Multi-Factor Authentication and Authorization using Attribute Based Identification

Access control (authentication, authorization, and verification) is the most frequently occurring security action in the electric sector, and a multi-factor technique is recommended as one of the most promising solutions. However, the technique, despite its huge potential, has been underutilized with limitations, e.g., applied only to authentication and requiring human presence for fingerprinting. This paper proposes Multi-Factor Authentication and Authorization that employs the multi-factor technique for enhanced access control using attribute-based encryption. A subject (user) is granted more than two factors consisting of attributes from independent authorities, and an object develops its own access control rule that involves multiple factors. When accessing the object (to read data or to control the object), the user presents multiple attributes and factor keys, each of which is issued by different authorities. This decreases the probability that she presents false evidence of privilege, and thus increases security assurance. To demonstrate the feasibility of the proposed scheme, we implement a library and apply it to our smart building testbed. Through conducting several experiments and analyzing their results, we evaluate the performance of computation cost and illustrate an automated smart building control.

[1]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Mario Gerla,et al.  Energy Service Interface: Accessing to Customer Energy Resources for Smart Grid Interoperation , 2013, IEEE Journal on Selected Areas in Communications.

[4]  Tatsuaki Okamoto,et al.  Decentralized Attribute-Based Signatures , 2013, Public Key Cryptography.

[5]  Sushmita Ruj,et al.  A Decentralized Security Framework for Data Aggregation and Access Control in Smart Grids , 2013, IEEE Transactions on Smart Grid.

[6]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[7]  Van Jacobson,et al.  Networking named content , 2009, CoNEXT '09.

[8]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[9]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[10]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[11]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[12]  Mario Gerla,et al.  Resource Centric Security to protect customer energy information in the smart grid , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).