Designing a robust identity and access management framework has always been a top challenge for security professionals. In the electronic world, multiple technologies have evolved over the decades for access control, using both wired and wireless infrastructure. Access control in the industrial internet introduces a tougher set of challenges.

In the cyber-physical world, due to the direct impact on the environment, ensuring device integrity through mutual authentication is critical. It is important to ensure that the sensor or the field device is indeed what it claims to be. It is also important to ensure that the control commands to actuate downstream systems are generated by an authorized controller. Absence of human intervention in the M2M world makes access control particularly challenging. In addition, the number of such IIoT devices can easily be in the order of millions, which demands automated and reliable mechanisms for identity and access management (IAM).

The increasing shift to distributed autonomous systems, the sheer scale of IoT devices, and the increasing sophistication of cyberattacks have made IAM a crucial component of trustworthy IIoT architectures.

This chapter discusses and evaluates various access control technologies to provide the reader insights into developing a robust IAM strategy for their IIoT deployments. The following topics are discussed in this chapter:

• A primer on identity and access control 
• Distinguishing aspects of industrial IoT IAM
• Identity management across IIoT device lifecycle
• Authentication and authorization frameworks for IIoT
• Trust models – PKI and digital certificates
• PKI certificate standards for IIoT
• Certificate management in IIoT deployments
• Extending OAuth 2.0 Authorization Framework for IoT access control
• IEEE 802.1x
• Identity support in messaging protocols
• Identity support in communication protocols
• Monitoring and management capabilities
• Building IAM strategy for IIoT deployment