University of Hertfordshire

By the same authors

Known unknowns: Indeterminacy in authentication in IoT

Research output: Contribution to journalArticlepeer-review

  • Mohammad Heydari
  • Alexios Mylonas
  • Vahid Heydari Fami Tafreshi
  • Elhadj Benkhelifa
  • Surjit Singh
View graph of relations
Original languageEnglish
Pages (from-to)278-287
Number of pages10
JournalFuture Generation Computer Systems
Early online date8 Apr 2020
Publication statusPublished - 1 Oct 2020


The Internet of Things (IoT), comprising a plethora of heterogeneous devices, is an enabling technology that can improve the quality of our daily lives, for instance by measuring parameters from the environment (e.g., humidity, temperature, weather, energy consumption, traffic, and others) or our bodies (e.g., health data). However, as with any technology, IoT has introduced a number of security and privacy challenges. Indeed, IoT devices create, process, transfer and store data, which are often sensitive, and which must be protected from unauthorized access. Similarly, the infrastructure that links with IoT, as well as the IoT devices themselves, is an asset that needs to be protected. The focus of this work is examining authentication in IoT. In particular, in this work we conducted a state-of-the-art review of the access control models that have been proposed, including both traditional access control models and emerging models that have recently been proposed and are tailored for IoT. We identified that the existing models cannot cope with indeterminacy, an inherent characteristic of IoT, which hinders authentication decisions. In this context, we studied the two known components of indeterminacy, i.e., uncertainty and ambiguity, and proposed a new model that handles indeterminacy in authentication in IoT environments.

ID: 22838556