IoT Application-Centric Access Control (ACAC)

As smart environments become more common, IoT applications can automate more complex and dynamic activities. Users can define their activities as abstract workflows and suitable devices will be selected dynamically to execute them based on user quality of experience (QoE) requirements. However, many of such applications violate the principle of least privilege in terms of the allowed interactions between the IoT devices. We propose an Application-Centric Access Control (ACAC) framework to enable least privilege network access control for dynamic workflows while considering users' QoE. ACAC enables automatic derivation of an access control policy for an IoT application and allow this to be adjusted dynamically as new devices come and go in order to maintain user QoE.

[1]  Hammad Afzal,et al.  Fog computing in internet of things: Practical applications and future directions , 2019, Peer-to-Peer Netw. Appl..

[2]  Ian Welch,et al.  Automatic Device Selection and Access Policy Generation Based on User Preference for IoT Activity Workflow , 2019, 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[3]  Ian Welch,et al.  Towards Secure Smart Home IoT: Manufacturer and User Network Access Control Framework , 2018, 2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA).

[4]  Han-Gyu Ko,et al.  Adaptive Service Selection According to the Service Density in Multiple Qos Aspects , 2016, IEEE Transactions on Services Computing.

[5]  Paolo Bellavista,et al.  Context Awareness for Adaptive Access Control Management in IoT Environments , 2017 .

[6]  Han-Gyu Ko,et al.  SoIoT: Toward A User-Centric IoT-Based Service Framework , 2016, TOIT.

[7]  Albert Y. Zomaya,et al.  Follow Me Fog: Toward Seamless Handover Timing Schemes in a Fog Computing Environment , 2017, IEEE Communications Magazine.

[8]  Feng Wei,et al.  Enabling Dynamic Network Access Control with Anomaly-based IDS and SDN , 2019, SDN-NFV@CODASPY.

[9]  Gurusamy Mohan,et al.  Dynamic attack detection and mitigation in IoT using SDN , 2017, 2017 27th International Telecommunication Networks and Applications Conference (ITNAC).

[10]  In-Young Ko,et al.  Spatially Cohesive Service Discovery and Dynamic Service Handover for Distributed IoT Environments , 2017, ICWE.

[11]  Dimosthenis Kyriazis,et al.  An innovative workflow mapping mechanism for Grids in the frame of Quality of Service , 2008, Future Gener. Comput. Syst..