Outsourcing Access Control for a Dynamic Access Configuration of IoT Services

Philipp Montesano, Marc Hueffmeyer, Ulf Schreier

2017

Abstract

The paper describes a lightweight mechanism for authorizing access to IoT resources within distributed systems. As more and more IoT devices arise, the demand for privacy and security increases. But since current solutions are developed for conventional devices, the paper pursues the target of simplifying and applying approved technologies, such as OAuth, to meet special requirements of IoT devices. Therefore, the implemented architecture follows the idea of sourcing the access control logic out, simplifying the logic of the IoT device. Furthermore, the great diversity and fast change of IoT environments is supported by flexible policies and a dynamic and scalable access control system. Performance tests show that sourcing the access control logic out also helps to reduce the amount of consumed memory on an IoT device, in case that complex access logic is given.

References

  1. Boyd, R. (2012). Getting Started with OAuth 2.0. O'Reilly Media.
  2. di Vimercati, S. D. C., Foresti, S., Jajodia, S., Paraboschi, S., and Samarati, P. (2007). Over-encryption: Management of Access Control Evolution on Outsourced Data. VLDB 7807 Proceedings of the 33rd International Conference on Very Large Data Bases.
  3. Ferraiolo, D., Kuhn, R., and Hu, V. (2015). Attribute-Based Access Control. In Computer, Vol. 48. IEEE Computer Society.
  4. Fielding, R. T. (2000). Architectural Styles and the Design of Network-based Software Architectures. University of California, Irvine.
  5. Hüffmeyer, M. and Schreier, U. (2016a). Analysis of an Access Control System for RESTful Services. ICWE 7816 - International Conference on Web Engineering.
  6. Hüffmeyer, M. and Schreier, U. (2016b). Formal Comparison of an Attribute Based Access Control Language for RESTful Services with XACML. SACMAT 7816 - Symposium on Access Control Models and Technologies.
  7. Hüffmeyer, M. and Schreier, U. (2016c). RestACL - An Access Control Language for RESTful Services. In ABAC 7816 Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control.
  8. Jing, Q., Vasilakos, A. V., Wan, J., Lu, J., and Qiu, D. (2014). Security of the Internet of Things: Perspectives and Challenges. Wireless Networks.
  9. Machulak, M. P., Maler, E. L., Catalano, D., and van Moorsel, A. (2010). User-Managed Access to Web Resources. In Proceedings of the 6th ACM Workshop on Digital Identity Management.
  10. Raza, S., Shafagh, H., Hewage, K., Hummen, R., and Voigt, T. (2013). Lithe: Lightweight Secure CoAP for the Internet of Things. IEEE Sensors Journal, 13(10).
  11. Sandhu, R. and Samarati, P. (1996). Authentication, Access Control, and Audit. ACM Computing Surveys, 28.
  12. Shafagh, H. and Hithnawi, A. (2014). Poster Abstract: Security Comes First, a Public-key Cryptography Framework for the Internet of Things. In 2014 IEEE International Conference on Distributed Computing in Sensor Systems.
  13. Sun, S.-T. and Beznosov, K. (2012). The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems. In Proceedings of the 2012 ACM conference on Computer and communications security.
  14. Zhang, Z.-K., Cho, M. C. Y., Wang, C.-W., Hsu, C.-W., Chen, C.-K., and Shieh, S. (2014). IoT Security: Ongoing Challenges and Research Opportunities. In 2014 IEEE 7th International Conference on ServiceOriented Computing and Applications.
Download


Paper Citation


in Harvard Style

Montesano P., Hueffmeyer M. and Schreier U. (2017). Outsourcing Access Control for a Dynamic Access Configuration of IoT Services . In Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS, ISBN 978-989-758-245-5, pages 59-69. DOI: 10.5220/0006257000590069


in Bibtex Style

@conference{iotbds17,
author={Philipp Montesano and Marc Hueffmeyer and Ulf Schreier},
title={Outsourcing Access Control for a Dynamic Access Configuration of IoT Services},
booktitle={Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,},
year={2017},
pages={59-69},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006257000590069},
isbn={978-989-758-245-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security - Volume 1: IoTBDS,
TI - Outsourcing Access Control for a Dynamic Access Configuration of IoT Services
SN - 978-989-758-245-5
AU - Montesano P.
AU - Hueffmeyer M.
AU - Schreier U.
PY - 2017
SP - 59
EP - 69
DO - 10.5220/0006257000590069