Online citations, reference lists, and bibliographies.

Known Unknowns: Indeterminacy In Authentication In IoT

M. Heydari, A. Mylonas, V. H. Tafreshi, E. Benkhelifa, Surjit Singh
Published 2020 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Share
Abstract The Internet of Things (IoT), comprising a plethora of heterogeneous devices, is an enabling technology that can improve the quality of our daily lives, for instance by measuring parameters from the environment (e.g., humidity, temperature, weather, energy consumption, traffic, and others) or our bodies (e.g., health data). However, as with any technology, IoT has introduced a number of security and privacy challenges. Indeed, IoT devices create, process, transfer and store data, which are often sensitive, and which must be protected from unauthorized access. Similarly, the infrastructure that links with IoT, as well as the IoT devices themselves, is an asset that needs to be protected. The focus of this work is examining authentication in IoT. In particular, in this work we conducted a state-of-the-art review of the access control models that have been proposed, including both traditional access control models and emerging models that have recently been proposed and are tailored for IoT. We identified that the existing models cannot cope with indeterminacy, an inherent characteristic of IoT, which hinders authentication decisions. In this context, we studied the two known components of indeterminacy, i.e., uncertainty and ambiguity, and proposed a new model that handles indeterminacy in authentication in IoT environments.
This paper references
10.1016/j.csda.2006.02.009
Practical representations of incomplete probabilistic knowledge
C. Baudrit (2006)
10.1109/JIOT.2018.2846040
Securing the Internet of Things in the Age of Machine Learning and Software-Defined Networking
Francesco Restuccia (2018)
10.1016/j.future.2013.05.010
An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system
Waleed W. Smari (2014)
10.1007/978-3-642-35130-3_5
Risk-Aware RBAC Sessions
Khalid Zaman Bijon (2012)
10.2307/1268172
A Mathematical Theory Of Evidence
G. Shafer (1976)
Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT
Bayu Anggorojati (2013)
10.1109/ICSENST.2017.8304507
Long-range wireless technologies for IoT applications: A review
Noushin Poursafar (2017)
10.1109/CNS.2013.6682761
A framework for risk-aware role based access control
Khalid Zaman Bijon (2013)
10.1007/978-3-319-94370-1_11
Using Blockchain for IOT Access Control and Authentication Management
Abdallah Zoubir Ourad (2018)
10.1016/j.comnet.2016.11.007
Access control in the Internet of Things: Big challenges and new opportunities
Aafaf Ouaddah (2017)
10.1109/TDSC.2011.51
Risk-Aware Mitigation for MANET Routing Attacks
Ziming Zhao (2012)
10.1002/9781119193210.CH1
What is Fuzzy Modeling
Vilém Novák (2016)
10.1109/MITP.2017.3680959
Security Risk Assessment in Internet of Things Systems
Jason R. C. Nurse (2017)
10.1007/978-3-319-66827-7_3
Towards Fuzzy Type Theory with Partial Functions
Vilém Novák (2017)
10.1007/S11277-019-06165-9
Anonymous Lightweight Proxy Based Key Agreement for IoT (ALPKA)
A. Braeken (2019)
10.1007/978-3-319-11119-3_31
Attribute-Role-Based Hybrid Access Control in the Internet of Things
Sun Kaiwen (2014)
10.1016/j.cose.2013.03.010
A framework for risk assessment in access control systems
Hemanth Khambhammettu (2013)
10.1109/ICWISE.2017.8267153
Security challenges in internet of things: survey
Hamid R. Ghorbani (2017)
10.1145/2480362.2480631
Generic support for RBAC break-glass policies in process-aware information systems
Sigrid Schefer-Wenzl (2013)
10.1109/NOMS.2014.6838319
A dynamic risk-based access control architecture for cloud computing
Daniel Ricardo dos Santos (2014)
Approaches to access control under uncertainty
Farzad Salim (2012)
10.1109/IOTA.2016.7562742
Energy efficient integrated authentication and access control mechanisms for Internet of Things
Sudha C. Patel (2016)
10.1016/j.future.2015.03.003
TIRIAC: A trust-driven risk-aware access control framework for Grid environments
Sadegh Dorri Nogoorani (2016)
10.1109/ISCC.2017.8024606
OAuth-IoT: An access control framework for the Internet of Things based on open standards
Savio Sciancalepore (2017)
Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation
Daniel Ricardo dos Santos (2013)
10.1109/SECPRI.1989.36277
A secure identity-based capability system
Li Gong (1989)
10.1109/iThings-GreenCom-CPSCom-SmartData.2017.103
Developing an Adaptive Risk-Based Access Control Model for the Internet of Things
Hany F. Atlam (2017)
10.1007/978-3-540-73165-8
Uncertainty Theory
Baoding Liu (2007)
10.1109/TCC.2015.2485199
Cloud-Based Fine-Grained Health Information Access Control Framework for LightweightIoT Devices with Dynamic Auditing andAttribute Revocation
Lo-Yao Yeh (2018)
10.1109/TDSC.2017.2725831
A Novel Security Protocol Attack Detection Logic with Unique Fault Discovery Capability for Freshness Attacks and Interleaving Session Attacks
Anca Delia Jurcut (2019)
10.1007/978-3-642-29963-6_11
Risk-Aware Role-Based Access Control
L. Chen (2011)
10.1109/EITECH.2015.7162936
Security analysis and proposal of new access control model in the Internet of Thing
Aafaf Ouaddah (2015)
10.1016/j.cose.2013.08.001
An adaptive risk management and access control framework to mitigate insider threats
Nathalie Baracaldo (2013)
10.1192/BJP.BP.115.165969
Tolerance of Uncertainty
Gwen M J Adshead (2015)
10.1109/CBMS.2006.95
How to Break Access Control in a Controlled Manner
A. Ferreira (2006)
10.1109/CIT.2012.81
Access Control Method for Web of Things Based on Role and SNS
Jindou Jia (2012)
10.1145/3013520
Internet of Things (IoT): Smart and Secure Service Delivery
E. Bertino (2016)
10.1007/978-3-319-18681-8_2
Securing the Web of Things with Role-Based Access Control
Ezedine Barka (2015)
10.1016/j.jnca.2016.08.013
A framework and risk assessment approaches for risk-based access control in the cloud
Daniel Ricardo dos Santos (2016)
10.1007/S40844-016-0039-0
J. M. Keynes on probability versus F. H. Knight on uncertainty: reflections on the miracle year of 1921
Yasuhiro Sakai (2016)
Communication security in internet of thing: preventive measure and avoid DDoS attack over IoT network
Congyingzi Zhang (2015)
10.1109/JIOT.2018.2809669
An Internet-of-Things Enabled Smart Sensing System for Nitrate Monitoring
M. E. E. Alahi (2018)
10.1109/JIOT.2018.2847733
The Effect of IoT New Features on Security and Privacy: New Threats, Existing Solutions, and Challenges Yet to Be Solved
Wei Zhou (2019)
10.1109/ACCESS.2017.2733839
A Model-Based Reliability Metric Considering Aleatory and Epistemic Uncertainty
Zhiguo Zeng (2017)
10.1016/j.cose.2015.11.001
Taxonomy of information security risk assessment (ISRA)
A. Sendi (2016)
10.1109/ICDCSW.2012.23
Authentication and Access Control in the Internet of Things
Jing Liu (2012)
10.1145/990036.990062
Using trust and risk in role-based access control policies
N. Dimmock (2004)
10.1016/j.jisa.2017.10.004
Attribute based access control scheme with controlled access delegation for collaborative E-health environments
Harsha S. Gardiyawasam Pussewalage (2017)
10.1007/978-3-030-10543-3_4
Towards Indeterminacy-Tolerant Access Control in IoT
Mohammad Heydari (2019)
10.1145/2295136.2295168
A trust-and-risk aware RBAC framework: tackling insider threat
Nathalie Baracaldo (2012)
A Dynamic Risk-Based Access Control Approach: Model and Implementation
Sergey Savinov (2017)
10.1109/JIOT.2017.2767291
Evaluating Critical Security Issues of the IoT World: Present and Future Challenges
Mario Frustaci (2018)
10.1016/j.mcm.2013.02.006
A capability-based security approach to manage access control in the Internet of Things
S. Gusmeroli (2013)
10.1016/j.comcom.2016.03.007
Practical access control for sensor networks in the context of the Internet of Things
F. Li (2016)



Semantic Scholar Logo Some data provided by SemanticScholar