Online citations, reference lists, and bibliographies.

Design And Implementation Of A Secure And Flexible Access-right Delegation For Resource Constrained Environments

Tahiry M. Rabehaja, Shantanu Pal, Michael Hitchens
Published 2019 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Share
Abstract With the emergence of the Internet of Things (IoT) technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity) and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.
This paper references
10.1109/WF-IOT.2014.6803122
A decentralized approach for security and privacy challenges in the Internet of Things
Antonio F. Skarmeta (2014)
A Discipline of Programming
E. Dijkstra (1976)
10.1007/978-3-540-88313-5_21
On the Security of Delegation in Access Control Systems
Qihua Wang (2008)
10.1109/JSEN.2014.2361406
IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios
Simone Cirani (2015)
10.3390/s150715611
Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things
José Luis Hernández Ramos (2015)
10.1007/978-81-322-2580-5_59
A Capability-Based Access Control Framework with Delegation Support
Haibo Shen (2016)
Abstraction, Refinement And Proof For Probabilistic Systems (Monographs in Computer Science)
A. McIver (2004)
10.1016/j.future.2013.01.010
Internet of Things (IoT): A vision, architectural elements, and future directions
J. Gubbi (2013)
10.1016/j.mcm.2013.02.006
A capability-based security approach to manage access control in the Internet of Things
S. Gusmeroli (2013)
10.1145/1809842.1809861
Capability-based delegation model in RBAC
Koji Hasebe (2010)
10.1145/3180457.3180464
Securing Home IoT Environments with Attribute-Based Access Control
Bruhadeshwar Bezawada (2018)
10.1155/2016/6123234
An Architecture of IoT Service Delegation and Resource Allocation Based on Collaboration between Fog and Cloud Computing
A. Alsaffar (2016)
10.1109/BHI.2016.7455820
Applying attribute based access control for privacy preserving health data disclosure
Indrakshi Ray (2016)
10.1007/11564751_73
Towards an Optimal CNF Encoding of Boolean Cardinality Constraints
C. Sinz (2005)
10.1007/978-3-319-91764-1_19
Designing Suitable Access Control for Web-Connected Smart Home Platforms
Sebastian Werner (2017)
10.1080/00207160.2014.915316
DCapBAC: embedding authorization logic into smart things through ECC optimizations
J. H. Ramos (2016)
10.1007/s11227-017-2083-x
Efficient and dynamic scaling of fog nodes for IoT devices
Said El Kafhali (2017)
10.1016/j.future.2017.11.022
IoT security: Review, blockchain solutions, and open challenges
M. Khan (2018)
10.1016/j.future.2018.09.058
Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges
Ibrar Yaqoob (2019)
That ‘Internet of Things’ Thing
K. Ashton (1999)
10.1007/s10207-007-0044-8
Delegation in role-based access control
J. Crampton (2007)
10.1145/1063979.1063991
A fine-grained, controllable, user-to-user delegation method in RBAC
J. Wainer (2005)
10.1145/1377836.1377854
Context-aware role-based access control in pervasive computing systems
Devdatta Kulkarni (2008)
10.1109/CSAC.2002.1176307
A model for attribute-based user-role assignment
Mohammad A. Al-Kahtani (2002)
10.1109/SAHCN.2014.6990364
Delegation-based authentication and authorization for the IP-based Internet of Things
René Hummen (2014)
10.1145/1057977.1057979
Access control in collaborative systems
William J. Tolone (2005)
10.1007/978-3-662-43826-8_11
Policy-Based Access Control for Body Sensor Networks
Charalampos Manifavas (2014)
10.1109/ICNP.2014.104
Delegated Authenticated Authorization for Constrained Environments
Stefanie Gerdes (2014)
10.1109/JSAC.2015.2393436
Toward a Lightweight Authentication and Authorization Framework for Smart Objects
J. H. Ramos (2015)
10.1117/12.2305619
A federated capability-based access control mechanism for internet of things (IoTs)
Ronghua Xu (2018)
A Flexible Role-Based Delegation Model and Its Application in Healthcare InformationSystem
Zidong Liu (2013)
10.1109/ICWS.2005.25
Attributed based access control (ABAC) for Web services
E. Yuan (2005)
10.1145/3007204
Current Research and Open Problems in Attribute-Based Access Control
Daniel Servos (2017)
10.1016/j.comnet.2016.11.007
Access control in the Internet of Things: Big challenges and new opportunities
Aafaf Ouaddah (2017)
10.1109/JIOT.2018.2847705
Smart Contract-Based Access Control for the Internet of Things
Yuanyu Zhang (2019)
10.1145/381906.381946
Limitations of the Kerberos authentication system
S. Bellovin (1990)
10.1109/TEMU.2012.6294723
Secure policy-based management solutions in heterogeneous embedded systems networks
Konstantinos Rantos (2012)
Capability-based access control delegation model on the federated IoT network
Bayu Anggorojati (2012)
10.5815/IJCNIS.2011.01.07
A Model of Workflow-oriented Attributed Based Access Control
Guoping Zhang (2011)
10.1145/937527.937530
A rule-based framework for role-based delegation and revocation
Longhua Zhang (2003)
10.3837/tiis.2016.08.029
IoT Delegate: Smart Home Framework for Heterogeneous IoT Service Collaboration
Seung Woo Kum (2016)
How the Next Evolution of the Internet Is Changing Everything
D. Evans (2011)
10.5220/0006815803330339
Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System
Noé Picard (2018)
10.1109/ICINA.2010.5636381
An extended role based access control model for the Internet of Things
Guoping Zhang (2010)
10.1016/J.COMNET.2010.05.010
The Internet of Things: A survey
L. Atzori (2010)
10.4108/ICST.BODYNETS.2012.250234
Managing access control for things: a capability based approach
D. Rotondi (2012)
10.1007/978-3-319-94370-1_11
Using Blockchain for IOT Access Control and Authentication Management
Abdallah Zoubir Ourad (2018)
10.1145/507711.507731
A role-based delegation framework for healthcare information systems
Longhua Zhang (2002)
10.1145/3292674
A Survey of Communication Protocols for Internet of Things and Related Challenges of Fog and Cloud Computing Integration
Jasenka Dizdarevic (2019)
10.1002/sec.1748
FairAccess: a new Blockchain-based access control framework for the Internet of Things
Aafaf Ouaddah (2016)
10.1145/775412.775431
PBDM: a flexible delegation model in RBAC
X. Zhang (2003)
10.17487/RFC7252
The Constrained Application Protocol (CoAP)
Z. Shelby (2014)
10.1109/MITP.2013.37
ABAC and RBAC: Scalable, Flexible, and Auditable Access Management
E. Coyne (2013)
10.1145/501978.501980
Proposed NIST standard for role-based access control
David F. Ferraiolo (2001)
10.1007/978-3-319-33124-9_12
Access Control and Authentication in the Internet of Things Environment
Aditya Kaushal Ranjan (2016)
10.3390/fi9030027
A Security Framework for the Internet of Things in the Future Internet Architecture
Xiruo Liu (2017)
10.1016/j.future.2017.07.060
Internet of Things security and forensics: Challenges and opportunities
M. Conti (2018)
10.1145/3054977.3057308
Flexible, Fine Grained Access Control for Internet of Things: Poster Abstract
Q. Zhou (2017)
10.1109/COMST.2018.2886932
Applications of Blockchains in the Internet of Things: A Comprehensive Survey
M. S. Ali (2019)
10.1109/CloudCom.2016.0094
On the Use of SMT Solving for XACML Policy Evaluation
Fatih Turkmen (2016)
Kerberos Assisted Authentication in Mobile Ad-hoc Networks
A. Pirzada (2004)
10.1145/2875491.2875496
Extensible Access Control Markup Language (XACML) and Next Generation Access Control (NGAC)
David F. Ferraiolo (2016)
10.1109/AICCSA.2018.8612856
A User Authentication Scheme of IoT Devices using Blockchain-Enabled Fog Nodes
Randa Almadhoun (2018)
10.22667/JISIS.2013.11.31.001
Distributed Capability-based Access Control for the Internet of Things
J. H. Ramos (2013)



This paper is referenced by
Semantic Scholar Logo Some data provided by SemanticScholar