Implementing Policy Rules in Attributes Based Access Control with XACML within Cloud-Enabled IoT Environment

The Internet of Things (IoT) extends internet connectivity to a wide range of smart devices. However, battery autonomy, computational capability and storage capacity are major technology challenges that hinder increased implementation and adoption. Although the integration of the Internet of Things (IoT) with Cloud Computing is considered as a highly promising solution in overcoming these bottlenecks, it raises security concerns, especially access control. Recently, a variety of access control models have been developed to help protect confidential information and restrict access to sensitive data. Because of its flexibility and scalability, the consensus is that the Attribute Based Access Control (ABAC) is the most appropriate model in a dynamic environment. In the context of IoT, the ABAC model has the ability to enforce data privacy and ensure a secure connection between IoT devices and cloud providers. One of the core components of the ABAC model is access policies, these are used to deny or allow user’ requests. To achieve that, an access policy language is required to implement policy rules in ABAC model. In this study, we propose a method based on EXtensible Access Control Markup Language (XACML) to prevent all unauthorized access to remote resources. This policy language is a particularly efficient and appropriate technique within a context of IoT due to its compatibility with heterogonous platforms. 

[1]  Mbarek Marwan,et al.  Applying secure multi-party computation to improve collaboration in healthcare cloud , 2016, 2016 Third International Conference on Systems of Collaboration (SysCo).

[2]  Gary B. Wills,et al.  Integration of Cloud Computing with Internet of Things: Challenges and Open Issues , 2017, 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[3]  Maria Ganzha,et al.  Semantically Enriched Data Access Policies in eHealth , 2016, Journal of Medical Systems.

[4]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[5]  Mbarek Marwan,et al.  Secure cloud-based medical image storage using secret share scheme , 2016, 2016 5th International Conference on Multimedia Computing and Systems (ICMCS).

[6]  Arputharaj Kannan,et al.  A comprehensive presentation to XACML , 2013 .

[7]  Ahmed Hammouch,et al.  Different Access Control Mechanisms for Data Security in Cloud Computing , 2017, ICCBDC 2017.

[8]  Ahmed Hammouch,et al.  Applying OM-AM Reference to an ABAC Model for Securing Cloud-Enabled Internet of Things , 2018, 2018 3rd International Conference on System Reliability and Safety (ICSRS).

[9]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[10]  Wu He,et al.  Developing Vehicular Data Cloud Services in the IoT Environment , 2014, IEEE Transactions on Industrial Informatics.

[11]  Mbarek Marwan,et al.  A Framework to Secure Medical Image Storage in Cloud Computing Environment , 2018, J. Electron. Commer. Organ..

[12]  J. H. P Eloff,et al.  Proposing a Secure XACML architecture ensuring privacy and trust , 2005 .

[13]  B. Thirumala Rao,et al.  A study on cloud based Internet of Things: CloudIoT , 2015, 2015 Global Conference on Communication Technologies (GCCT).

[14]  Manuel Díaz,et al.  State-of-the-art, challenges, and open issues in the integration of Internet of things and cloud computing , 2016, J. Netw. Comput. Appl..

[15]  David M. Eyers,et al.  Twenty Security Considerations for Cloud-Supported Internet of Things , 2016, IEEE Internet of Things Journal.

[16]  D. Richard Kuhn,et al.  Attribute-Based Access Control , 2017, Computer.