Habib, Kashif; Leister, Wolfgang
Many traditional authentication and access control mechanisms do not use context-aware approach, i.e., those mechanisms do not incorporate context parameters while making
authentication and authorisation decisions. The context unaware mechanisms can be inadequate for the Internet of Things due to its dynamic and heterogeneous environment. The context information can be used to reconfigure security mechanisms and adjust security parameters. The contextual information can be integrated into various security mechanisms such as authentication, access control, encryption, etc. The context-aware security is the dynamic adjustment of security policy based on the context. In this paper, we discuss the context-awareness techniques for authentication and access control mechanisms. We present the concepts of context, context-awareness, and context based security and highlight contextual attributes that can be used to support and enhance authentication and access control mechanisms for the Internet of Things.