Attribute-Based Access Control for the Swarm With Distributed Policy Management

The Internet of Things (IoT) is revolutionizing society by enabling everyday life objects with processing and communication. The Swarm is an edge-centric IoT approach in which independent, cross-niche, and heterogeneous devices can cooperate with each other to execute tasks synergistically. Access control is indispensable for the Swarm, as it ensures confidentiality and ownership, and prevents cyber-attacks since only authorized services can communicate. Although many access control models do exist, there is a lack of edge-based and easy-to-use access control systems in the consumer electronics field. This paper presents a distributed attribute-based access control system for the Swarm. It features a distributed policy management GUI that allows users to setup policies for IoT devices in a decentralized way. The proposed system is evaluated according to a set of national institute of standards and technologies quality metrics, and it is also subject to a performance evaluation. Results indicate that the system offers good usability factors and can handle from 10 000 to 6 billion services when considering, respectively, an arbitrary graph density of 20% and a social-based graph density of 0.000034%.

[1]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[2]  David F. Ferraiolo,et al.  Assessment of Access Control Systems , 2006 .

[3]  Marcelo Knörich Zuffo,et al.  Swarm os control plane: an architecture proposal for heterogeneous and organic networks , 2015, IEEE Transactions on Consumer Electronics.

[4]  Phillip J. Windley,et al.  API Access Control with OAuth: Coordinating interactions with the Internet of Things. , 2015, IEEE Consumer Electronics Magazine.

[5]  Chu-Sing Yang,et al.  An intelligent home access control system using deep neural network , 2017, 2017 IEEE International Conference on Consumer Electronics - Taiwan (ICCE-TW).

[6]  Hyoungshick Kim,et al.  Security and Privacy Challenges in the Internet of Things [Security and Privacy Matters] , 2017, IEEE Consumer Electronics Magazine.

[7]  Wei Xie,et al.  An automatic physical access control system based on hand vein biometric identification , 2015, IEEE Transactions on Consumer Electronics.

[8]  Hongbin Zhang,et al.  Trust and Attribute-Based Dynamic Access Control Model for Internet of Things , 2017, 2017 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).

[9]  Joerg Swetina,et al.  Toward a standardized common M2M service layer platform: Introduction to oneM2M , 2014, IEEE Wireless Communications.

[10]  Oscar Novo,et al.  Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT , 2018, IEEE Internet of Things Journal.

[11]  Anthony Rowe,et al.  The Swarm at the Edge of the Cloud , 2015, IEEE Design & Test.

[12]  Edward A. Lee,et al.  The swarm at the edge of the cloud - A new perspective on wireless , 2011, 2011 Symposium on VLSI Circuits - Digest of Technical Papers.

[13]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[14]  John A. Stankovic,et al.  Research Directions for the Internet of Things , 2014, IEEE Internet of Things Journal.

[15]  Ludwig Seitz,et al.  Authorization framework for the Internet-of-Things , 2013, 2013 IEEE 14th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[16]  Vijayalakshmi Atluri,et al.  The Policy Machine: A novel architecture and framework for access control policy specification and enforcement , 2011, J. Syst. Archit..

[17]  Robert Simon Sherratt,et al.  Distributed access control and privacy for the internet of me , 2016, 2016 IEEE International Conference on Consumer Electronics (ICCE).

[18]  Daehyun Lee,et al.  Read my lips, login to the virtual world , 2017, 2017 IEEE International Conference on Consumer Electronics (ICCE).

[19]  Marcelo K. Zuffo,et al.  Elixir programming language evaluation for IoT , 2016, 2016 IEEE International Symposium on Consumer Electronics (ISCE).

[20]  Álvaro Alonso,et al.  A model to enable application-scoped access control as a service for IoT using OAuth 2.0 , 2017, 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN).

[21]  Antonio F. Gómez-Skarmeta,et al.  DCapBAC: embedding authorization logic into smart things through ECC optimizations , 2016, Int. J. Comput. Math..

[22]  Jakub Galka,et al.  Voice authentication embedded solution for secured access control , 2014, IEEE Transactions on Consumer Electronics.

[23]  Domenico Rotondi,et al.  IoT Access Control Issues: A Capability Based Approach , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[24]  Lina Yao,et al.  Multi-Level Privacy-Preserving Access Control as a Service for Personal Healthcare Monitoring , 2017, 2017 IEEE International Conference on Web Services (ICWS).

[25]  Peter M. Corcoran,et al.  Biometrics and Consumer Electronics: A Brave New World or the Road to Dystopia? [Soapbox] , 2013, IEEE Consumer Electronics Magazine.

[26]  Sylvia L. Osborn,et al.  HGABAC: Towards a Formal Model of Hierarchical Attribute-Based Access Control , 2014, FPS.