A Lightweight Attribute-Based Access Control System for IoT.

The evolution of the Internet of things (IoT) has made a significant impact on our daily and professional life. Home and office automation are now even easier with the implementation of IoT. Multiple sensors are connected to monitor the production line, or to control an unmanned environment is now a reality. Sensors are now smart enough to sense an environment and also communicate over the Internet. That is why, implementing an IoT system within the production line, hospitals, office space, or at home could be beneficial as a human can interact over the Internet at any time to know the environment. 61% of International Data Corporation (IDC) surveyed organizations are actively pursuing IoT initiatives, and 6.8% of the average IT budgets is also being allocated to IoT initiatives. However, the security risks are still unknown, and 34% of respondents pointed out that data safety is their primary concern [1]. IoT sensors are being open to the users with portable/mobile devices. These mobile devices have enough computational power and make it difficult to track down who is using the data or resources. That is why this research focuses on proposing a dynamic access control system for portable devices in IoT environment. The proposed architecture evaluates user context information from mobile devices and calculates trust value by matching with defined policies to mitigate IoT risks. The cloud application acts as a trust module or gatekeeper that provides the authorization access to READ, WRITE, and control the IoT sensor. The goal of this thesis is to offer an access control system that is dynamic, flexible, and lightweight. This proposed access control architecture can secure IoT sensors as well as protect sensor data. A prototype of the working model of the cloud, mobile application, and sensors is developed to prove the concept and evaluated against automated generated web requests to measure the response time and performance overhead. The results show that the proposed system requires less interaction time than the state-of-the-art methods.

[1]  Antti Oulasvirta,et al.  Habits make smartphone use more pervasive , 2011, Personal and Ubiquitous Computing.

[2]  Azzedine Boukerche,et al.  Trust-based security for wireless ad hoc and sensor networks , 2007, Comput. Commun..

[3]  Lina Yao,et al.  Behavior modeling and automated verification of Web services , 2014, Inf. Sci..

[4]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[5]  Guiran Chang,et al.  TRM-IoT: A trust management model based on fuzzy reputation for internet of things , 2011, Comput. Sci. Inf. Syst..

[6]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[7]  Jaime Lloret,et al.  Internet of things: where to be is to trust , 2012, EURASIP J. Wirel. Commun. Netw..

[8]  Luming Tan,et al.  Future internet: The Internet of Things , 2010, 2010 3rd International Conference on Advanced Computer Theory and Engineering(ICACTE).

[9]  Charles A. McMellon Book Review: The Daily you: How the New Advertising Industry is Defining your Identity and your Worth , 2013 .

[10]  Paul E. Spector Designing the Scale , 1992 .

[11]  Imrich Chlamtac,et al.  Internet of things: Vision, applications and research challenges , 2012, Ad Hoc Networks.

[12]  Tim Storer,et al.  Using Smartphones as a Proxy for Forensic Evidence Contained in Cloud Storage Services , 2013, 2013 46th Hawaii International Conference on System Sciences.

[13]  Heather M. Rinkenbaugh Annual Security Report , 2014 .

[14]  Dimitris Gritzalis,et al.  Delegate the smartphone user? Security awareness in smartphone platforms , 2013, Comput. Secur..

[15]  Gregory D. Abowd,et al.  The context toolkit: aiding the development of context-enabled applications , 1999, CHI '99.

[16]  Ning Hong A Security Framework for the Internet of Things Based on Public Key Infrastructure , 2013 .

[17]  Yunghsiang Sam Han,et al.  A pairwise key predistribution scheme for wireless sensor networks , 2005, TSEC.

[18]  Gregory D. Abowd,et al.  Towards a Better Understanding of Context and Context-Awareness , 1999, HUC.

[19]  Ling Zhang,et al.  Security in Internet of Things , 2013 .

[20]  N. Asokan,et al.  Trusted execution environments on mobile devices , 2013, CCS.

[21]  Antonio Iera,et al.  A subjective model for trustworthiness evaluation in the social Internet of Things , 2012, 2012 IEEE 23rd International Symposium on Personal, Indoor and Mobile Radio Communications - (PIMRC).

[22]  Bo Sheng,et al.  Elliptic curve cryptography-based access control in sensor networks , 2006, Int. J. Secur. Networks.

[23]  Luis Miguel Vaquero Gonzalez,et al.  Locking the sky: a survey on IaaS cloud security , 2010, Computing.

[24]  Xiaoping Ma,et al.  Performance evaluation of MQTT and CoAP via a common middleware , 2014, 2014 IEEE Ninth International Conference on Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP).

[25]  Guoping Zhang,et al.  The Research of Access Control Based on UCON in the Internet of Things , 2011, J. Softw..

[26]  Yan Ling Zhao,et al.  Research on Data Security Technology in Internet of Things , 2013 .

[27]  Claudia Eckert,et al.  Improving Mobile Device Security with Operating System-Level Virtualization , 2013, SEC.

[28]  R. Fielding,et al.  Architectural Styles and the Design of Network-based Software Architectures (CHAPTER 5) , 2000 .

[29]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[30]  Olivier Hersent,et al.  The Internet of Things: Key Applications and Protocols , 2011 .

[31]  Huafeng Wu,et al.  Agent-based Trust Model in Wireless Sensor Networks , 2007, Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing (SNPD 2007).

[32]  Antonio F. Gómez-Skarmeta,et al.  Distributed Capability-based Access Control for the Internet of Things , 2013, J. Internet Serv. Inf. Secur..

[33]  Sanggon Lee,et al.  Security Analysis and Improvements of Authentication and Access Control in the Internet of Things , 2014, Sensors.

[34]  Zhifeng Xiao,et al.  Security and Privacy in Cloud Computing , 2013, IEEE Communications Surveys & Tutorials.

[35]  M. Brian Blake,et al.  Service-Oriented Computing and Cloud Computing: Challenges and Opportunities , 2010, IEEE Internet Computing.

[36]  Yan Bai,et al.  2TAC: Distributed Access Control Architecture for "Bring Your Own Device" Security , 2012, 2012 ASE/IEEE International Conference on BioMedical Computing (BioMedCom).

[37]  Ilia Petrov,et al.  From Active Data Management to Event-Based Systems and More , 2010, Lecture Notes in Computer Science.

[38]  Stephen Marsh,et al.  Defining and Investigating Device Comfort , 2011, J. Inf. Process..

[39]  Dieter Fensel,et al.  Toward a service web: integrating the Semantic Web and service orientation , 2009 .

[40]  Alessandro Bassi,et al.  From today's INTRAnet of things to a future INTERnet of things: a wireless- and mobility-related view , 2010, IEEE Wireless Communications.

[41]  Georg Carle,et al.  DTLS based security and two-way authentication for the Internet of Things , 2013, Ad Hoc Networks.

[42]  Laurence T. Yang,et al.  The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems , 2008 .

[43]  Fernando C. Colón Osorio,et al.  “TrustDroid™”: Preventing the use of SmartPhones for information leaking in corporate networks through the used of static analysis taint tracking , 2012, 2012 7th International Conference on Malicious and Unwanted Software.

[44]  Jie Wu,et al.  DRBTS: Distributed Reputation-based Beacon Trust System , 2006, 2006 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.

[45]  Julian Schütte,et al.  A Configurable and Extensible Security Service Architecture for Smartphones , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[46]  Djamal Zeghlache,et al.  Trust management system design for the Internet of Things: A context-aware and multi-service approach , 2013, Comput. Secur..

[47]  Guoping Zhang,et al.  An extended role based access control model for the Internet of Things , 2010, 2010 International Conference on Information, Networking and Automation (ICINA).

[48]  Cristina Alcaraz,et al.  Key management systems for sensor networks in the context of the Internet of Things , 2011, Comput. Electr. Eng..

[49]  Li Wang,et al.  A Web Service trust evaluation model based on small-world networks , 2014, Knowl. Based Syst..

[50]  Paolo Traverso,et al.  Service-Oriented Computing: State of the Art and Research Challenges , 2007, Computer.

[51]  Ing-Ray Chen,et al.  Trust management for the internet of things and its application to service composition , 2012, 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM).

[52]  Mark O'Neill The Internet of Things: do more devices mean more risks? , 2014 .

[53]  Yu-Hung Huang,et al.  A lightweight authentication protocol for Internet of Things , 2014, 2014 International Symposium on Next-Generation Electronics (ISNE).

[54]  D. Pavel,et al.  Context Provisioning for Future Service Environments , 2006, 2006 International Multi-Conference on Computing in the Global Information Technology - (ICCGI'06).

[55]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[56]  Jing Liu,et al.  Internet of things' authentication and access control , 2012, Int. J. Secur. Networks.

[57]  Sha Hu,et al.  Technology classification, industry, and education for Future Internet of Things , 2012, Int. J. Commun. Syst..

[58]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[59]  Burak Kantarci,et al.  Anomaly detection and privacy preservation in cloud-centric Internet of Things , 2015, 2015 IEEE International Conference on Communication Workshop (ICCW).

[60]  H. Raghav Rao,et al.  Protection motivation and deterrence: a framework for security policy compliance in organisations , 2009, Eur. J. Inf. Syst..

[61]  Earl Oliver,et al.  The challenges in large-scale smartphone user studies , 2010, HotPlanet '10.

[62]  Huafeng Wu,et al.  Add Semantic Role to Dependency Structure Language Model for Topic Detection and Tracking , 2007 .

[63]  Jerker Delsing,et al.  An authentication and access control framework for CoAP-based Internet of Things , 2014, IECON 2014 - 40th Annual Conference of the IEEE Industrial Electronics Society.

[64]  Max Mühlhäuser,et al.  Cloud Computing Landscape and Research Challenges Regarding Trust and Reputation , 2010, 2010 7th International Conference on Ubiquitous Intelligence & Computing and 7th International Conference on Autonomic & Trusted Computing.

[65]  Roksana Boreli,et al.  Network-level security and privacy control for smart-home IoT devices , 2015, 2015 IEEE 11th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[66]  Xiaolei Dong,et al.  Security and privacy for storage and computation in cloud computing , 2014, Inf. Sci..

[67]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[68]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[69]  Habtamu Abie,et al.  Risk-driven security metrics development for an e-health IoT application , 2015, 2015 Information Security for South Africa (ISSA).

[70]  Fenye Bao,et al.  Dynamic trust management for internet of things applications , 2012, Self-IoT '12.

[71]  Neeli R. Prasad,et al.  A fuzzy approach to trust based access control in internet of things , 2013, Wireless VITAE 2013.

[72]  Athman Bouguettaya,et al.  Deploying and managing Web services: issues, solutions, and directions , 2008, The VLDB Journal.

[73]  Steven Furnell,et al.  Comparing the Mobile Device Security Behavior of College Students and Information Technology Professionals , 2014 .

[74]  Sanjay P. Ahuja,et al.  A Survey of the State of Cloud Security , 2012, Netw. Commun. Technol..

[75]  Yong Wang,et al.  Smartphone Security Challenges , 2012, Computer.

[76]  Byung-Gon Chun,et al.  TaintDroid: An Information-Flow Tracking System for Realtime Privacy Monitoring on Smartphones , 2010, OSDI.

[77]  William Noah Schilit,et al.  A system architecture for context-aware mobile computing , 1995 .

[78]  Rakesh Kumar,et al.  A Proactive Procedure to Mitigate the BYOD Risks on the Security of an Information System , 2015, SOEN.

[79]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[80]  Hsin-Wen Wei,et al.  A Secured Authentication Protocol for Wireless Sensor Networks Using Elliptic Curves Cryptography , 2011, Sensors.

[81]  Jason H. Christensen,et al.  Using RESTful web-services and cloud computing to create next generation mobile applications , 2009, OOPSLA Companion.

[82]  Siani Pearson,et al.  Privacy and Security for Cloud Computing , 2012, Computer Communications and Networks.

[83]  Donggang Liu,et al.  Establishing pairwise keys in distributed sensor networks , 2005, TSEC.

[84]  Dong,et al.  Attack Resistant Trust Management Model Based on Beta Function for Distributed Routing in Internet of Things , 2012 .

[85]  Yang Yu,et al.  Distributed Trust Management Mechanism for the Internet of Things , 2013 .

[86]  Tapio Soikkeli,et al.  Diversity and End User Context in Smartphone Usage Sessions , 2011, 2011 Fifth International Conference on Next Generation Mobile Applications, Services and Technologies.

[87]  Tao Liu,et al.  A WSN-Oriented Key Agreement Protocol in Internet of Things , 2013 .

[88]  Kui Ren,et al.  Distributed Privacy-Preserving Access Control in Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[89]  Hormazd Romer,et al.  Best practices for BYOD security , 2014 .

[90]  Luis Miguel Vaquero Gonzalez,et al.  Building safe PaaS clouds: A survey on security in multitenant software platforms , 2012, Comput. Secur..

[91]  Liu Wen A Hierarchical Trust Model for the Internet of Things , 2012 .

[92]  Kris Steenhaut,et al.  Embedded Web Technologies for the Internet of Things , 2014 .

[93]  Ebraheim Alsaadi,et al.  Internet of Things : Features , Challenges , and Vulnerabilities Authors , 2015 .

[94]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[95]  Qing Li,et al.  Mobile Security: A Look Ahead , 2013, IEEE Security & Privacy.

[96]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[97]  Robin Kravets,et al.  For Your Eyes Only , 2022, MCS '15.

[98]  George R. Milne,et al.  Internet of Things: Convenience vs. privacy and secrecy , 2015 .

[99]  Alessandro Bassi,et al.  Enabling Things to Talk: Designing IoT solutions with the IoT Architectural Reference Model , 2013 .

[100]  Rolf H. Weber,et al.  Internet of things: Privacy issues revisited , 2015, Comput. Law Secur. Rev..

[101]  Gregorio Martínez Pérez,et al.  Providing trust in wireless sensor networks using a bio-inspired technique , 2011 .

[102]  Rukshan Athauda,et al.  SECURING AND GOVERNING ACCESS IN AD-HOC NETWORKS OF INTERNET OF THINGS , 2012 .

[103]  Jaehong Park,et al.  Towards usage control models: beyond traditional access control , 2002, SACMAT '02.

[104]  Zeng Xiangjun,et al.  Context Information-Based Cyber Security Defense of Protection System , 2007, IEEE Transactions on Power Delivery.

[105]  B. B. P. Rao,et al.  Cloud computing for Internet of Things & sensing based applications , 2012, 2012 Sixth International Conference on Sensing Technology (ICST).

[106]  Gennaro Boggia,et al.  Standardized Protocol Stack for the Internet of (Important) Things , 2013, IEEE Communications Surveys & Tutorials.

[107]  Mark A. Harris,et al.  Mobile device security considerations for small- and medium-sized enterprise business mobility , 2014, Inf. Manag. Comput. Secur..

[108]  Wei Xie,et al.  Security and Privacy in Cloud Computing: A Survey , 2010, 2010 Sixth International Conference on Semantics, Knowledge and Grids.

[109]  Yihua Zhang,et al.  An Overview of Issues and Recent Developments in Cloud Computing and Storage Security , 2014 .

[110]  Jeong-Nyeo Kim,et al.  Technology trends of access control in IoT and requirements analysis , 2015, 2015 International Conference on Information and Communication Technology Convergence (ICTC).

[111]  Fabio Massacci,et al.  Security in the Firefox OS and Tizen Mobile Platforms , 2014, Computer.

[112]  Zhou Yan,et al.  A Security Transmission Model for Internet of Things , 2011 .

[113]  Nuno Laranjeiro,et al.  Benchmarking the Robustness of Web Services , 2007, 13th Pacific Rim International Symposium on Dependable Computing (PRDC 2007).

[114]  Thomas Kimsey,et al.  An IoT Based Service System as a Research and Educational Platform , 2015, New Trends in Intelligent Information and Database Systems.

[115]  P. Hartvigsen The Computer for the 21st Century (1991) , 2014 .

[116]  Gianluca Reali,et al.  Comparison of two lightweight protocols for smartphone-based sensing , 2013, 2013 IEEE 20th Symposium on Communications and Vehicular Technology in the Benelux (SCVT).

[117]  R. G. Lennon Changing user attitudes to security in bring your own device (BYOD) & the cloud , 2012, 2012 5th Romania Tier 2 Federation Grid, Cloud & High Performance Computing Science (RQLCG).

[118]  Gurpreet Singh Matharu,et al.  Modeling Agility in Internet of Things (IoT) Architecture , 2015 .

[119]  Giuseppe Lo Re,et al.  Advances onto the Internet of Things - How Ontologies Make the Internet of Things Meaningful , 2014, Advances in Intelligent Systems and Computing.

[120]  Yong Wang,et al.  Bring your own device security issues and challenges , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[121]  Antonio Corradi,et al.  A context-centric security middleware for service provisioning in pervasive computing , 2005, The 2005 Symposium on Applications and the Internet.

[122]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[123]  Hannu Verkasalo,et al.  Contextual patterns in mobile service usage , 2009, Personal and Ubiquitous Computing.

[124]  Roy Thurik,et al.  Erim Report Series Research in Management What's New about the New Economy? Sources of Growth in the Managed and Entrepreneurial Economies Bibliographic Data and Classifications , 2022 .

[125]  Rolf H. Weber,et al.  Internet of Things - Legal Perspectives , 2010 .