Research On Internet Of Things Access Control Technology Based On Microservices

In recent years,the Internet of Things(IoT)technology has been widely applied in various fields such as healthcare,education,agriculture,energy management,smart homes,and intelligent transportation.The Internet of Things aims to connect multiple intelligent devices,such as sensors,monitoring systems,and smart appliances,through the Internet to control,store,exchange,and analyze collected data.With the large-scale growth of IoT devices,the problems in the IoT have become increasingly prominent.A large number of heterogeneous devices have different communication protocols and data formats,the interoperability between devices is insufficient,a large number of monolithic structures lead to poor scalability,and coarse-grained access control between IoT services.In addition,due to the lack of secure access control mechanisms,they may pose potential vulnerabilities for malicious users to illegally access,thereby threatening the security and privacy of user and enterprise data.In order to improve the scalability,interoperability and reusability of the Internet of Things,provide fine-grained access to device functions,and minimize the security threats and attacks related to the data of the Internet of Things,a secure access control method is designed through the use of microservice technology to provide scalable,reusable and reconfigurable security services.Therefore,this thesis focuses on the scalability of the Internet of Things,fine-grained access methods for devices,and access control issues for devices.The main research content is as follows:(1)In response to the insufficient scalability and flexibility of the Internet of Things and the coarse-grained access problem of devices,this thesis proposes a fine-grained access method for devices based on microservices.First,the method designs a data model that adapts to device protocol resolution,and realizes the abstraction of device capabilities.Then,it implements device protocol resolution microservice through microservice technology,realizes fine-grained access to device functions,and realizes continuous integration and continuous deployment of edge microservices,and realizes dynamic update without affecting other microservices.Each device corresponds to a microservice,which is relatively independent of each other and can provide fine-grained control over a single edge microservice,achieving a more flexible,scalable,and fine-grained device access method.(2)This thesis proposes an attribute based microservice access control extension model to address the security issues of device access control in IoT scenarios.This model implements set identity authentication and fine-grained access control decisions based on microservices,and can formulate different access control policies for each device function.The experiment shows that the model has certain feasibility and effectiveness,meets the fine-grained access control requirements,and effectively ensures the security of data access.(3)Based on the above two parts of research,in order to achieve the scalability of the Internet of Things system and fine-grained security access control,this thesis designs and implements an Internet of Things access control system based on microservices through demand analysis.Through Functional verification and concurrency testing,the feasibility and availability of the entire system are verified.