{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,2]],"date-time":"2026-05-02T12:50:44Z","timestamp":1777726244284,"version":"3.51.4"},"reference-count":58,"publisher":"MDPI AG","issue":"17","license":[{"start":{"date-parts":[[2021,9,2]],"date-time":"2021-09-02T00:00:00Z","timestamp":1630540800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Compete 2020","award":["POCI-01-0247-FEDER-046119"],"award-info":[{"award-number":["POCI-01-0247-FEDER-046119"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>The increasing pervasiveness of the Internet of Things is resulting in a steady increase of cyberattacks in all of its facets. One of the most predominant attack vectors is related to its identity management, as it grants the ability to impersonate and circumvent current trust mechanisms. Given that identity is paramount to every security mechanism, such as authentication and access control, any vulnerable identity management mechanism undermines any attempt to build secure systems. While digital certificates are one of the most prevalent ways to establish identity and perform authentication, their provision at scale remains open. This provisioning process is usually an arduous task that encompasses device configuration, including identity and key provisioning. Human configuration errors are often the source of many security and privacy issues, so this task should be semi-autonomous to minimize erroneous configurations during this process. In this paper, we propose an identity management (IdM) and authentication method called YubiAuthIoT. The overall provisioning has an average runtime of 1137.8 ms \u00b165.11+\u03b4. We integrate this method with the FIWARE platform, as a way to provision and authenticate IoT devices.<\/jats:p>","DOI":"10.3390\/s21175898","type":"journal-article","created":{"date-parts":[[2021,9,2]],"date-time":"2021-09-02T23:05:12Z","timestamp":1630623912000},"page":"5898","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":14,"title":["Provisioning, Authentication and Secure Communications for IoT Devices on FIWARE"],"prefix":"10.3390","volume":"21","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0268-9134","authenticated-orcid":false,"given":"Patr\u00edcia","family":"Sousa","sequence":"first","affiliation":[{"name":"Department of Computer Science, Faculty of Sciences, University of Porto, 4169-007 Porto, Portugal"},{"name":"Institute for Systems and Computer Engineering, Technology and Science (INESC-TEC), 4200-465 Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9794-227X","authenticated-orcid":false,"given":"Lu\u00eds","family":"Magalh\u00e3es","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Sciences, University of Porto, 4169-007 Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0125-4240","authenticated-orcid":false,"given":"Jo\u00e3o","family":"Resende","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Sciences, University of Porto, 4169-007 Porto, Portugal"},{"name":"Institute for Systems and Computer Engineering, Technology and Science (INESC-TEC), 4200-465 Porto, Portugal"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1838-1417","authenticated-orcid":false,"given":"Rolando","family":"Martins","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Sciences, University of Porto, 4169-007 Porto, Portugal"},{"name":"Institute for Systems and Computer Engineering, Technology and Science (INESC-TEC), 4200-465 Porto, Portugal"}]},{"given":"Lu\u00eds","family":"Antunes","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Faculty of Sciences, University of Porto, 4169-007 Porto, Portugal"}]}],"member":"1968","published-online":{"date-parts":[[2021,9,2]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1016\/j.comcom.2016.03.015","article-title":"A gap analysis of Internet-of-Things platforms","volume":"89","author":"Mineraud","year":"2016","journal-title":"Comput. Commun."},{"key":"ref_2","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/JIOT.2016.2615180","article-title":"IoT middleware: A survey on issues and enabling technologies","volume":"4","author":"Ngu","year":"2016","journal-title":"IEEE Internet Things J."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"600","DOI":"10.1016\/j.scs.2017.12.022","article-title":"Exploiting IoT and big data analytics: Defining smart digital city using real-time urban data","volume":"40","author":"Rathore","year":"2018","journal-title":"Sustain. Cities Soc."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"697","DOI":"10.1016\/j.scs.2018.01.053","article-title":"Towards sustainable smart cities: A review of trends, architectures, components, and open challenges in smart cities","volume":"38","author":"Silva","year":"2018","journal-title":"Sustain. Cities Soc."},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Raura, G., Fonseca C., E.R., and Yoo, S.G. (2019). Smart Battery Charge: A Fiware Open Source Platform and Microcontroller Based IOT Application. International Conference on Applied Technologies, Springer.","DOI":"10.1007\/978-3-030-42531-9_22"},{"key":"ref_6","unstructured":"(2021, April 09). FIWARE IoT Stack. Available online: https:\/\/fiware-iot-stack.readthedocs.io\/en\/latest\/."},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Cvar, N., Trilar, J., Kos, A., Volk, M., and Stojmenova Duh, E. (2020). The Use of IoT Technology in Smart Cities and Smart Villages: Similarities, Differences, and Future Prospects. Sensors, 20.","DOI":"10.3390\/s20143897"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Puliafito, A., Tricomi, G., Zafeiropoulos, A., and Papavassiliou, S. (2021). Smart Cities of the Future as Cyber Physical Systems: Challenges and Enabling Technologies. Sensors, 21.","DOI":"10.3390\/s21103349"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Gupta, S.K., Vanjale, S., Rasal, S., and Vanjale, M. (2020, January 12\u201314). Securing IoT Devices in Smart City Environments. Proceedings of the 2020 International Conference on Emerging Smart Computing and Informatics (ESCI), Pune, India.","DOI":"10.1109\/ESCI48226.2020.9167630"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"499","DOI":"10.1016\/j.scs.2018.02.039","article-title":"Security and privacy challenges in smart cities","volume":"39","author":"Braun","year":"2018","journal-title":"Sustain. Cities Soc."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"228922","DOI":"10.1109\/ACCESS.2020.3046442","article-title":"A Comprehensive Study of the IoT Cybersecurity in Smart Cities","volume":"8","author":"Andrade","year":"2020","journal-title":"IEEE Access"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"23601","DOI":"10.1109\/ACCESS.2020.2968741","article-title":"Smart city IoT platform respecting GDPR privacy and security aspects","volume":"8","author":"Badii","year":"2020","journal-title":"IEEE Access"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Barreto, L., Celesti, A., Villari, M., Fazio, M., and Puliafito, A. (2015, January 28\u201330). Identity management in iot clouds: A fiware case of study. Proceedings of the 2015 IEEE Conference on Communications and Network Security (CNS), Florence, Italy.","DOI":"10.1109\/CNS.2015.7346887"},{"key":"ref_14","unstructured":"(2021, September 01). Identity Manager\u2014Keyrock. Available online: https:\/\/github.com\/ging\/fiware-idm."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1016\/j.adhoc.2015.01.006","article-title":"Survey on secure communication protocols for the Internet of Things","volume":"32","author":"Nguyen","year":"2015","journal-title":"Ad Hoc Netw."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"6562953","DOI":"10.1155\/2017\/6562953","article-title":"Authentication protocols for internet of things: A comprehensive survey","volume":"2017","author":"Ferrag","year":"2017","journal-title":"Secur. Commun. Netw."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Albalawi, A., Almrshed, A., Badhib, A., and Alshehri, S. (2019, January 3\u20134). A Survey on Authentication Techniques for the Internet of Things. Proceedings of the 2019 International Conference on Computer and Information Sciences (ICCIS), Sakaka, Saudi Arabia.","DOI":"10.1109\/ICCISci.2019.8716401"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Saadeh, M., Sleit, A., Qatawneh, M., and Almobaideen, W. (2016, January 2\u20134). Authentication techniques for the internet of things: A survey. Proceedings of the 2016 cybersecurity and cyberforensics conference (CCC), Amman, Jordan.","DOI":"10.1109\/CCC.2016.22"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"El-hajj, M., Chamoun, M., Fadlallah, A., and Serhrouchni, A. (2017, January 13\u201314). Taxonomy of authentication techniques in Internet of Things (IoT). Proceedings of the 2017 IEEE 15th Student Conference on Research and Development (SCOReD), Wilayah Persekutuan Putrajaya, Malaysia.","DOI":"10.1109\/SCORED.2017.8305419"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"1294","DOI":"10.1109\/COMST.2015.2388550","article-title":"Security for the internet of things: A survey of existing protocols and open research issues","volume":"17","author":"Granjal","year":"2015","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"126","DOI":"10.1016\/j.cose.2018.06.004","article-title":"Bubbles of Trust: A decentralized blockchain-based authentication system for IoT","volume":"78","author":"Hammi","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"72","DOI":"10.1109\/JIOT.2014.2360121","article-title":"An Analysis of RFID Authentication Schemes for Internet of Things in Healthcare Environment Using Elliptic Curve Cryptography","volume":"2","author":"He","year":"2014","journal-title":"IEEE Internet Things J."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"2927","DOI":"10.1109\/JIOT.2017.2757918","article-title":"Dynamic authentication protocol using self-powered timers for passive Internet of Things","volume":"5","author":"Afifi","year":"2017","journal-title":"IEEE Internet Things J."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Agrawal, S., and Ahlawat, P. (2020, January 22\u201323). A Survey on the Authentication Techniques in Internet of Things. Proceedings of the 2020 IEEE International Students\u2019 Conference on Electrical, Electronics and Computer Science (SCEECS), Bhopal, India.","DOI":"10.1109\/SCEECS48394.2020.86"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Shivraj, V., Rajan, M., Singh, M., and Balamuralidhar, P. (2015, January 17\u201319). One time password authentication scheme based on elliptic curves for Internet of Things (IoT). Proceedings of the 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW), Riyadh, Saudi Arabia.","DOI":"10.1109\/NSITNSW.2015.7176384"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Aboudagga, N., Refaei, M.T., Eltoweissy, M., DaSilva, L.A., and Quisquater, J.J. (2005). Authentication Protocols for Ad Hoc Networks: Taxonomy and Research Issues. Proceedings of the 1st ACM International Workshop on Quality of Service & Security in Wireless and Mobile Networks (Q2SWinet \u201905), ACM.","DOI":"10.1145\/1089761.1089777"},{"key":"ref_27","unstructured":"(2020, December 11). 2018 Global PKI Trends Study. Available online: https:\/\/bit.ly\/3780EW0."},{"key":"ref_28","unstructured":"Rescorla, E. (2001). SSL and TLS: Designing and Building Secure Systems, Addison-Wesley Longman Publishing Co., Inc.. Addison-Wesley Reading."},{"key":"ref_29","doi-asserted-by":"crossref","first-page":"33","DOI":"10.1109\/35.312841","article-title":"Kerberos: An authentication service for computer networks","volume":"32","author":"Neuman","year":"1994","journal-title":"IEEE Commun. Mag."},{"key":"ref_30","unstructured":"Martinelli, S., Nash, H., and Topol, B. (2015). Identity, Authentication, and Access Management in Openstack: Implementing and Deploying Keystone, O\u2019Reilly Media, Inc."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Sousa, P.R., Resende, J.S., Martins, R., and Antunes, L. (2019). Secure Provisioning for Achieving End-to-End Secure Communications. International Conference on Ad-Hoc Networks and Wireless, Springer.","DOI":"10.1007\/978-3-030-31831-4_34"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"141","DOI":"10.1007\/s13389-014-0090-x","article-title":"Fast prime field elliptic-curve cryptography with 256-bit primes","volume":"5","author":"Gueron","year":"2015","journal-title":"J. Cryptogr. Eng."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Barker, E., Johnson, D., and Smid, M. (2007). NIST special publication 800-56A: Recommendation for pair-wise key establishment schemes using discrete logarithm cryptography (revised). Comput. Secur. Natl. Inst. Stand. Technol. (NIST).","DOI":"10.6028\/NIST.SP.800-56ar"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Blake, I.F., Seroussi, G., and Smart, N.P. (2005). Advances in Elliptic Curve Cryptography, Cambridge University Press.","DOI":"10.1017\/CBO9780511546570"},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"523","DOI":"10.1109\/JIOT.2018.2791522","article-title":"PortoLivingLab: An IoT-based sensing platform for smart cities","volume":"5","author":"Santos","year":"2018","journal-title":"IEEE Internet Things J."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Fortes, S., Santoyo-Ram\u00f3n, J.A., Palacios, D., Baena, E., Mora-Garc\u00eda, R., Medina, M., Mora, P., and Barco, R. (2019). The campus as a smart city: University of M\u00e1laga environmental, learning, and research approaches. Sensors, 19.","DOI":"10.3390\/s19061349"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Badii, C., Bellini, P., Difino, A., and Nesi, P. (2019). Sii-Mobility: An IoT\/IoE architecture to enhance smart city mobility and transportation services. Sensors, 19.","DOI":"10.3390\/s19010001"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Sheth, M., Trivedi, A., Suchak, K., Parmar, K., and Jetpariya, D. (2020, January 20\u201322). Inventive Fire Detection utilizing Raspberry Pi for New Age Home of Smart Cities. Proceedings of the 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT), Tirunelveli, India.","DOI":"10.1109\/ICSSIT48917.2020.9214108"},{"key":"ref_39","unstructured":"Dray, J.F. (2005). NIST Special Publication 800-73 Interfaces for Personal Identity. [Ph.D. Thesis, National Institute of Standards and Technology]."},{"key":"ref_40","unstructured":"Cheshire, S. (2021, September 01). Zero Configuration Networking (Zeroconf). Available online: http:\/\/www.zeroconf.org."},{"key":"ref_41","unstructured":"(2021, August 18). Validation Protocol Version 2.0. Available online: https:\/\/developers.yubico.com\/yubikey-val\/Validation_Protocol_V2.0.html."},{"key":"ref_42","unstructured":"(2021, August 18). Go Implementation of Yubikey Server. Available online: https:\/\/github.com\/stumpyfr\/yubikey-server."},{"key":"ref_43","unstructured":"(2021, August 19). Locust\u2014An Open Source Load Testing Tool. Available online: https:\/\/locust.io\/."},{"key":"ref_44","unstructured":"Corista, P., Giao, J., Sarraipa, J., Garcia Perales, O., Almeida, R., and Moalla, N. (2021, August 19). Enablers Framework: Developing Applications Using FIWARE. Enterprise Interoperability: Smart Services and Business Impact of Enterprise Interoperability, Available online: https:\/\/onlinelibrary.wiley.com\/doi\/10.1002\/9781119564034.ch10."},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Salhofer, P., Buchsbaum, J., and Janusch, M. (2019, January 8\u201311). Building a fiware smart city platform. Proceedings of the 52nd Hawaii International Conference on System Sciences, HICSS 2019, Grand Wailea, Maui, HI, USA.","DOI":"10.24251\/HICSS.2019.888"},{"key":"ref_46","unstructured":"(2021, April 09). FIWARE PEP Proxy. Available online: http:\/\/fiware-pepproxy.readthedocs.io\/en\/latest\/userguide\/."},{"key":"ref_47","unstructured":"(2021, April 09). FIWARE PEP Proxy\u2014Wilma. Available online: http:\/\/catalogue.fiware.org\/enablers\/pep-proxy-wilma."},{"key":"ref_48","unstructured":"(2021, April 09). ID\u2019s Implementation of the FIWARE PEP GE. Available online: https:\/\/github.com\/telefonicaid\/fiware-pep-steelskin."},{"key":"ref_49","unstructured":"(2021, July 26). AuthzForce (Community Edition). Available online: https:\/\/authzforce.ow2.org."},{"key":"ref_50","doi-asserted-by":"crossref","unstructured":"Sousa, P.R., Cirne, A., Resende, J.S., Martins, R., and Antunes, L. (2019, January 4\u20137). pTASC: Trustable autonomous secure communications. Proceedings of the 20th International Conference on Distributed Computing and Networking, Bangalore, India.","DOI":"10.1145\/3288599.3288623"},{"key":"ref_51","unstructured":"(2018, November 13). One Time Password Authentication Preston Wiley, CISSP. Available online: https:\/\/www.cerias.purdue.edu\/site\/secpros_wiki\/2eee74069478f06fa7c536ae6fa901b2\/."},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"88435","DOI":"10.1109\/ACCESS.2019.2926556","article-title":"An identity framework for providing access to FIWARE OAuth 2.0-based services according to the eIDAS European regulation","volume":"7","author":"Alonso","year":"2019","journal-title":"IEEE Access"},{"key":"ref_53","doi-asserted-by":"crossref","unstructured":"Camenisch, J., and Van Herreweghen, E. (2002, January 18\u201322). Design and implementation of the idemix anonymous credential system. Proceedings of the 9th ACM Conference on Computer and Communications Security, Washington, DC, USA.","DOI":"10.1145\/586111.586114"},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"951","DOI":"10.1007\/s12083-018-0701-x","article-title":"Reputation based approach for improved fairness and robustness in P2P protocols","volume":"12","author":"Nwebonyi","year":"2019","journal-title":"Peer-to-Peer Netw. Appl."},{"key":"ref_55","doi-asserted-by":"crossref","unstructured":"Eskandarian, S., Messeri, E., Bonneau, J., and Boneh, D. (2017). Certificate transparency with privacy. arXiv.","DOI":"10.1515\/popets-2017-0052"},{"key":"ref_56","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1145\/2659897","article-title":"Certificate transparency","volume":"57","author":"Laurie","year":"2014","journal-title":"Commun. ACM"},{"key":"ref_57","unstructured":"(2021, July 26). A Transparent, Highly Scalable and Cryptographically Verifiable Data Store. Available online: https:\/\/github.com\/google\/trillian."},{"key":"ref_58","doi-asserted-by":"crossref","first-page":"57","DOI":"10.1109\/MCE.2016.2640718","article-title":"Create Your Own Internet of Things: A survey of IoT platforms","volume":"6","author":"Singh","year":"2017","journal-title":"IEEE Consum. Electron. Mag."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/17\/5898\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T06:54:45Z","timestamp":1760165685000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/21\/17\/5898"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,9,2]]},"references-count":58,"journal-issue":{"issue":"17","published-online":{"date-parts":[[2021,9]]}},"alternative-id":["s21175898"],"URL":"https:\/\/doi.org\/10.3390\/s21175898","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,9,2]]}}}