Adaptive Risk-Aware Access Control Model for Internet of Things

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

69 Downloads (Pure)

Abstract

IoT technology allows people to connect to and control devices remotely anywhere and anytime. However, serious concerns are raised over access control of sensitive IoT devices (e.g. portable health device) and personal information pertaining to them. The static access control model used in conventional system, which does not take into account the profile and behaviour of the agent requesting access to the system to determine the risk associated with the request, does not fit well to be used in some scenarios of some IoT application domains (e.g. smart healthcare). In this paper, we propose an adaptive risk-aware access control and the integration of this concept into the existing access control models, such as attribute-based and privacy-aware role-based access control. The proposed model is designed to address both security and privacy concerns for data sharing in IoT system. A prototype of the access control system implemented in XACML based on the proposed model is also presented in this paper.
Original languageEnglish
Title of host publicationProceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages40-49
Number of pages10
ISBN (Electronic)9781538645413
DOIs
Publication statusPublished - 22 Jun 2018
Event2017 International Workshop on Secure Internet of Things, SIoT 2017 - Oslo, Norway
Duration: 15 Sep 2017 → …

Publication series

NameProceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017

Conference

Conference2017 International Workshop on Secure Internet of Things, SIoT 2017
CountryNorway
CityOslo
Period15/09/17 → …

Fingerprint

Access control
Internet of things
Health
Control systems

Keywords

  • access control
  • IoT
  • risk-aware

Cite this

Rath, T. M. A., & Colin, J-N. (2018). Adaptive Risk-Aware Access Control Model for Internet of Things. In Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017 (pp. 40-49). (Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SIoT.2017.00010
Rath, Thavy Mony Annanda ; Colin, Jean-Noël. / Adaptive Risk-Aware Access Control Model for Internet of Things. Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017. Institute of Electrical and Electronics Engineers Inc., 2018. pp. 40-49 (Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017).
@inproceedings{9f3d38f88cd64ece8a44d0a69f3eac23,
title = "Adaptive Risk-Aware Access Control Model for Internet of Things",
abstract = "IoT technology allows people to connect to and control devices remotely anywhere and anytime. However, serious concerns are raised over access control of sensitive IoT devices (e.g. portable health device) and personal information pertaining to them. The static access control model used in conventional system, which does not take into account the profile and behaviour of the agent requesting access to the system to determine the risk associated with the request, does not fit well to be used in some scenarios of some IoT application domains (e.g. smart healthcare). In this paper, we propose an adaptive risk-aware access control and the integration of this concept into the existing access control models, such as attribute-based and privacy-aware role-based access control. The proposed model is designed to address both security and privacy concerns for data sharing in IoT system. A prototype of the access control system implemented in XACML based on the proposed model is also presented in this paper.",
keywords = "access control, IoT, risk-aware",
author = "Rath, {Thavy Mony Annanda} and Jean-No{\"e}l Colin",
year = "2018",
month = "6",
day = "22",
doi = "10.1109/SIoT.2017.00010",
language = "English",
series = "Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "40--49",
booktitle = "Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017",

}

Rath, TMA & Colin, J-N 2018, Adaptive Risk-Aware Access Control Model for Internet of Things. in Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017. Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017, Institute of Electrical and Electronics Engineers Inc., pp. 40-49, 2017 International Workshop on Secure Internet of Things, SIoT 2017, Oslo, Norway, 15/09/17. https://doi.org/10.1109/SIoT.2017.00010

Adaptive Risk-Aware Access Control Model for Internet of Things. / Rath, Thavy Mony Annanda; Colin, Jean-Noël.

Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017. Institute of Electrical and Electronics Engineers Inc., 2018. p. 40-49 (Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017).

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

TY - GEN

T1 - Adaptive Risk-Aware Access Control Model for Internet of Things

AU - Rath, Thavy Mony Annanda

AU - Colin, Jean-Noël

PY - 2018/6/22

Y1 - 2018/6/22

N2 - IoT technology allows people to connect to and control devices remotely anywhere and anytime. However, serious concerns are raised over access control of sensitive IoT devices (e.g. portable health device) and personal information pertaining to them. The static access control model used in conventional system, which does not take into account the profile and behaviour of the agent requesting access to the system to determine the risk associated with the request, does not fit well to be used in some scenarios of some IoT application domains (e.g. smart healthcare). In this paper, we propose an adaptive risk-aware access control and the integration of this concept into the existing access control models, such as attribute-based and privacy-aware role-based access control. The proposed model is designed to address both security and privacy concerns for data sharing in IoT system. A prototype of the access control system implemented in XACML based on the proposed model is also presented in this paper.

AB - IoT technology allows people to connect to and control devices remotely anywhere and anytime. However, serious concerns are raised over access control of sensitive IoT devices (e.g. portable health device) and personal information pertaining to them. The static access control model used in conventional system, which does not take into account the profile and behaviour of the agent requesting access to the system to determine the risk associated with the request, does not fit well to be used in some scenarios of some IoT application domains (e.g. smart healthcare). In this paper, we propose an adaptive risk-aware access control and the integration of this concept into the existing access control models, such as attribute-based and privacy-aware role-based access control. The proposed model is designed to address both security and privacy concerns for data sharing in IoT system. A prototype of the access control system implemented in XACML based on the proposed model is also presented in this paper.

KW - access control

KW - IoT

KW - risk-aware

UR - http://www.scopus.com/inward/record.url?scp=85050394443&partnerID=8YFLogxK

U2 - 10.1109/SIoT.2017.00010

DO - 10.1109/SIoT.2017.00010

M3 - Conference contribution

AN - SCOPUS:85050394443

T3 - Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017

SP - 40

EP - 49

BT - Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Rath TMA, Colin J-N. Adaptive Risk-Aware Access Control Model for Internet of Things. In Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017. Institute of Electrical and Electronics Engineers Inc. 2018. p. 40-49. (Proceedings - 2017 International Workshop on Secure Internet of Things, SIoT 2017). https://doi.org/10.1109/SIoT.2017.00010