UniquID: A Quest to Reconcile Identity Access Management and the Internet of Things
This addresses the challenge of secure and scalable identity management for IoT devices and services, which is an incremental improvement over existing IAM systems.
The paper tackles the problem of applying traditional identity access management (IAM) to the Internet of Things (IoT), which is device-centered and heterogeneous, by proposing UniquID, a blockchain-based solution that eliminates centralized architectures and demonstrates scalability and robustness through experimental proof-of-concept results.
The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools for people. Conventional identity access management (IAM) frameworks were not designed to handle the challenges of IoT. Trying to use traditional IAM systems to reconcile heterogeneous devices and complex federations of online services (e.g., IoT sensors and cloud computing solutions) adds a cumbersome architectural layer that can become hard to maintain and act as a single point of failure. In this paper, we propose UniquID, a blockchain-based solution that overcomes the need for centralized IAM architectures while providing scalability and robustness. We also present the experimental results of a proof-of-concept UniquID enrolment network, and we discuss two different use-cases that show the considerable value of a blockchain-based IAM.