International Research Journal of Engineering and Technology (IRJET)
e-ISSN: 2395-0056
Volume: 12 Issue: 09 | Sep 2025
p-ISSN: 2395-0072
www.irjet.net
Access Control Framework for IoT Resources: A Review Diaeldin Izeldin Mohamed1, Dr. Yasir Abdelgadir Mohamed2, Dr. Sally D. Abualgasim3 1 University of Gezira
Faculty of Engineering and Technology Wad-Medani, Sudan 2 A’Sharqiyah University College of Business Administration/MIS Ibra, Oman 3 University of Gezira Faculty of Engineering and Technology Wad-Medani, Sudan ---------------------------------------------------------------------***--------------------------------------------------------------------share and gather information about people, such as their Abstract - The impact of the Internet of Things (IoT) on our
location, activity, or even their feelings. Some of this information is confidential and should be accessed only by authorized entities. The frequency and complexity of attacks targeting embedded devices are expected to increase, making it essential to implement stronger security measures [1] [2].
daily lives is substantial. Protection of confidence and privacy in data and resource exchanges is a primary function of access control systems and other associated security technologies. As per the security policy and access control needs, an access control framework enables security to safeguard the resources in ubiquitous computing. However, the vast number of disparate devices in an IoT setting presents significant challenges in access control, raising the possibility of data tampering and leakage. The main goal of this paper is to conduct a comprehensive assessment of the current IoT access control frameworks based on the IoT security requirements. This review systematically evaluates frameworks such as RBAC, ABAC, Capability-based Access Control (CapBAC), edgeassisted, and blockchain-enabled models. Each framework is compared against IoT-specific requirements including lightweight operation, decentralization, privacy, mobility, robustness, and cross-domain federation. The analysis highlights both strengths and persistent gaps, particularly in robustness, real-time adaptability, and identity management. As a result, it is proposed focusing on the existing shortcomings to produce an access control framework for managing highly distributed resources in the IoT that aligns with the necessary security standards.
Access control represents a key security technology for protecting the trust and the privacy which related to the exchange of data and resources. The IoT environment introduces new challenges in access control because of dealing with a huge number of heterogeneous things which lead to tamper with or leaked the sensitive data by hackers [3]. Actually, the IoT systems are still facing the lack of providing a secure environment for IoT devices interactions [4] [5]. Access control framework facilitates the security to protect the resources in pervasive computing from the most hackers according to the security policy and access control requirements. But also, we are in the need to facilitate the security and the performance to cope up with IoT environment nature which introduces new challenges in access control. This study seeks to answer: (1) Which access control frameworks have been proposed for IoT? (2) How do they align with IoT-specific security requirements? (3) What gaps remain for future frameworks?
Keywords: IoT Security, Access Control framework, Security, Privacy)
The specific objectives of this review includes: (i) to classify existing access control paradigms for IoT (RBAC, ABAC, CapBAC, edge-assisted, blockchain-based, and hybrid models); (ii) to evaluate their alignment with IoT security requirements; and (iii) to identify open challenges and outline potential research directions for next-generation IoT access control frameworks.
1. INTRODUCTION Currently, an estimated two billion individuals around the world use the Internet for various purposes, including web browsing, email communication, multimedia access, online gaming, and interaction through social networking platforms. This number is expected to grow as more people connect to the global information and communication infrastructure, related to the use of the Internet as a global platform for letting machines and smart objects communicate, compute, coordinate,
© 2025, IRJET
|
Impact Factor value: 8.315
Despite extensive work on RBAC, ABAC, CapBAC, blockchain, and edge-assisted models, no single framework fully addresses robustness, real-time adaptability, and federated identity management in IoT ecosystems. This review
|
ISO 9001:2008 Certified Journal
|
Page 236