Known unknowns: Indeterminacy in authentication in IoT

Mohammad Heydari, Alexios Mylonas, Vahid Heydari Fami Tafreshi, Elhadj Benkhelifa, Surjit Singh

Research output: Contribution to journalArticlepeer-review

1 Citation (Scopus)


The Internet of Things (IoT), comprising a plethora of heterogeneous devices, is an enabling technology that can improve the quality of our daily lives, for instance by measuring parameters from the environment (e.g., humidity, temperature, weather, energy consumption, traffic, and others) or our bodies (e.g., health data). However, as with any technology, IoT has introduced a number of security and privacy challenges. Indeed, IoT devices create, process, transfer and store data, which are often sensitive, and which must be protected from unauthorized access. Similarly, the infrastructure that links with IoT, as well as the IoT devices themselves, is an asset that needs to be protected. The focus of this work is examining authentication in IoT. In particular, in this work we conducted a state-of-the-art review of the access control models that have been proposed, including both traditional access control models and emerging models that have recently been proposed and are tailored for IoT. We identified that the existing models cannot cope with indeterminacy, an inherent characteristic of IoT, which hinders authentication decisions. In this context, we studied the two known components of indeterminacy, i.e., uncertainty and ambiguity, and proposed a new model that handles indeterminacy in authentication in IoT environments.
Original languageEnglish
Pages (from-to)278-287
Number of pages10
JournalFuture Generation Computer Systems: The International Journal of eScience (FGCS)
Early online date8 Apr 2020
Publication statusPublished - 1 Oct 2020


  • Access control
  • Ambiguity
  • Authentication
  • Internet of Things
  • Uncertainty


Dive into the research topics of 'Known unknowns: Indeterminacy in authentication in IoT'. Together they form a unique fingerprint.

Cite this