Access control in IOT: a comprehensive survey of challenges, approaches, and future directions

Abstract

This paper explores the transformative impact of the IoT on device connectivity, emphasizing the critical role of Access Control (AC) in securing IoT and ensuring appropriate resource access. The study conducts a comprehensive survey, addressing challenges, requirements, and approaches in designing effective IoT AC, considering device diversity, resource constraints, and energy consumption complexities. The adaptation of traditional AC methods for IoT is examined, highlighting complications arising from device heterogeneity and advocating for suitable AC solutions aligned with global IoT policies. The focus shifts to two emerging technologies, Blockchain (BC) and Machine Learning (ML), as potential solutions for IoT AC challenges. BC’s decentralization, security, and transparency are explored, emphasizing their role in mitigating AC issues. ML techniques are investigated for real-time identification of suspicious activities, enhancing the adaptability of AC mechanisms. Integrating BC and ML in IoT AC is a key research question, with insights suggesting enhanced security, transparency, and efficiency. The survey employs a systematic review approach, utilizing NVIVO software and the CASP tool for data coding to ensure the validity of the information. The conclusion summarizes key findings, addressing how BC and ML can mitigate AC challenges in IoT. BC’s decentralized and tamper-resistant nature and ML’s dynamic learning capabilities contribute to enhanced security. Alternative technologies for IoT AC are explored, including smart contracts, attribute-based AC, and certificate-based schemes. The integration of BC and ML is identified as a means to deliver trusted IoT services, achieve fine-grained AC, and enable efficient data transfer methods.