Online citations, reference lists, and bibliographies.

IoT Access Control Issues: A Capability Based Approach

Sergio Gusmeroli, Salvatore Piccione, Domenico Rotondi
Published 2012 · Computer Science

Cite This
Download PDF
Analyze on Scholarcy
Resource and information protection plays a relevant role in distributed systems. Most of the currently proposed authorization frameworks do not provide scalable, manageable, effective, and efficient mechanisms to support distributed systems with many interacting services. The advent of IoT will further increase the need for scalable and manageable solutions able to face the potentially unbound number of sensors, actuators and related resources, services and subjects. This is even more relevant if we take into account that IoT environments can envisage not only a greater number of resources to manage, but also a substantial increase of the interaction dynamics. This paper presents a capability based access control system that enterprises, or even individuals, can use to manage their own access control processes to services and information. The proposed mechanism supports rights delegation and a more sophisticated access control customization. The proposed approach is being developed within the European FP7 IoT@Work project to manage access control for some of the project's services deployed in the shop floor.
This paper references
Attributed based access control (ABAC) for Web services
E. Yuan (2005)
Programming semantics for multiprogrammed computations
J. Dennis (1966)
Capability Myths Demolished
Mark S. Miller (2003)
Role-Based Access Control
V. Atluri (2011)
Adding Attributes to Role-Based Access Control
D. R. Kuhn (2010)
Cyber Security Management of Access Controls in Digital Ecosystems and Distributed Environments
G. Skinner (2009)
See project home page: http://iot-at-work
Capability-based security Available:
Architecting the Internet of Things
D. Uckelmann (2011)
Towards Abundant DiY Service Creativity Successfully Leveraging the Internet-of-Things in the City and at Home
L. Trappeniers (2009)
Using Sparse Capabilities in a Distributed Operating System
A. Tanenbaum (1986)
Conf. on Intelligence in Next Generation Networks (ICIN 2009)
Access control for the services oriented architecture
J. Li (2007)
An Internet Attribute Certificate Profile for Authorization
S. Farrell (2010)
Capability-Based Computer Systems
H. Levy (1984)
Conf. on Distributed Computing Systems
Information technology-open systems interconnection-the directory: Public-key and attribute certific
X. Itu (2000)
The Confused Deputy: (or why capabilities might have been invented)
N. Hardy (1988)
XPOLA – An Extensible Capability-based Authorization Infrastructure for Grids
L. Fang (2005)
Information Technology: Requirements for the Implementation and Interoperability of Role Based Access Control
Solving the Transitive Access Problem for the Services Oriented Architecture
Alan H. Karp (2010)
eXtensible Access Control Markup Language Version 3.0, OASIS XACML v
Conf. on Information Technology and Applications (ICITA 2009)
Making the impossible easy: usable PKI
D Balfanz (2005)
Taming subsystems: capabilities as universal resource access control in L4
A. Lackorzynski (2009)
From ABAC to ZBAC , The evolution of access control models
Alan H. Karp (2009)
Authorization-Based Access Control for the Services Oriented Architecture
A. Karp (2006)

This paper is referenced by
Access Control in IoT/M2M - Cloud Platform
Bayu Anggorojati (2015)
DataTweet: An architecture enabling data-centric IoT services
Soumya Kanti Datta (2016)
Authentication and Access Control for 5G
Shanay Behrad (2020)
Security evaluation of smart door locks
Arvid Viderberg (2019)
Blockchain based permission delegation and access control in Internet of Things (BACI)
Gauhar Ali (2019)
A Survey on Access Control in the Age of Internet of Things
Jing Qiu (2020)
Network Access Control for the IoT: A Comparison Between Cellular, Wi-Fi and LoRaWAN
Shanay Behrad (2019)
xDBAuth: Blockchain Based Cross Domain Authentication and Authorization Framework for Internet of Things
Ali Gauhar (2020)
A Distributed Capability Access Control Scheme in Information-Centric Networking
Jung-Hwan Cha (2016)
A Framework of Device Authentication Management in IoT Environments
AHyeon-Ju Park (2015)
A Capability-Based Access Control Framework with Delegation Support
Haibo Shen (2016)
Distributed Access Control of IOT Data on Agricultural Production
Fangbo Cai (2019)
Privacy aware decentralized access control system
Sehrish Shafeeq (2019)
The 6th International Conference on Ambient Systems, Networks and Technologies (ANT 2015) Toward an Access Control Model for IOTCollab
Mehdi Adda (2015)
Design and Implementation of The Capability Token based Access Control System in the Internet of Things
Bum-Ki Lee (2015)
IoT@Work automation middleware system design and architecture
Sergio Gusmeroli (2012)
BCON: Blockchain based access CONtrol across multiple conflict of interest domains
Gauhar Ali (2019)
Internet of Things and M2M Communications as Enablers of Smart City Initiatives
Soumya Kanti Datta (2015)
Access control in the Internet of Things: a survey of existing approaches and open research questions
E. Bertin (2019)
Securing the Communications in a WoT/WebRTC-based Smart Healthcare Architecture
Saad El Jaouhari (2017)
Toward an Access Control Model for IOTCollab
Mehdi Adda (2015)
A Generic Lightweight and Scalable Access Control Framework for IoT Gateways
Juan D. Parra Rodriguez (2018)
Using Blockchain for IOT Access Control and Authentication Management
Abdallah Zoubir Ourad (2018)
Hardware Security in IoT Devices with Emphasis on Hardware Trojans
Simranjeet Sidhu (2019)
Security Properties of Information-centric Networks
Haakon Garseg Mørk (2015)
Adaptive and composite privacy and security mechanism for IoT communication
S. Seetharaman (2016)
Attribute-Based Access Control for the Swarm With Distributed Policy Management
Geovane Fedrecheski (2019)
Towards Blockchain-Based Identity and Access Management for Internet of Things in Enterprises
M. Nuss (2018)
CASA-IoT: Scalable and context-aware IoT access control supporting multiple users
Tiago O. Castro (2019)
Internet of Things: Converging Technologies for Smart Environments and Integrated Ecosystems
O. Vermesan (2013)
Multi-stakeholders' Policy Enforcement for Android
Shahryar Khan Afridi (2016)
Towards securing discovery services in Internet of Things
S. Datta (2016)
See more
Semantic Scholar Logo Some data provided by SemanticScholar