The Internet of Things (IoT) has been one of the fastest growing and spreading technological field in the past few years, which aims to make it possible for different devices to comminicate over the internet. A good illistration for the size of the field is that there are billions of IoT devices according to various sources. However, these devices are all connected to the internet, which introduces questions relating to security and reliability.
One of the most important questions realted to security is, who can acces a certain device, and if he can access it, what kind of operations can he perform on it. The goal of AAA (Authentication, Authorization, Accounting) systems is to restrict user access to a system (Authentication), to ensure that connected users can only perform operations that has been permitted for them (Authorization), and to make the previously performed operations traceable (Accounting).
The Arrowhead framework is an IoT platform, based on System Oriented Architecture. With the use of this framework, it is possible to establish a dynamic, loosly coupled connection between a service provider (for example sensors, data processors, or actuators) and a service consumer (for example data visualizers, actuators). In addition to these functionalities, the framework defines various services, which include service registration and discovery, security functionalities, QoS assurance or connection between different local clouds.
Due to the Arrowhead framework being in continous development, it has insufficiencies related to the current AAA implementation. The goal of the thesis is to showcase these insufficiencies of the Arrowhead, to present a solution for these, as well as to prove the correct behavior with testcases.