Security and privacy is a much-needed aspect of the connected world. If these functionalities are not deployed properly then every economic or societal institution dependent on them are vulnerable to get crashed and might even cause a damage of catastrophic scale. People would eventually stop trusting these technological platforms that are supposed to make their lives better. Although security is a paramount functionality in any connected infrastructure, there is no silver bullet to it, there has been extensive research in this field but no one has come up with an idea that can secure the distributed and heterogeneous IoT network efficiently. IoT demands an autonomous access control methodology requiring minimal or no user interaction. There are several existing models that are good and effective however they have several implementation issues. In this paper we have described our survey of the existing security models of IoT and presented a brief comparative analysis of the discussed models also some of the main requirements for designing such models is given.

IoT, Security, blockchain, access-control, models

[1] I. Gartner, “Gartner Analysis.” [Online]. Available: https://www.gartner.com/newsroom/id/3598917. [Accessed: 06-Feb-2018].
[2] J. A. Jerkins, “Motivating a market or regulatory solution to IoT insecurity with the Mirai botnet code,” 2017 IEEE 7th Annu. Comput. Commun. Work. Conf. CCWC 2017, 2017.
[3] “Hijacking Computers to Mine Cryptocurrency Is All the Rage - MIT Technology Review.” [Online]. Available: https://www.technologyreview.com/s/609031/hijacking-computers-to-mine-cryptocurrency-is-all-the-rage/. [Accessed: 06-Feb-2018].
[4] E. Bertino, “Botnets and Internet.”
[5] S. Nakamoto, “Bitcoin: A Peer-to-Peer Electronic Cash System,” Www.Bitcoin.Org, p. 9, 2008.
[6] Z. Zheng, S. Xie, H. Dai, X. Chen, and H. Wang, “An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends,” Proc. - 2017 IEEE 6th Int. Congr. Big Data, BigData Congr. 2017, pp. 557–564, 2017.
[7] A. Dorri, S. S. Kanhere, and R. Jurdak, “Towards an Optimized BlockChain for IoT,” in Proceedings of the Second International Conference on Internet-of-Things Design and Implementation - IoTDI ’17, 2017, pp. 173–178.
[8] N. Kshetri, “Can Blockchain Strengthen the Internet of Things?,” IT Prof., vol. 19, no. 4, pp. 68–72, 2017.
[9] G. Zhang, “An extended role based access control model for the Internet of Things,” 2010 Int. Conf. Information, Netw. Autom., pp. V1-319-V1-323, 2010.
[10] J. L. Hernández-Ramos, A. J. Jara, L. Marín, and A. F. Skarmeta Gómez, “DCapBAC: embedding authorization logic into smart things through ECC optimizations,” Int. J. Comput. Math., vol. 93, no. 2, pp. 345–366, 2016.
[11] P. J. Sandhu R., “Usage Control: A Vision for Next Generation Access Control,” Comput. Netw. Secur., vol. 1, pp. 42–56, 2003.
[12] V. C. Hu, D. R. Kuhn, and D. F. Ferraiolo, “Attribute-based access control,” Computer (Long. Beach. Calif)., vol. 48, no. 2, pp. 85–88, 2015.
[13] M. Vučinić, B. Tourancheau, F. Rousseau, A. Duda, L. Damon, and R. Guizzetti, “OSCAR: Object security architecture for the Internet of Things,” Ad Hoc Networks, vol. 32, no. January, pp. 3–16, 2015.
[14] A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for IoT security and privacy: The case study of a smart home,” 2017 IEEE Int. Conf. Pervasive Comput. Commun. Work. (PerCom Work., pp. 618–623, 2017.
[15] A. Ouaddah, A. A. Elkalam, and A. A. Ouahman, “Towards a novel privacy-preserving access control model based on blockchain technology in IoT,” in Advances in Intelligent Systems and Computing, 2017, vol. 520, pp. 523–533.
[16] C. Li and L. J. Zhang, “A blockchain based new secure multi-layer network model for internet of things,” Proc. - 2017 IEEE 2nd Int. Congr. Internet Things, ICIOT 2017, pp. 33–41, 2017.
[17] M. Castro, M. Castro, B. Liskov, and B. Liskov, “Practical Byzantine fault tolerance,” OSDI {’}99 Proc. third Symp. Oper. Syst. Des. Implement., no. February, pp. 173–186, 1999.