TY - JOUR AU - Bitebo, Ally T AU - Maziku, Hellen AU - Hamisi, Ndyetabura AU - Tarimo, Charles N AU - Ibwe, Kwame S AU - Abdalla, Abdi T. PY - 2022/03/31 Y2 - 2024/03/29 TI - Design and Implementation of Distributed Identity and Access Management Framework for Internet of Things (IoT) Enabled Distribution Automation JF - Tanzania Journal of Science JA - Tanz. J. Sci. VL - 48 IS - 1 SE - Articles DO - 10.4314/tjs.v48i1.4 UR - https://tjs.udsm.ac.tz/index.php/tjs/article/view/1008 SP - 34-46 AB - <p>The smart grid and Internet of Things (IoT) technologies play vital roles in improving the quality of services offered in traditional electrical grid. They open a room for the introduction of new services like distribution automation (DA) that has a significant advantage to both utility companies and final consumers. DA integrates sensors, actuators, intelligent electrical devices (IED) and information and communication technologies to monitor and control electrical grid. However, the integration of these technologies poses security threats to the electrical grid like Denial of Service (DoS) attacks, false data injection attacks, and masquerading attacks like system node impersonation that can transmit wrong readings, resulting in false alarm reports and hence leading to incorrect node actuation. To overcome these challenges, researchers have proposed a centralized public key infrastructure (PKI) with bridged certificate authority (CA) which is prone to DoS attacks. Moreover, the proposed blockchain based distributed identity and access management (DIAM) in IoT domain at the global scale is adding communicational and computational overheads. Also. It is imposing new security threats to the DA system by integrating it with online services like IoTEX and IoTA. For those reasons, this study proposes a DIAM security scheme to secure IoT-enabled distribution automation. The scheme divides areas into clusters and each cluster has a device registry and a registry controller. The registry controller is a command line tool to access and manage a device registry. The results show that the scheme can prevent impersonated and non-legitimate system nodes and users from accessing the system by imposing role-based access control (RBAC) at the cluster level.</p><p><strong>Keywords</strong>: Distributed Identity and Access Management; Electrical Secondary Distribution Network; Internet of Things; IoT Enabled Distribution Automation; Smart Grid Security</p> ER -