Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
Review
. 2021 Jul 28;21(15):5122.
doi: 10.3390/s21155122.

Machine Learning for Authentication and Authorization in IoT: Taxonomy, Challenges and Future Research Direction

Kazi Istiaque Ahmed  1 Mohammad Tahir  1 Mohamed Hadi Habaebi  2 Sian Lun Lau  1 Abdul Ahad  1
Affiliations
Review

Machine Learning for Authentication and Authorization in IoT: Taxonomy, Challenges and Future Research Direction

Kazi Istiaque Ahmed et al. Sensors (Basel). .

Abstract

With the ongoing efforts for widespread Internet of Things (IoT) adoption, one of the key factors hindering the wide acceptance of IoT is security. Securing IoT networks such as the electric power grid or water supply systems has emerged as a major national and global priority. To address the security issue of IoT, several studies are being carried out that involve the use of, but are not limited to, blockchain, artificial intelligence, and edge/fog computing. Authentication and authorization are crucial aspects of the CIA triad to protect the network from malicious parties. However, existing authorization and authentication schemes are not sufficient for handling security, due to the scale of the IoT networks and the resource-constrained nature of devices. In order to overcome challenges due to various constraints of IoT networks, there is a significant interest in using machine learning techniques to assist in the authentication and authorization process for IoT. In this paper, recent advances in authentication and authorization techniques for IoT networks are reviewed. Based on the review, we present a taxonomy of authentication and authorization schemes in IoT focusing on machine learning-based schemes. Using the presented taxonomy, a thorough analysis is provided of the authentication and authorization (AA) security threats and challenges for IoT. Furthermore, various criteria to achieve a high degree of AA resiliency in IoT implementations to enhance IoT security are evaluated. Lastly, a detailed discussion on open issues, challenges, and future research directions is presented for enabling secure communication among IoT nodes.

Keywords: Internet of Things; IoT; authentication; authorization; machine learning; security.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

Figure 1
Figure 1
Taxonomy of ML-based AA for IoT.
Figure 2
Figure 2
Layered view of IoT for AA and Security Risks.
See this image and copyright information in PMC

References

    1. Statista . Internet of Things—Active Connections Worldwide 2015–2025. Statista Research Department; Hamburg, Germany: 2021.
    1. Li X., Lu R., Liang X., Shen X., Chen J., Lin X. Smart community: An internet of things application. IEEE Commun. Mag. 2011;49:68–75. doi: 10.1109/MCOM.2011.6069711. - DOI
    1. Ahad A., Tahir M., Sheikh M.A., Ahmed K.I., Mughees A., Numani A. Technologies trend towards 5g network for smart health-care using iot: A review. Sensors. 2020;20:4047. doi: 10.3390/s20144047. - DOI - PMC - PubMed
    1. Kolias C., Kambourakis G., Stavrou A., Voas J. DDoS in the IoT: Mirai and other botnets. Computer. 2017;50:80–84. doi: 10.1109/MC.2017.201. - DOI
    1. Putra G.D., Dedeoglu V., Kanhere S.S., Jurdak R. Trust management in decentralized iot access control system; Proceedings of the 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC); Toronto, ON, Canada. 2–6 May 2020; pp. 1–9.

LinkOut - more resources