2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
An Authentication Model for IoT Clouds
Luciano Barreto∗ , Antonio Celesti† , Massimo Villari† , Maria Fazio† , Antonio Puliafito
∗ Federal University of Santa Catarina, Brazil - lucianobarreto@das.ufsc.br
† Università degli Studi di Messina, Italia - {acelesti, mvillari, mfazio, apuliafito}@unime.it
Abstract—Nowadays, the combination between Cloud com-
puting and Internet of Things (IoT) is pursuing new levels of
efficiency in delivering services, representing a tempting business
opportunity for IT operators of increasing their revenues. How-
ever, security is considered as one of the major factors that slows
down the rapid and large scale adoption and deployment of both
IoT and Cloud computing. In this paper, considering such an IoT
Cloud scenario, we present an architectural model and several
use cases that allow different types of users to access IoT devices.
Keywords—Cloud computing, internet of things, security, au-
thentication.
I. I NTRODUCTION
Nowadays, the combination between IoT and Cloud com-
puting is pursuing new levels of efficiency in delivering
services, representing a tempting business opportunity for IT
operators of increasing their revenues. As highlighted in the
Digital Agenda for Europe [1], one of the key challenges for
the European Commission is to have a globally competitive
Cloud infrastructure for the “Internet of Services” intercon-
nected with “Things” distributed over remote areas. IoT is cur-
rently applied to different contexts, such as building construc-
tion, car traffic monitoring, environmental analysis, health-care
assistance, weather forecasting, video surveillances, and so on.
As a consequence, IoT will offer new services for making
cities “smarter” and it will improve the interaction of people
and IoT devices/services with the surrounding environments,
increasing the citizens’ quality of life [2]. The emerging
business perspectives coming from IoT are pushing private,
public, and hybrid Cloud providers to integrate their systems
with IoT devices (i.e., embedded devices including sensors and
actuators) in order to provide new services [3]. Thus, new types
of providers that combine the traditional Cloud computing
paradigm with IoT have been rising. There is not limit to the
possible scenarios that can be accomplished putting together
IoT and Cloud computing. In our opinion, IoT can appear as
a natural extension of Cloud computing, in which the Cloud
allows users to access IoT based resources and capabilities to
manage many different intelligent pervasive environments. In
addition, Cloud computing can support the delivery of IoT as
a Service (IoTaaS). In fact, we can talk about IoT Cloud or
Sensing Cloud to indicate a new type of distributed system
consisting of a set of smart objects or embedded systems
interconnected with a remote Cloud infrastructure, platform, or
software through the Internet able to provide different types of
IoTaaS. Commonly, users deal with the sensing information in
order to make decisions in different application fields. Based
on these assumptions, accessing these pieces of data in a secure
ASONAM '15, August 25-28, 2015, Paris, France 1032
© 2015 ACM. ISBN 978-1-4503-3854-7/15/08 $15.00
DOI: http://dx.doi.org/10.1145/2808797.2809361
†
way is fundamental [4]. In addition, how to make IoT devices
trusted with the Cloud system is a big concern. In fact, security
is one of the major issues that slows down the large adoption
of IoT Cloud providers.
In this paper, considering such a scenario, we present an
authentication system model for IoT Clouds and we discuss
several authentication use cases that allow users and manufac-
turers to access IoT devices in a secure way. In particular, our
use cases are based on the Identity Provider/Service Provider
(IdP/SP) model. The paper is organized as follows. Section
II briefly describes the state of the art of IoT Cloud security.
A generic authentication system blueprint for IoT Clouds is
presented in Section III. In Section IV, we describe several
authentication use cases for IoT Cloud and the resulting
protocol flows formalized by means of different sequence
diagrams. Section V concludes the paper.
II. R ELATED W ORK
Nowadays, security is considered as one of the major
factors that slows down the rapid and large scale adoption
and deployment of both IoT and Cloud computing. In fact,
security in IoT and Cloud computing is a widely discussed
topic [5]. An overview of the main security challenges in
IoT-aided robotics applications is presented in [6], specifically
focusing on network security. In [7] the authors investigate the
possibility to unify resilient Cloud computing and secure IoT
in Smart Cities scenarios. In [8], the authors investigate the
security issues and challenges on the IoT-based Smart Grids
(SG), and define the major security services that should be
considered when dealing with SG security. In [9], the authors
discuss how to perform a self-identification process in order
to achieve a secure auto-configuration of IoT devices joining
the Cloud. In [10], the authors describe the security issues
related to IoT data acquisition, identifying three threats: i) data
transfer between IoT devices; ii) data transfer between devices
and other parties, such as users and Clouds; iii) security issues
related to the configuration made by users on their devices.
III. AUTHENTICATION M ODEL FOR I OT C LOUDS
In this Section, we present an architectural system model
including all the software components required to allow users
to access IoT resources and services in a secure way. In
particular, we focus on how users can access IoT devices
either directly or through the Cloud provider. In our reference
scenario, we assume that IoT devices can be connected to the
Cloud provider either in a transparent way or explicitly. To
this end, in this paper, we specifically focus on authentica-
tion mechanisms for users accessing the IoT Cloud. In our
 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
architectural model, we consider both direct user’s request
access to IoT devices and user’s request access to IoT devices
performed through the IoT Cloud. In order to achieve a secure
IoT Cloud, several software components need to be integrated
to enable users to access IoT devices in a secure way. . An
overview of the proposed architectural model is depicted in
Figure 1. In this paper, we specifically focus on authentication.
IoT Cloud Provider
IdM
Basic User IoT Plataform
Advanced User
Layer
SW
User Ring Admin Ring
Sensor
Layer
HW
FPGA
Actuator
TPM
Smartcard
IoT Device
Fig. 1: IoT Cloud system model.
Authorization and auditing mechanisms are out of scope of
this scientific work. In order to design an authentication model
for IoT Clouds, we specifically considered the IdP/SP model.
More specifically, it allows the exchange of authentication
assertions between an IdP (i.e., a producer of assertions)
and a generic SP (i.e., a consumer of assertions). Typically,
the IdP/SP model consists of: a subject, i.e., a person or
a software/hardware entity that assumes a particular digital
identity and that interacts with a SP; a SP or relying party,
a system, or administrative domain, that relies on information
supplied by a trusted IdP; an IdP or asserting party, a system,
or administrative domain, that is trusted with one or more
SPs and that asserts authentication information regarding a
subject. This model allows to carry out the Single-Sign-On
(SSO) authentication, i.e., once the subject has performed an
authentication on an IdP, he/she gains the access to all the
SPs that are trusted with that IdP. In addition, this model also
allows to carry out Single-Log-Out (SLO) tasks.
According to the IdP/SP model, the proposed architec-
tural blueprint can be broken down into different software
components. Some of them acting as SPs, (i.e., IoT device
and Cloud Platform), other acting as subjects (i.e., Basic
Users, Advanced User, IoT Platform, and Manufacturer). In
addition, we considered two administrative domains respec-
tively managing two types of user’s authentications: Basic
and Advanced. According to the Basic User authentication,
the Basic User can access services and resources of the IoT
device through the Cloud Platform. In this case, IoT devices
are transparent for the Basic User. The Cloud Platform plays
two roles: in the first phase of the Basic User authentication
it acts as SP, in order to allow the user to access the Cloud,
whereas, in the second phase, it acts as principal performing an
authentication on the IoT device on behalf of the Basic User.
Instead, in the Advanced User authentication, the Admin User,
the Cloud Platform, and the Manufacturer can directly access
the IoT device for advanced maintenance tasks. For example,
the Admin User can perform an advanced setup, whereas the
Manufacturer can perform firmware updates. In the following,
we better describe the aforementioned components.
A. IoT Device
The IoT device includes two layers: hardware and software.
In the hardware layer, physical items such as sensors, actuators,
and a Trusted Platform Module (TPM) are integrated. The
reliability of connected IoT devices is of utmost importance.
According to such a requirement, in the proposed system
model, each IoT device includes a TPM in order to accomplish
a chain of trust from hardware to software components. The
TPM is typically a chip connected on the board of a device.
In our model, through the TPM, clients can be sure that
Manufacturer the hardware/software configuration of the IoT device has
not been corrupted. This is possible by means of remote
attestation mechanism that is out of scope in this paper. Further
Admin Flow
details on trusted computing in IoT are available in [11].
Authentication Flow Despite of the use of TPM, it generally implies a model with
Data Flow
static certificates. For this reason, in this paper, we consider
dynamic certificates issued by a trusted third parties, such as
a Certification Authority (CA), as already discussed in [12].
Besides the components for maintaining the safety of the IoT
device, sensors and actuators are connected to the hardware.
Sensors are responsible for reading environmental data (e.g.,
temperature, light movement, and so on), whereas the actuators
are responsible for performing actions (e.g., turning on/off a
light, switch on/off an engine, and so on). As previously stated,
IoT devices have to be available according to different kinds of
clients: Basic User, Admin User, Cloud Platform, and Manu-
facturers. Basic Users should have access to only the high-level
functions of IoT devices (through the Cloud) such as reading
data and sending commands to actuators (if applicable). On the
other hand, Admin Users, Cloud Providers, and Manufacturers
should have low-level access to IoT devices in order to manage
digital certificates and also, in the case of Manufacturers, to
update the firmware. Given these requirements, in the software
layer, the User Ring and Admin Ring components respectively
manages the authentications for accessing high-level and low-
level functionalities.
B. Basic and Admin Users
Similarly to traditional Cloud computing environments,
also in IoT users may have different access requirements.
For some users, a per-processed information coming from the
services offered by the IoT Cloud platform are enough, instead
for others, raw sensing data are required. In this regard, we
identified two kinds of users: “Basic User” and “Advanced
User”; The “Basic User” is able to access the resources and
services of IoT devices through an IoT Platform supplied
by the Cloud provider. In this case, the user access virtual
sensing resources and services offered by IoT devices, through
the IoT Cloud Platform, but he/she is not aware about their
hardware/software configurations. This software abstraction is
typically called virtual sensing, and services are provided in
form of IoTaaS. The “Advanced User” is able to perform a
direct access to IoT devices. In this case, users can directly
access raw data coming from sensors, and if required, they
can directly control actuators. In addition, users are also able
setup the devices.
C. Manufacturer
Manufactures are responsible for selling/providing IoT
devices to users and to manage the life cycle of their pieces
1033
 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
of firmware. Typically, the IoT Cloud provider is responsible
to control the IoT device once it has joined the system. When
Manufactures need to remotely access these IoT devices they
have always to contact the IdP of the IoT Cloud provider
to which the IoT device is connected to and this latter will
grant access through an authentication process. As described,
Manufactures have a privileged access to IoT devices through
the Admin Ring interface that allows them to make low-level
tasks.
D. IoT Cloud Provider
The IoT Cloud provider acts as a traditional Cloud com-
puting entity extended with two main components: IoT Cloud
Platform and IdP. The details of these components will be
described below. The IoT Cloud provider operates in a well-
known Cloud computing model. However, instead of man-
aging only computing, storage, and network resources, these
providers also manage IoT devices. IoT Cloud provider acts as
a distributed system to which these devices can be connected,
maintaining security, QoS, and other features. Basic Users
access IoT devices via the Cloud Provider, so that the provider
has to manage access control policies. In addition, an IoT
Cloud provider can be considered as a particular type of
Advanced User because it is able to perform a direct access
to IoT devices.
1) IoT Cloud Platform: The IoT Cloud Platform is system
able to manage IoT devices. According to a Platform as a
Service (PaaS) model, it offers Application Program Inter-
faces (APIs) for controlling IoT devices in a simplified way.
Commonly, services are provided in form IoTaaS and they
allow users to access and process pieces of data coming from
IoT devices and to control actuators. This type of platform
organization well suits a scenario in which, IoT devices owners
may not be interested in making devices directly available
for end users, but just through IoT Cloud Providers. Thus,
this platform acts as an intermediate software layer between
end-users and IoT devices, abstracting them. The IoT Cloud
Platform can act as either Advanced User or Basic User
according to different scenarios.
2) IdM: One of the major issues of Cloud Computing
systems is how to secure the access to resources and services.
To this end, usually, Cloud providers adopt an IdP that plays
the role of Identity Manager (IdM). The main task of an IdM is
the management of users’ credentials. Particularly, according to
our system model, the IdP addresses the identity management
functionalities of users accessing IoT devices. Considering Ad-
vanced Users, Cloud Platforms, or Manufacturers who/which
directly access several IoT devices, the IdP allows them to take
the advantages of the SSO and SLO functionalities, drastically
reducing the number or required credentials.
IV. AUTHENTICATION U SE C ASES OF I OT C LOUDS
In this Section, according to both our authentication system
model and the Secure Assertion Markup Language (SAML)
approach, we describe general authentication use cases for IoT
Clouds. In addition, the resulting protocol flows are formalized
by means of specific sequence diagrams. More specifically, our
goal is to describe how the involved actors and components
interact each other in order to carry out an authentication
1034
process in different IoT Cloud scenarios. In the following,
using the sequence diagram notation, we describe two use
cases required to establish authentication processes. The first
one is related to users accessing IoT devices, instead the second
one is related to a firmware update of the IoT device performed
a the manufacturer.
A. User Access Use Case
As we previously described, we have identified two dif-
ferent types of users, i.e., Basic and Advanced. These users
interact in different ways with the IoT Cloud provider and as-
sociated IoT devices. Below, we describe how the interactions
of these types of users take place.
1) Basic User: Figure 2 depicts the authentication process
for Basic Users. In particular, they access IoT devices through
the Cloud IoT platform. More specifically, the user interacts
with the IoT Cloud Provider (Figure2 - Step 1) and starts
an authentication process in order to access the IoT platform
(Steps 2 and 3). If the user identity is verified, he/she accesses
the IoT Cloud Platform (Step 5) and he/she is able to request
IoT services and resources to the IoT Cloud Platform, which
in turn, accesses IoT devices in a transparent manner for the
user. In order to maintain security contexts, the IoT device
authenticates the Cloud Provider using SSO mechanisms (Step
7) and then it sends the Cloud Provider related information.
After this step, the Cloud provider processes raw pieces of
sensing data and sends them back to the user. A similar
scenario is possible also considering actuators.
User IoT Device IoT Cloud Pr ovider
IoT Cloud Pr ovider
IdM
1: IoT Data Request
2: Request Credentials
3: Send Credencials
4: Authenticate User
5: Grant Access to
6: Request Data
IoT Plataform
7: SSO Cloud Authentication
8: Send Data
9: Format raw data
10: User get the data
Fig. 2: Basic User Access.
2) Advanced User: Figure 3 depicts the authentication pro-
cess for Advanced Users. Advanced Users directly access IoT
devices. However, in order to perform such an authentication,
users have to authenticate themselves by means of the IoT
Cloud IdP, as well as Basic Users. The authentication process
occurs in a similar way. However, after the step 4, the user
is directly redirected to the IoT device be means of a SSO
authentication. If the user is authorized, he can access the IoT
device for administrative tasks.
 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining
User IoT Device IoT Cloud Pr ovider
1: IoT Access Request
2: Request Credentials
3: Send Credencials
4: Authenticate User
5: Redirect to Device
6: Device Access
7: SSO Authentication
8: Access Granted
9: Request Data
10: User get the data
Fig. 3: Advanced User Access.
B. Manufacturer Access Use Case
The Manufacturer can periodically access the IoT device
for firmware updates, configuration setup, bug fixing, and
other administration tasks. Figure 4 depicts the authentication
process for Advanced Users For these operations, the Manufac-
turer needs to access the IoT device by means of the IoT Cloud
IdP (Step1). Since the system must guarantee security for each
operation, the Manufacturer needs to perform an authentication
in order do gain the access to the IoT device (Steps 2, 3, 4, and
5). After the authentication process, the Manufacturer accesses
to the IoT device using a SSO mechanism (Step 6). From
now on, the Manufacture has the access to the IoT device and
since its credentials are verified, it is authorized to perform
administrative tasks.
V. C ONCLUSION
In this paper, we proposed asystem model and several au-
thentication use cases for IoT Cloud scenarios. From our study,
we can conclude that designing and developing authentication
schemes in emerging IoT Cloud scenarios is not trivial at all
due to the current technological limitations. In fact, the real
obstacle in the development of our scenario is represented by
the development of TPM and related software features in IoT
devices. In this regards, even though the Trusted Computing
Group has recently started to look at IoT, at the time of writing
of this paper, there are not concrete implementations yet. In
this scientific work, we hope we succeeded in stimulating the
interest of researchers and developers towards this topic.
R EFERENCES
[1] Unleashing potential of Future Internet and Cloud computing,
http://ec.europa.eu/digital-agenda/en/news/unleashing-potential-future-
internet-and-cloud-computing, November 2013.
1035
IoT Cloud Pr ovider
Manufacturer IoT Device
IdM
1: Device Firmware Request
2: Request Credentials
3: Send Credencials
4: Authenticate Manufacturer
5: Generate Authentication Token
6: Grant Access (SSO)
7: Access Device
8: Firmware Update
Fig. 4: Manufacturer Access.
[2] M. Villari, A. Celesti, M. Fazio, and A. Puliafito, “Alljoyn lambda:
An architecture for the management of smart environments in iot,”
in 2014 International Conference on Smart Computing Workshops
(SMARTCOMP Workshops), Nov 2014, pp. 9–14.
[3] M. Fazio, A. Celesti, M. Villari, and A. Puliafito, “The need of a hybrid
storage approach for iot in paas cloud federation,” in 28th International
Conference on Advanced Information Networking and Applications
Workshops (WAINA), May 2014, pp. 779–784.
[4] M. Fazio, A. Celesti, A. Puliafito, and M. Villari, “An integrated
system for advanced multi-risk management based on cloud for iot,”
in Advances onto the Internet of Things, ser. Advances in Intelligent
Systems and Computing, S. Gaglio and G. Lo Re, Eds. Springer
International Publishing, 2014, vol. 260, pp. 253–269.
[5] Z.-K. Zhang, M. C. Y. Cho, and S. Shieh, “Emerging security threats
and countermeasures in iot,” in Proceedings of the 10th ACM Sym-
posium on Information, Computer and Communications Security, ser.
ASIA CCS ’15. New York, NY, USA: ACM, 2015, pp. 1–6.
[6] L. Grieco, A. Rizzo, S. Colucci, S. Sicari, G. Piro, D. D. Paola, and
G. Boggia, “Iot-aided robotics applications: Technological implications,
target domains and open issues,” Computer Communications, vol. 54,
no. 0, pp. 32 – 47, 2014.
[7] G. Suciu, A. Vulpe, S. Halunga, O. Fratu, G. Todoran, and V. Suciu,
“Smart cities built on resilient cloud computing and secure internet of
things,” in Control Systems and Computer Science (CSCS), 2013 19th
International Conference on, May 2013, pp. 513–518.
[8] “Security issues and challenges for the iot-based smart grid,” Procedia
Computer Science, vol. 34, no. 0, pp. 532 – 537, 2014.
[9] M. Villari, A. Celesti, M. Fazio, and A. Puliafito, “A secure self-
identification mechanism for enabling iot devices to join cloud com-
puting,” in Internet of Things. IoT Infrastructures, ser. Lecture Notes of
the Institute for Computer Sciences, Social Informatics and Telecom-
munications Engineering, 2015, vol. 151, pp. 306–311.
[10] Y. H. Hwang, “Iot security & privacy: Threats and challenges,” in
Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and
Security, ser. IoTPTS ’15. New York, NY, USA: ACM, 2015, pp.
1–1.
[11] Trusted Computing Group (TCG),
http://www.trustedcomputinggroup.org.
[12] P. England and T. Tariq, “Towards a programmable tpm,” Lecture Notes
in Computer Science (including subseries Lecture Notes in Artificial
Intelligence and Lecture Notes in Bioinformatics), vol. 5471 LNCS,
pp. 1–13, 2009.