论文信息 - Using REST based protocol to enable ABAC within IoT systems

Using REST based protocol to enable ABAC within IoT systems

With the development of the Internet of Things (IoT) and the usage of low-powered devices (sensors and effectors), a large number of people are using IoT systems in their homes and businesses to have more control over their technology. However, a key challenge of IoT systems is data protection in case the IoT device is lost, stolen, or used by one of the owner's friends or family members. The problem studied here is how to protect the access to data of an IoT system. To solve the problem, an attribute-based access control (ABAC) mechanism is applied to give the system the ability to apply policies to detect any unauthorized entry. Finally, a prototype was built to test the proposed solution. The evaluation plan was applied on the proposed solution to test the performance of the system.

Ralph Deters | Marwah Hemdi | R. Deters | Marwah Hemdi

[1] Carsten Bormann,et al. The Constrained Application Protocol (CoAP) , 2014, RFC.

[2] Jianqing Zhang,et al. Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT , 2014, 2014 IEEE International Conference on Communications (ICC).

[3] Savas Parastatidis,et al. REST in Practice - Hypermedia and Systems Architecture , 2010 .

[4] Jin Tong,et al. Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[5] Cesare Pautasso,et al. Restful web services vs. "big"' web services: making the right architectural decision , 2008, WWW.

[6] Jason H. Christensen,et al. Using RESTful web-services and cloud computing to create next generation mobile applications , 2009, OOPSLA Companion.

[7] Lihua Yin,et al. Attribute-Role-Based Hybrid Access Control in the Internet of Things , 2014, APWeb Workshophs.

[8] Karsten P. Ulland,et al. Vii. References , 2022 .

[9] Poul Nielsen. The importance of context in keeping end users secure , 2015, Netw. Secur..

[10] Zhihua Li,et al. A Multi-layer Security Model for Internet of Things , 2012 .

[11] Octavian Dospinescu,et al. Web Services in Mobile Applications , 2013 .

[12] Roberto Gorrieri,et al. Foundations of Security Analysis and Design - Tutorial Lectures , 2000 .

[13] David F. Ferraiolo,et al. Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .