PROBLEMS OF AUTHENTICATION AND AUTHORIZATION IN THE IOT ENVIRONMENT

Abstract

Expansion of devices that are equipped with sensors and have the ability to communicate with other devices or users brings great concern, mainly in terms of privacy and data storage that is being collected. This concern is a major obstacle to the wider adoption of the IoT paradigm. Peripheral devices, mainly sensors, due to limited hardware capabilities, do not have the ability to implement heavy-weight security mechanisms. Bearing in mind these limitations, it is necessary to find adequate protocols or architectures that will offer secure communication between peripheral devices and users. In this paper, the basic components of IoT architecture are described, some of the weaknesses of IoT devices are presented, which are primarily related to security risks during authentication and authorization in the IoT environment. Also, there are examples of using protocols and architectures that guarantee or increase data security during authentication and authorization process.