Advanced SearchSearch Tips
OAuth-based User Authentication Framework for Internet of Things
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
OAuth-based User Authentication Framework for Internet of Things
Yu, Sung-Tae; Oh, Soo-Hyun;
  PDF(new window)
It is expected that internet of things can be used for various fields such as smart home, smart building and smart city as the representative case of ICT that sensor, communication and interface technologies operate organically and the researches of the technologies regarding internet of things are being carried out in each countries worldwide. However, many problems rise against internet of things continuously in respect of security. Among them, the problem of privacy is the one that should be solved definitely regarding internet of things. If user data does not remain during the process of user authentication, such the privacy problem can be solved. In this paper, we propose the framework of user authentication based on OAuth that is suitable for the environment of internet of things that can solve privacy problem and analyze its security.
 Cited by
Dave Evans, "The Internet of Things: How the Next Evolution of the Internet Is Changing Everything", Cisco IBSG, April 2011.

H.Tschofenig, "The OAuth 2.0 Internet of Things (IoT) Client Credentials Grant", draft-tschofenig-ace-oauth-iot-00.txt, July 2014

E. Hammer-Lahav, "The Oath 1.0 Protocol", IETF, RFC5849, April 2010.

D. Hart, "The Oath 2.0 Authorization Framework", IETF, RFC6749, October 2012.

Simone Cirani, Macro Picone, "IoT-OAS : An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios", IEEE SENSORS JOURNAL, VOL. 15, 2015. DOI:

Schmitt and B.Stiller, "DTLS-based security with two-way Authentication for IoT-02", Internet Draft, draft-schmitt-two-way-authentication-for-iot-02, February 2014.

Z.Shelby, K.Hartke and C.Borman, "Constrained Application Protocol (CoAP)", RFC7252, IETF, draft-ietf-core-18, June 2013.

Rescolrla and N.Modadugu, "Datagram Transport Layer Security Version 1.2", RFC6347, IETF, January 2012.