{"id":2638,"date":"2022-11-02T08:51:24","date_gmt":"2022-11-02T08:51:24","guid":{"rendered":"https:\/\/iot-ngin.eu\/?p=2638"},"modified":"2022-11-02T09:03:48","modified_gmt":"2022-11-02T09:03:48","slug":"advancing-access-control-in-iot-systems","status":"publish","type":"post","link":"https:\/\/iot-ngin.eu\/index.php\/2022\/11\/02\/advancing-access-control-in-iot-systems\/","title":{"rendered":"Advancing Access Control in IoT Systems"},"content":{"rendered":"\n

Access control is of utmost importance in large IoT systems, with multiple services to be protected, a variety of users and different levels of access. The need for a highly efficient and transparent mechanism, that allows multiple methods of authorization and authentication as per use case, is mandatory. The IoT Devices Access Control (IDAC) <\/em>module of IoT-NGIN has been implemented to handle the access to the resources of the IoT-NGIN framework, in a manner that does not imply the direct involvement of the clients or the devices per se. Through a single gateway URL, multiple services can be exposed in different paths and be protected according to the needs of the application. Users, instead of accessing the services directly, will just now need to make use of the IDAC<\/em> API.<\/p>\n\n\n\n

The IoT Device Access Control<\/em> module is implemented as a flexible Ingress Gateway enforcing chained access control methods, following different access control mechanisms which are implemented as plugins. IDAC supports a number of ways to secure resources, which can be quite application-specific, by using authentication and security plugins. Within the scope of IoT-NGIN, the following custom plugins have been developed:<\/p>\n\n\n\n