Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System

Noé Picard, Jean-Noël Colin, Denis Zampunieris

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

23 Downloads (Pure)

Abstract

ABAC allows for high flexibility in access control over a system through the definition of policies based on attribute values. In the context of an IoT-based system, these data can be supplied through its sensors connected to the real world, allowing for context-awareness. However, the ABAC model alone does not include proposals for implementing security policies based on verified and/or meaningful values rather than on raw data flowing from the sensors. Nor does it allow to implement immediate action on the system when some security flaw is detected, while this possibility technically exists if the system is equipped with actuators next to its sensors. We show how to circumvent these limitations by adding a proactive engine to the ABAC components, that runs rule-based scenarios devoted to sensor data pre-processing, to higher-level information storage in the PIP, and to real-time, automatic reaction on the system through its actuators when required.

Original languageEnglish
Title of host publicationProceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018
Subtitle of host publicationWithin the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018
EditorsVictor Mendez Munoz, Robert Walters, Farshad Firouzi, Gary Wills, Victor Chang
Pages333-339
Number of pages7
Volume2018-March
ISBN (Electronic)9789897582967
Publication statusPublished - 2018
EventSpecial Session on Recent Advances on Security, Privacy, Big Data and Internet of Things - SPBDIoT 2018 Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018 - Funchal, Madeira, Portugal , Madeira, Portugal
Duration: 19 Mar 201821 Mar 2018

Conference

ConferenceSpecial Session on Recent Advances on Security, Privacy, Big Data and Internet of Things - SPBDIoT 2018 Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018
Abbreviated titleSPBDIoT 2018
CountryPortugal
CityMadeira
Period19/03/1821/03/18

Fingerprint

Access control
Sensors
Actuators
Engines
Data storage equipment
Defects
Internet of things
Processing

Keywords

  • ABAC
  • Access Control
  • Event Analysis
  • Internet of Things
  • Proactive Computing

Cite this

Picard, N., Colin, J-N., & Zampunieris, D. (2018). Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System. In V. M. Munoz, R. Walters, F. Firouzi, G. Wills, & V. Chang (Eds.), Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018: Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018 (Vol. 2018-March, pp. 333-339)
Picard, Noé ; Colin, Jean-Noël ; Zampunieris, Denis. / Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System. Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018: Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018. editor / Victor Mendez Munoz ; Robert Walters ; Farshad Firouzi ; Gary Wills ; Victor Chang. Vol. 2018-March 2018. pp. 333-339
@inproceedings{b616a9fdec0640408e1f41ed352599aa,
title = "Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System",
abstract = "ABAC allows for high flexibility in access control over a system through the definition of policies based on attribute values. In the context of an IoT-based system, these data can be supplied through its sensors connected to the real world, allowing for context-awareness. However, the ABAC model alone does not include proposals for implementing security policies based on verified and/or meaningful values rather than on raw data flowing from the sensors. Nor does it allow to implement immediate action on the system when some security flaw is detected, while this possibility technically exists if the system is equipped with actuators next to its sensors. We show how to circumvent these limitations by adding a proactive engine to the ABAC components, that runs rule-based scenarios devoted to sensor data pre-processing, to higher-level information storage in the PIP, and to real-time, automatic reaction on the system through its actuators when required.",
keywords = "ABAC, Access Control, Event Analysis, Internet of Things, Proactive Computing",
author = "No{\'e} Picard and Jean-No{\"e}l Colin and Denis Zampunieris",
year = "2018",
language = "English",
volume = "2018-March",
pages = "333--339",
editor = "Munoz, {Victor Mendez} and Robert Walters and Farshad Firouzi and Gary Wills and Victor Chang",
booktitle = "Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018",

}

Picard, N, Colin, J-N & Zampunieris, D 2018, Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System. in VM Munoz, R Walters, F Firouzi, G Wills & V Chang (eds), Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018: Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018. vol. 2018-March, pp. 333-339, Madeira, Portugal, 19/03/18.

Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System. / Picard, Noé; Colin, Jean-Noël; Zampunieris, Denis.

Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018: Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018. ed. / Victor Mendez Munoz; Robert Walters; Farshad Firouzi; Gary Wills; Victor Chang. Vol. 2018-March 2018. p. 333-339.

Research output: Contribution in Book/Catalog/Report/Conference proceedingConference contribution

TY - GEN

T1 - Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System

AU - Picard, Noé

AU - Colin, Jean-Noël

AU - Zampunieris, Denis

PY - 2018

Y1 - 2018

N2 - ABAC allows for high flexibility in access control over a system through the definition of policies based on attribute values. In the context of an IoT-based system, these data can be supplied through its sensors connected to the real world, allowing for context-awareness. However, the ABAC model alone does not include proposals for implementing security policies based on verified and/or meaningful values rather than on raw data flowing from the sensors. Nor does it allow to implement immediate action on the system when some security flaw is detected, while this possibility technically exists if the system is equipped with actuators next to its sensors. We show how to circumvent these limitations by adding a proactive engine to the ABAC components, that runs rule-based scenarios devoted to sensor data pre-processing, to higher-level information storage in the PIP, and to real-time, automatic reaction on the system through its actuators when required.

AB - ABAC allows for high flexibility in access control over a system through the definition of policies based on attribute values. In the context of an IoT-based system, these data can be supplied through its sensors connected to the real world, allowing for context-awareness. However, the ABAC model alone does not include proposals for implementing security policies based on verified and/or meaningful values rather than on raw data flowing from the sensors. Nor does it allow to implement immediate action on the system when some security flaw is detected, while this possibility technically exists if the system is equipped with actuators next to its sensors. We show how to circumvent these limitations by adding a proactive engine to the ABAC components, that runs rule-based scenarios devoted to sensor data pre-processing, to higher-level information storage in the PIP, and to real-time, automatic reaction on the system through its actuators when required.

KW - ABAC

KW - Access Control

KW - Event Analysis

KW - Internet of Things

KW - Proactive Computing

UR - http://www.scopus.com/inward/record.url?scp=85051954501&partnerID=8YFLogxK

M3 - Conference contribution

VL - 2018-March

SP - 333

EP - 339

BT - Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018

A2 - Munoz, Victor Mendez

A2 - Walters, Robert

A2 - Firouzi, Farshad

A2 - Wills, Gary

A2 - Chang, Victor

ER -

Picard N, Colin J-N, Zampunieris D. Context-aware and Attribute-based Access Control Applying Proactive Computing to IoT System. In Munoz VM, Walters R, Firouzi F, Wills G, Chang V, editors, Proceedings of the workshop on Security, Privacy, Big Data and Internet of Things SPBDIoT 2018: Within the 3rd International Conference on Internet of Things, Big Data and Security - IoTBDS 2018. Vol. 2018-March. 2018. p. 333-339