Access control is defined as a set of permissions of an IoT device. The access control mechanisms restrict unauthorized users from accessing the system by introducing appropriate mechanisms. Data sharing is the process of exchanging information among IIoT users. The access control and data sharing strict the legitimate users can only exchange their data. The access control defines which type of users can access the information of the particular IIoT system and is permitted to perform the control activities.
The nodes maintain an access control list that includes information about IoT devices, users, and associated access levels. Generally, the IIoT is formed using a group of embedded devices like sensors, cameras, and actuators to achieve a specific task. Designing access control and data sharing in such environments are very challenging owing to limited resources and heterogeneity. Context awareness, inter-domain operation, privacy assurance, resource efficiency, manageability, and accountability are some of the requirements of IIoT access control. The access control strategies are categorized into rule-based, capability-based, user control, and attribute-based.
The IoT environment in industrial applications provides an opportunity to make digitalized industrial systems. An important function in IIoT is the radio-frequency identification technique, and it enables the IIoT devices to identify items and share their data through the cloud service. It needs to enable information exchange via a secure channel. Cloud storage needs to implement the data access control mechanism to protect sensitive industrial information. Most of the previously developed cryptographic access control schemes for IIoT tend to efficiency and key leakage problems. Thus the fine-grained access control policies for their IoT data have to be developed.