A Community-Driven Access Control Approach in Distributed IoT Environments
- 13 March 2017
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Communications Magazine
- Vol. 55 (3), 146-153
- https://doi.org/10.1109/mcom.2017.1600611cm
Abstract
The distributed Internet of Things is emerging in the literature as a new paradigm for IoT where remotely controlled smart objects can act on their own to sense/actuate, store, and interpret information either created by them or within the surrounding environment. This paradigm calls for novel security and access control mechanisms to enable smart objects with various resource limitations to evaluate a claimed access right from external entities without relying on central authorization systems. This article proposes utilizing a community-based structure to define the notion of access rights in a distributed IoT environment. With this structure, within a given community of smart objects sharing a common mission, access rights are to be evaluated based on the community norms by smart objects with sufficient resources on behalf of those with resource limitations. A novel, community-driven, access control framework is proposed in addition to a prototype to demonstrate access control granting in a user-friendly manner.Keywords
This publication has 12 references indexed in Scilit:
- On the Security and Privacy of Internet of Things Architectures and SystemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Access Control and the Internet of ThingsIEEE Internet Computing, 2015
- Security, privacy and trust in Internet of Things: The road aheadComputer Networks, 2015
- From "smart objects" to "social objects": The next evolutionary step of the internet of thingsIEEE Communications Magazine, 2014
- A capability-based security approach to manage access control in the Internet of ThingsMathematical and Computer Modelling, 2013
- On the features and challenges of security and privacy in distributed internet of thingsComputer Networks, 2013
- Critical RealismPublished by Informa UK Limited ,2013
- Terminology for Policy-Based ManagementPublished by RFC Editor ,2001
- ACLA: A Framework for Access Control List (ACL) Analysis and OptimizationPublished by Springer Science and Business Media LLC ,2001
- Access control: principle and practiceIEEE Communications Magazine, 1994