Sensing Enabled Capabilities for Access Control Management

Current knowledge and assets that support organizations competitiveness must be protected. This protection is highly dependent on a proper access control management. Unfortunately, traditional access control management approaches are rigid and isolated, constrained by proprietary requirements not easily interoperable. In this chapter, a new framework approach is presented and described. It provides a flexible, open, fluid and collaborative middleware for building access control management systems, based on the Sensing Enriched Access Control (SEAC) concept. This framework establishes the principles allowing the development of an access control management system that copes with today organization’s needs. The chapter also provides a description of a real use case raised to validate the framework, as well as the laboratory results supporting its scalability.

[1]  Geoff Skinner Cyber Security Management of Access Controls in Digital Ecosystems and Distributed Environments , 2009 .

[2]  Carl A. Gunter,et al.  Experience-Based Access Management: A Life-Cycle Framework for Identity and Access Management Systems , 2011, IEEE Security & Privacy.

[3]  Shamik Sural,et al.  STARBAC: Spatio temporal Role Based Access C ontrol , 2007, OTM Conferences.

[4]  L. Jean Camp,et al.  Security Risk Management Using Incentives , 2011, IEEE Security & Privacy.

[5]  Carlos E. Palau,et al.  SWE Simulation and Testing for the IoT , 2013, 2013 IEEE International Conference on Systems, Man, and Cybernetics.

[6]  Giancarlo Fortino,et al.  Internet of Things Based on Smart Objects, Technology, Middleware and Applications , 2014, Internet of Things Based on Smart Objects, Technology, Middleware and Applications.

[7]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[8]  Alan H. Karp Authorization-Based Access Control for the Services Oriented Architecture , 2006, Fourth International Conference on Creating, Connecting and Collaborating through Computing (C5'06).

[9]  Jason Crampton,et al.  Towards A Generic Formal Framework for Access Control Systems , 2012, ArXiv.

[10]  Elisa Bertino,et al.  Prox-RBAC: a proximity-based spatially aware RBAC , 2011, GIS.

[11]  HaiBo Shen A Semantic Context-Based Access Control Model for Pervasive Computing Environments , 2012 .

[12]  Haibo Shen A Semantic-Aware Attribute-Based Access Control Model for Web Services , 2009, ICA3PP.

[13]  Elisa Bertino,et al.  GEO-RBAC: a spatially aware RBAC , 2005, SACMAT '05.

[14]  Andreas Matheus,et al.  How to Declare Access Control Policies for XML Structured Information Objects using OASIS' eXtensible Access Control Markup Language (XACML) , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[15]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[16]  Maryline Laurent-Maknavicius,et al.  Survey on secure communication protocols for the Internet of Things , 2015, Ad Hoc Networks.

[17]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[18]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.