key":"765_CR41","doi-asserted-by":"publisher","first-page":"67555","DOI":"10.1109\/ACCESS.2020.2985719","volume":"8","author":"S Shin","year":"2020","unstructured":"Shin S, Kwon T (2020) A privacy-preserving authentication, authorization, and key agreement scheme for wireless sensor networks in 5g-integrated internet of things. IEEE Access 8:67555\u201367571. https:\/\/doi.org\/10.1109\/ACCESS.2020.2985719","journal-title":"IEEE Access"},{"key":"765_CR42","doi-asserted-by":"crossref","first-page":"740","DOI":"10.1016\/j.future.2017.05.048","volume":"86","author":"B-C Chifor","year":"2018","unstructured":"Chifor B-C, Bica I, Patriciu V-V, Pop F (2018) A security authorization scheme for smart home internet of things devices. Fut Gen Comput Syst 86:740\u2013749","journal-title":"Fut Gen Comput Syst"},{"key":"765_CR43","doi-asserted-by":"publisher","first-page":"27336","DOI":"10.1109\/ACCESS.2018.2836350","volume":"6","author":"S Ding","year":"2018","unstructured":"Ding S, Li C, Li H (2018) A novel efficient pairing-free cp-abe based on elliptic curve cryptography for iot. IEEE Access 6:27336\u201327345. https:\/\/doi.org\/10.1109\/ACCESS.2018.2836350","journal-title":"IEEE Access"},{"issue":"11","key":"765_CR44","doi-asserted-by":"crossref","first-page":"4473","DOI":"10.1007\/s12652-018-1129-0","volume":"10","author":"S Zemmoudj","year":"2019","unstructured":"Zemmoudj S, Bermad N, Omar M (2019) Context-aware pseudonymization and authorization model for iot-based smart hospitals. J Ambient Intell Hum Comput 10(11):4473\u20134490","journal-title":"J Ambient Intell Hum Comput"},{"key":"765_CR45","doi-asserted-by":"crossref","first-page":"533","DOI":"10.1016\/j.ins.2019.01.051","volume":"527","author":"M Su","year":"2020","unstructured":"Su M, Zhou B, Fu A, Yu Y, Zhang G (2020) Prta: A proxy re-encryption based trusted authorization scheme for nodes on cloudiot. Inf Sci 527:533\u2013547","journal-title":"Inf Sci"},{"key":"765_CR46","unstructured":"Kumar S, Hu Y, Andersen MP, Popa RA, Culler DE (2019) $$\\{$$JEDI$$\\}$$: Many-to-many end-to-end encryption and key delegation for iot. In: 28th $$\\{$$USENIX$$\\}$$ Security Symposium ($$\\{$$USENIX$$\\}$$ Security 19), pp 1519\u20131536"},{"issue":"4","key":"765_CR47","doi-asserted-by":"crossref","first-page":"3184","DOI":"10.1109\/JIOT.2020.2966242","volume":"7","author":"S Mandal","year":"2020","unstructured":"Mandal S, Bera B, Sutrala AK, Das AK, Choo K-KR, Park Y (2020) Certificateless-signcryption-based three-factor user access control scheme for iot environment. IEEE Internet Things J 7(4):3184\u20133197","journal-title":"IEEE Internet Things J"},{"issue":"4","key":"765_CR48","doi-asserted-by":"crossref","first-page":"4406","DOI":"10.1109\/TNSM.2021.3093002","volume":"18","author":"W Ren","year":"2021","unstructured":"Ren W, Sun Y, Luo H, Guizani M (2021) Siledger: A blockchain and abe-based access control for applications in sdn-iot networks. IEEE Trans Netw Serv Manag 18(4):4406\u20134419","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"765_CR49","volume":"192","author":"AYF Alsahlani","year":"2021","unstructured":"Alsahlani AYF, Popa A (2021) Lmaas-iot: Lightweight multi-factor authentication and authorization scheme for real-time data access in iot cloud-based environment. J Netw Comput Appl 192:103177","journal-title":"J Netw Comput Appl"},{"key":"765_CR50","doi-asserted-by":"crossref","unstructured":"Xu R, Chen Y, Blasch E, Chen G (2018) Blendcac: A blockchain-enabled decentralized capability-based access control for iots, In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), IEEE pp 1027\u20131034","DOI":"10.1109\/Cybermatics_2018.2018.00191"},{"key":"765_CR51","unstructured":"Bakir F, Wolski R, Krintz C (2021) Caplets: Resource aware capability-based access control for iot. In: 2021 IEEE\/ACM Symposium on Edge Computing (SEC), IEEE"},{"key":"765_CR52","doi-asserted-by":"crossref","unstructured":"Julku J, Suomalainen J, Kyl\u00e4np\u00e4\u00e4 M (2021) Delegated device attestation for iot. In: 2021 8th International Conference on Internet of Things: Systems, Management and Security (IOTSMS), IEEE, pp. 1\u20138","DOI":"10.1109\/IOTSMS53705.2021.9704959"},{"key":"765_CR53","doi-asserted-by":"crossref","unstructured":"Miller VS (1985) Use of elliptic curves in cryptography, in: Conference on the theory and application of cryptographic techniques, Springer, pp. 417\u2013426","DOI":"10.1007\/3-540-39799-X_31"},{"key":"765_CR54","doi-asserted-by":"crossref","unstructured":"Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing, In: Annual international cryptology conference, Springer, pp. 213\u2013229","DOI":"10.1007\/3-540-44647-8_13"},{"key":"765_CR55","doi-asserted-by":"crossref","unstructured":"Sahai A, Waters B (2005) Fuzzy identity-based encryption, In: Annual international conference on the theory and applications of cryptographic techniques, Springer, pp. 457\u2013473","DOI":"10.1007\/11426639_27"},{"key":"765_CR56","doi-asserted-by":"crossref","unstructured":"Maji HK, Prabhakaran M, Rosulek M (2011) Attribute-based signatures, In: Cryptographers\u2019 track at the RSA conference, Springer, pp. 376\u2013392","DOI":"10.1007\/978-3-642-19074-2_24"},{"key":"765_CR57","unstructured":"Nakamoto S (2008) Bitcoin: A peer-to-peer electronic cash system, Decentralized Business Review 21260"},{"key":"765_CR58","unstructured":"Aleisa N, Renaud K Privacy of the internet of things: a systematic literature review (extended discussion), arXiv preprint arXiv:1611.03340"},{"key":"765_CR59","doi-asserted-by":"crossref","first-page":"237","DOI":"10.1016\/j.comnet.2016.11.007","volume":"112","author":"A Ouaddah","year":"2017","unstructured":"Ouaddah A, Mousannif H, Abou Elkalam A, Ouahman AA (2017) Access control in the internet of things: Big challenges and new opportunities. Comput Netw 112:237\u2013262","journal-title":"Comput Netw"},{"issue":"5","key":"765_CR60","doi-asserted-by":"crossref","first-page":"1250","DOI":"10.1109\/JIOT.2017.2694844","volume":"4","author":"Y Yang","year":"2017","unstructured":"Yang Y, Wu L, Yin G, Li L, Zhao H (2017) A survey on security and privacy issues in internet-of-things. IEEE Internet Things J 4(5):1250\u20131258","journal-title":"IEEE Internet Things J"},{"key":"765_CR61","doi-asserted-by":"crossref","unstructured":"Trnka M, Cerny T, Stickney N (2018) Survey of authentication and authorization for the internet of things, Security and Communication Networks","DOI":"10.1155\/2018\/4351603"},{"issue":"2","key":"765_CR62","doi-asserted-by":"crossref","first-page":"118","DOI":"10.1016\/j.dcan.2017.04.003","volume":"4","author":"AR Sfar","year":"2018","unstructured":"Sfar AR, Natalizio E, Challal Y, Chtourou Z (2018) A roadmap for security challenges in the internet of things. Digital Communications and Networks 4(2):118\u2013137","journal-title":"Digital Communications and Networks"},{"key":"765_CR63","doi-asserted-by":"crossref","first-page":"295","DOI":"10.1016\/j.comnet.2018.11.026","volume":"148","author":"J Hou","year":"2019","unstructured":"Hou J, Qu L, Shi W (2019) A survey on internet of things security from data perspectives. Comput Netw 148:295\u2013306","journal-title":"Comput Netw"},{"key":"765_CR64","unstructured":"Verma N, Sangwan S, Sangwan S, Parsad D Iot security challenges and counters measures, International Journal of Recent Technology and Engineering (IJRTE) ISSN 2277\u20133878"},{"issue":"3","key":"765_CR65","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3314023","volume":"52","author":"L Gonzalez-Manzano","year":"2019","unstructured":"Gonzalez-Manzano L, Fuentes JMD, Ribagorda A (2019) Leveraging user-related internet of things for continuous authentication: A survey. ACM Computing Surveys (CSUR) 52(3):1\u201338","journal-title":"ACM Computing Surveys (CSUR)"},{"issue":"4","key":"765_CR66","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3333501","volume":"52","author":"ZB Celik","year":"2019","unstructured":"Celik ZB, Fernandes E, Pauley E, Tan G, McDaniel P (2019) Program analysis of commodity iot applications for security and privacy: Challenges and opportunities. ACM Computing Surveys (CSUR) 52(4):1\u201330","journal-title":"ACM Computing Surveys (CSUR)"},{"key":"765_CR67","doi-asserted-by":"crossref","unstructured":"Ferrag MA, Maglaras L, Derhab A (2019) Authentication and authorization for mobile iot devices using biofeatures: Recent advances and future trends, Security and Communication Networks","DOI":"10.1155\/2019\/5452870"},{"issue":"2","key":"765_CR68","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3376123","volume":"53","author":"JB Sequeiros","year":"2020","unstructured":"Sequeiros JB, Chimuco FT, Samaila MG, Freire MM, In\u00e1cio PR (2020) Attack and system modeling applied to iot, cloud, and mobile ecosystems: embedding security by design. ACM Computing Surveys (CSUR) 53(2):1\u201332","journal-title":"ACM Computing Surveys (CSUR)"},{"issue":"6","key":"765_CR69","doi-asserted-by":"crossref","first-page":"4682","DOI":"10.1109\/JIOT.2020.2969326","volume":"7","author":"J Qiu","year":"2020","unstructured":"Qiu J, Tian Z, Du C, Zuo Q, Su S, Fang B (2020) A survey on access control in the age of internet of things. IEEE Internet Things J 7(6):4682\u20134696","journal-title":"IEEE Internet Things J"},{"issue":"2","key":"765_CR70","doi-asserted-by":"crossref","first-page":"195","DOI":"10.1016\/j.dcan.2019.08.006","volume":"6","author":"K Sha","year":"2020","unstructured":"Sha K, Yang TA, Wei W, Davari S (2020) A survey of edge computing-based designs for iot security. Digital Communications and Networks 6(2):195\u2013202","journal-title":"Digital Communications and Networks"},{"key":"765_CR71","doi-asserted-by":"crossref","first-page":"102481","DOI":"10.1016\/j.jnca.2019.102481","volume":"149","author":"J Sengupta","year":"2020","unstructured":"Sengupta J, Ruj S, Bit SD (2020) A comprehensive survey on attacks, security issues and blockchain solutions for iot and iiot. J Netw Comput Appl 149:102481","journal-title":"J Netw Comput Appl"},{"key":"765_CR72","doi-asserted-by":"crossref","first-page":"311","DOI":"10.1016\/j.comcom.2020.02.018","volume":"153","author":"JJ Hathaliya","year":"2020","unstructured":"Hathaliya JJ, Tanwar S (2020) An exhaustive survey on security and privacy issues in healthcare 4.0. Comput Commun 153:311\u2013335","journal-title":"Comput Commun"},{"key":"765_CR73","volume":"39","author":"AH Lone","year":"2021","unstructured":"Lone AH, Naaz R (2021) Applicability of blockchain smart contracts in securing internet and iot: a systematic literature review. Computer Science Review 39:100360","journal-title":"Computer Science Review"},{"issue":"6","key":"765_CR74","doi-asserted-by":"crossref","first-page":"906","DOI":"10.26599\/TST.2021.9010001","volume":"26","author":"ZN Mohammad","year":"2021","unstructured":"Mohammad ZN, Farha F, Abuassba AO, Yang S, Zhou F (2021) Access control and authorization in smart homes: A survey. Tsinghua Science and Technology 26(6):906\u2013917","journal-title":"Tsinghua Science and Technology"},{"key":"765_CR75","unstructured":"Sudarsan SV, Schel\u00e9n O, Bodin U Survey on delegated and self-contained authorization techniques in cps and iot, IEEE Access"},{"issue":"3","key":"765_CR76","doi-asserted-by":"crossref","first-page":"224","DOI":"10.1145\/501978.501980","volume":"4","author":"DF Ferraiolo","year":"2001","unstructured":"Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R (2001) Proposed nist standard for role-based access control. ACM Transactions on Information and System Security (TISSEC) 4(3):224\u2013274","journal-title":"ACM Transactions on Information and System Security (TISSEC)"},{"key":"765_CR77","doi-asserted-by":"crossref","unstructured":"Cirani S, Ferrari G, Veltri L (2013) Enforcing security mechanisms in the ip-based internet of things: An algorithmic overview. Algorithms 6(2):197\u2013226","DOI":"10.3390\/a6020197"},{"key":"765_CR78","doi-asserted-by":"crossref","first-page":"227","DOI":"10.1016\/j.future.2015.03.004","volume":"55","author":"A Alamri","year":"2016","unstructured":"Alamri A, Bertok P, Thom JA, Fahad A (2016) The mediator authorization-security model for heterogeneous semantic knowledge bases. Futur Gener Comput Syst 55:227\u2013237","journal-title":"Futur Gener Comput Syst"},{"key":"765_CR79","doi-asserted-by":"crossref","first-page":"107189","DOI":"10.1016\/j.comnet.2020.107189","volume":"173","author":"S Suhail","year":"2020","unstructured":"Suhail S, Hussain R, Abdellatif M, Pandey SR, Khan A, Hong CS (2020) Provenance-enabled packet path tracing in the rpl-based internet of things. Comput Netw 173:107189","journal-title":"Comput Netw"},{"key":"765_CR80","doi-asserted-by":"crossref","unstructured":"Babar S, Mahalle P, Stango A, Prasad N, Prasad R (2010) Proposed security model and threat taxonomy for the internet of things (iot), in: International Conference on Network Security and Applications, Springer, pp. 420\u2013429","DOI":"10.1007\/978-3-642-14478-3_42"},{"issue":"7","key":"765_CR81","doi-asserted-by":"crossref","first-page":"1645","DOI":"10.1016\/j.future.2013.01.010","volume":"29","author":"J Gubbi","year":"2013","unstructured":"Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of things (iot): A vision, architectural elements, and future directions. Futur Gener Comput Syst 29(7):1645\u20131660","journal-title":"Futur Gener Comput Syst"},{"issue":"7","key":"765_CR82","doi-asserted-by":"crossref","first-page":"1497","DOI":"10.1016\/j.adhoc.2012.02.016","volume":"10","author":"D Miorandi","year":"2012","unstructured":"Miorandi D, Sicari S, De Pellegrini F, Chlamtac I (2012) Internet of things: Vision, applications and research challenges. Ad Hoc Netw 10(7):1497\u20131516","journal-title":"Ad Hoc Netw"},{"issue":"10","key":"765_CR83","doi-asserted-by":"crossref","first-page":"2266","DOI":"10.1016\/j.comnet.2012.12.018","volume":"57","author":"R Roman","year":"2013","unstructured":"Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things. Comput Netw 57(10):2266\u20132279","journal-title":"Comput Netw"},{"key":"765_CR84","doi-asserted-by":"crossref","first-page":"99","DOI":"10.1016\/j.jnca.2016.01.010","volume":"67","author":"M D\u00edaz","year":"2016","unstructured":"D\u00edaz M, Mart\u00edn C, Rubio B (2016) State-of-the-art, challenges, and open issues in the integration of internet of things and cloud computing. J Netw Comput Appl 67:99\u2013117","journal-title":"J Netw Comput Appl"},{"issue":"3","key":"765_CR85","doi-asserted-by":"crossref","first-page":"1091","DOI":"10.1016\/j.adhoc.2012.12.001","volume":"11","author":"C Alcaraz","year":"2013","unstructured":"Alcaraz C, Roman R, Najera P, Lopez J (2013) Security of industrial sensor network-based remote substations in the context of the internet of things. Ad Hoc Netw 11(3):1091\u20131104","journal-title":"Ad Hoc Netw"},{"key":"765_CR86","doi-asserted-by":"crossref","unstructured":"Chen J, Liu Y, Chai Y (2015) An identity management framework for internet of things, in: 2015 IEEE 12th International Conference on e-Business Engineering, IEEE, pp. 360\u2013364","DOI":"10.1109\/ICEBE.2015.67"},{"issue":"6","key":"765_CR87","doi-asserted-by":"crossref","first-page":"1531","DOI":"10.1016\/j.jnca.2012.12.028","volume":"36","author":"B Guo","year":"2013","unstructured":"Guo B, Zhang D, Wang Z, Yu Z, Zhou X (2013) Opportunistic iot: Exploring the harmonious interaction between human and the internet of things. J Netw Comput Appl 36(6):1531\u20131539","journal-title":"J Netw Comput Appl"},{"key":"765_CR88","unstructured":"Gupta U Application of multi factor authentication in internet of things domain, arXiv preprint arXiv:1506.03753"},{"key":"765_CR89","first-page":"1","volume":"80","author":"K Rose","year":"2015","unstructured":"Rose K, Eldridge S, Chapin L (2015) The internet of things: An overview. The internet society (ISOC) 80:1\u201350","journal-title":"The internet society (ISOC)"}],"container-title":["Complex &amp; Intelligent Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s40747-022-00765-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s40747-022-00765-y\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s40747-022-00765-y.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,27]],"date-time":"2022-09-27T14:09:46Z","timestamp":1664287786000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s40747-022-00765-y"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,19]]},"references-count":89,"journal-issue":{"issue":"5","published-print":{"date-parts":[[2022,10]]}},"alternative-id":["765"],"URL":"https:\/\/doi.org\/10.1007\/s40747-022-00765-y","relation":{},"ISSN":["2199-4536","2198-6053"],"issn-type":[{"value":"2199-4536","type":"print"},{"value":"2198-6053","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,5,19]]},"assertion":[{"value":"5 November 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"15 April 2022","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"19 May 2022","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"There is no conflict of interest.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"Not applicable.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Availability of data and materials"}},{"value":"Not applicable.","order":4,"name":"Ethics","group":{"name":"EthicsHeading","label":"Code availability"}}]}}