Security and privacy are hot topics when considering the Internet of Things (IoT) application scenarios. By dealing with sensitive and sometimes personal data, IoT application environments need mechanisms to protect against different threats. The traditional security mechanisms are usually static and were not designed considering the dynamism imposed by IoT environments. Those environments could have mobile and dynamic entities that can change their status at deployment time, needing novel security mechanisms to cope with their requirements. Thus, a flexible approach to security provision is imperative. Context-Aware Security (CAS) provides dynamic security for IoT environments by being aware of the context. CAS solutions can adapt the security service (e.g., authentication, authorization, access control, and privacy-preserving) provision based on the context of the environment. This work reviews the concepts around CAS and presents an extensive review of existing solutions employing CAS in their architecture. Moreover, we define a taxonomy for CAS based on the context-awareness area.