查看文章

The number of Internet of Things (IoT) vendors is rapidly growing, providing solutions for all levels of the IoT stack. Despite the universal agreement on the need for a standardized technology stack, following the model of the world-wide-web, a large number of industry-driven domain specific standards hinder the development of a single IoT ecosystem. An attempt to solve this challenge is the introduction of O-MI (Open Messaging Interface) and O-DF (Open Data Format), two domain independent standards published by Open Group. Despite their good compatibility, they define no specific security model. This paper takes the first step of defining a security model for these standards by proposing suitable access control and authentication mechanisms that can regulate the rights of different principles and operations defined in these standards. First, a brief introduction is provided of the O-MI and O-DF standards …