Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
skip to main content
10.1145/3365871.3365905acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiotConference Proceedingsconference-collections
extended-abstract

Asset-Oriented Access Control: Towards a New IoT Framework

Published: 22 October 2019 Publication History

Abstract

Controlling asset-access has traditionally been considered a matter for systems in which assets reside. Centralized approaches to access control are, however, problematic for the IoT. One reason for this is that devices may not be confined to a single system of control. In this abstract, we argue for a new paradigm in which assets are empowered to make their own access decisions. To facilitate this shift in perspective, we propose a policy-neutral framework based on principles adapted from object-oriented programming. This approach establishes assets as active, message-passing entities that store and determine their own access control. We describe initial work modelling the interaction of such assets and point to future formal work for reasoning about protocols and policy composition.

References

[1]
Seraphin Calo, Dinesh Verma, Supriyo Chakraborty, Elisa Bertino, Emil Lupu, Gregory Cirincione. 2018. Self-Generation of Access Control Policies. SACMAT'18.
[2]
Hans van Ditmarsch, Wiebe van der Hoek, Barteld Kooi. 2008. Dynamic Epistemic Logic. Springer.
[3]
Earlence Fernandes, Amir Rahmati, Kevin Eykholt, Atul Prakash. 2017. Internet of things security research: A rehash of old ideas or new intellectual challenges? Security & Privacy '17.
[4]
David Gil, Antonio Ferrández, Higinio Mora-Mora, Jesús Peral. 2016. Internet of things: A review of surveys based on context aware intelligent services. Sensors '16.
[5]
José Hernández-Ramos, Antonio Jara, Leandro Marín, Antonio Skarmeta. 2013. Distributed capability-based access control for the internet of things. JISIS'13.
[6]
Vincent Hu, David Ferraiolo, Rick Kuhn, Adam Schnitzer, Kenneth Sandlin, Robert Miller, Karen Scarfone. 2014. Guide to Attribute Based Access Control (ABAC). NIST
[7]
Ted Hudek, Tim Sherer. 2018. Windows Kernel-Mode Security Reference Monitor. https://docs.microsoft.com/en-us/windows-hardware/drivers/kernel/windows-kernel-mode-security-reference-monitor.
[8]
Zaigham Mahmood (Ed.). 2016. Connectivity frameworks for smart devices: the internet of things from a distributed computing perspective. Springer.
[9]
Htoo Maw, Hannan Xiao, Bruce Christianson. 2012. An adaptive access control model with privileges overriding and behaviour monitoring in wireless sensor networks. Q2SWinet'12.
[10]
Ravi Sandhu. 1998. Role-based access control. Advances in Computers '98.
[11]
Ravi Sandhu, Jaehong Park. 2003. Usage control: A vision for next generation access control. MMS-ACNS'03.
[12]
Yang Yang, Ximeng Liu, Robert Deng. 2017. Lightweight break-glass access control system for healthcare internet-of-things. IEEE Transactions on Industrial Informatics '17.

Cited By

View all
  • (2022)Systematic Review of Authentication and Authorization Advancements for the Internet of ThingsSensors10.3390/s2204136122:4(1361)Online publication date: 10-Feb-2022

Index Terms

  1. Asset-Oriented Access Control: Towards a New IoT Framework

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Other conferences
    IoT '19: Proceedings of the 9th International Conference on the Internet of Things
    October 2019
    263 pages
    ISBN:9781450372077
    DOI:10.1145/3365871
    Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 22 October 2019

    Check for updates

    Author Tags

    1. Access Control
    2. Internet of Things
    3. Object-Oriented

    Qualifiers

    • Extended-abstract
    • Research
    • Refereed limited

    Conference

    IoT 2019

    Acceptance Rates

    IoT '19 Paper Acceptance Rate 28 of 84 submissions, 33%;
    Overall Acceptance Rate 28 of 84 submissions, 33%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)2
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 03 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2022)Systematic Review of Authentication and Authorization Advancements for the Internet of ThingsSensors10.3390/s2204136122:4(1361)Online publication date: 10-Feb-2022

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media