XACML for Building Access Control Policies in Internet of Things

Hany F. Atlam, Madini O. Alassafi, Ahmed Alenezi, Robert J. Walters, Gary B. Wills

Abstract

Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an efficient access control model for the IoT require selecting an appropriate access policy language to implement access policies. Therefore, this paper presents an overview of most common access policy languages. It starts with discussing different access control models and features of the access policy. After reviewing different access policy languages, we proposed XACML as the most efficient and appropriate policy language for the IoT as it compatible with different platforms, provides a distributed and flexible approach to work with different access control scenarios of the IoT system. In addition, we proposed an XACML model for an Adaptive Risk-Based Access Control (AdRBAC) for the IoT and showed how the access decision will be made using XACML.

Download


Paper Citation


in Harvard Style

Atlam H., Alassafi M., Alenezi A., Walters R. and Wills G. (2018). XACML for Building Access Control Policies in Internet of Things.In Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-296-7, pages 253-260. DOI: 10.5220/0006725102530260


in Bibtex Style

@conference{iotbds18,
author={Hany F. Atlam and Madini O. Alassafi and Ahmed Alenezi and Robert J. Walters and Gary B. Wills},
title={XACML for Building Access Control Policies in Internet of Things},
booktitle={Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2018},
pages={253-260},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006725102530260},
isbn={978-989-758-296-7},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - XACML for Building Access Control Policies in Internet of Things
SN - 978-989-758-296-7
AU - Atlam H.
AU - Alassafi M.
AU - Alenezi A.
AU - Walters R.
AU - Wills G.
PY - 2018
SP - 253
EP - 260
DO - 10.5220/0006725102530260