scholarly journals Protocol-Based and Hybrid Access Control for the IoT: Approaches and Research Opportunities

Sensors ◽  
2021 ◽  
Vol 21 (20) ◽  
pp. 6832
Author(s):  
Shantanu Pal ◽  
Zahra Jadidi
Keyword(s):  
Access Control ◽  
Large Scale ◽  
Policy Enforcement ◽  
Sensitive Information ◽  
Control Mechanisms ◽  
Use Of Resources ◽  
Industrial Iot ◽  
Hybrid Access ◽  
Authentication And Authorization ◽  
Open Issues

Internet of Things (IoT) applications and services are becoming more prevalent in our everyday life. However, such an interconnected network of intelligent physical entities needs appropriate security to sensitive information. That said, the need for proper authentication and authorization is paramount. Access control is in the front line of such mechanisms. Access control determines the use of resources only to the specified and authorized users based on appropriate policy enforcement. IoT demands more sophisticated access control in terms of its usability and efficiency in protecting sensitive information. This conveys the need for access control to serve system-specific requirements and be flexibly combined with other access control approaches. In this paper, we discuss the potential for employing protocol-based and hybrid access control for IoT systems and examine how that can overcome the limitations of traditional access control mechanisms. We also focus on the key benefits and constraints of this integration. Our work further enhances the need to build hierarchical access control for large-scale IoT systems (e.g., Industrial IoT (IIoT) settings) with protocol-based and hybrid access control approaches. We, moreover, list the associated open issues to make such approaches efficient for access control in large-scale IoT systems.

Three Dimensional Hypercube Model and Mechanism

2015 ◽  
Vol 5 (2) ◽  
pp. 62-79
Author(s):  
Prashant Kumar Patra ◽  
Padma Lochan Pradhan
Keyword(s):  
Operating System ◽  
Access Control ◽  
Large Scale ◽  
Three Dimensional ◽  
Automated System ◽  
System Control ◽  
Sensitive Information ◽  
Control Mechanisms ◽  
Risk Optimization ◽  
System Resources

The automated access control mechanism afforded to an automated system control in order to attain the maximum objectives of preserving the confidentiality, integrity, authentication & high availability of information system resources. The risk optimization is the process of identifying vulnerabilities, risk, uncertainties and threats to operating system resources to achieving the maximum business objectives and deciding the maximum counter measures in to optimizing the lowest level of risk. This proposed three dimensional hypercube security models and mechanism is going to be providing high level accountability for individuals who are accessing sensitive information on multiple relation functions, operation and services (RFOS) on multiple application, system software, server and network. This accountability is accomplished through access control mechanisms & services that require Confidentiality, Integrity, Authentication, Access control, Non repudiation, Availability & Privacy through operating system control and audit function. One has to develop the computer algebraic system over a relation, function, operation & services for multiple business, resources and location for risk optimization on complex real time large scale operating system. This paper contributes to the development of an optimization mechanism that objective to determine the optimal cost to be invested into security mechanisms on the measure component of the system security. Furthermore, the model optimize the cost, time & resources is supposed to optimize the system risks and maximize the business throughput and high security system. One has to develop one solution (ACM) for multiple issue which is satisfying to the pervasive and ubiquitous computing based on distributed object oriented system.

Security

2010 ◽  
pp. 194-216
Author(s):  
Valentin Cristea ◽  
Ciprian Dobre ◽  
Corina Stratan ◽  
Florin Pop
Keyword(s):  
Distributed Systems ◽  
Access Control ◽  
Key Management ◽  
Secure Communication ◽  
Large Scale ◽  
Internet Banking ◽  
Distributed Applications ◽  
Sensitive Information ◽  
Security Research ◽  
Security Models

Security in distributed systems is a combination of confidentiality, integrity and availability of their components. It mainly targets the communication channels between users and/or processes located in different computers, the access control of users / processes to resources and services, and the management of keys, users and user groups. Distributed systems are more vulnerable to security threats due to several characteristics such as their large scale, the distributed nature of the control, and the remote nature of the access. In addition, an increasing number of distributed applications (such as Internet banking) manipulate sensitive information and have special security requirements. After discussing important security concepts in the Background section, this chapter addresses several important problems that are at the aim of current research in the security of large scale distributed systems: security models (which represent the theoretical foundation for solving security problems), access control (more specific the access control in distributed multi-organizational platforms), secure communication (with emphasis on the secure group communication, which is a hot topic in security research today), security management (especially key management for collaborative environments), secure distributed architectures (which are the blueprints for designing and building security systems), and security environments / frameworks.

Use of Purpose and Role Based Access Control Mechanisms to Protect Data Within RDBMS

2020 ◽  
Vol 8 (1) ◽  
pp. 82-91
Author(s):  
Suraj Krishna Patil ◽  
Sandipkumar Chandrakant Sagare ◽  
Alankar Shantaram Shelar
Keyword(s):  
Access Control ◽  
Privacy Preservation ◽  
Original Data ◽  
Sensitive Information ◽  
Role Based Access Control ◽  
Control Mechanisms ◽  
Sensitive Data ◽  
Access To Resources ◽  
Key Factor ◽  
Role Based

Privacy is the key factor to handle personal and sensitive data, which in large chunks, is stored by database management systems (DBMS). It provides tools and mechanisms to access and analyze data within it. Privacy preservation converts original data into some unknown form, thus protecting personal and sensitive information. Different access control mechanisms such as discretionary access control, mandatory access control is used in DBMS. However, they hardly consider purpose and role-based access control in DBMS, which incorporates policy specification and enforcement. The role based access control (RBAC) regulates the access to resources based on the roles of individual users. Purpose based access control (PuBAC) regulates the access to resources based on purpose for which data can be accessed. It regulates execution of queries based on purpose. The PuRBAC system uses the policies of both, i.e. PuBAC and RBAC, to enforce within RDBMS.

Analysis of Healthcare Workflows in Accordance with Access Control Policies

2016 ◽  
Vol 11 (1) ◽  
pp. 1-20 ◽  
Author(s):  
Sandeep Lakaraju ◽  
Dianxiang Xu ◽  
Yong Wang
Keyword(s):  
Access Control ◽  
Sensitive Information ◽  
Control Mechanisms ◽  
Healthcare Organizations ◽  
Sensitive Data ◽  
Healthcare Information ◽  
Control Policies ◽  
Crucial Element ◽  
Access Control Policies ◽  
Context Element

Healthcare information systems deal with sensitive data across complex workflows. They often allow various stakeholders from different environments to access data across organizational boundaries. This elevates the risk of exposing sensitive healthcare information to unauthorized personnel, leading ‘controlling access to resources' a major concern. To prevent unwanted access to sensitive information, healthcare organizations need to adopt effective workflows and access control mechanisms. Many healthcare organizations are not yet considering or do not know how to accommodate the ‘context' element as a crucial element in their workflows and access control policies. The authors envision the future of healthcare where ‘context' will be considered as a crucial element. They can accommodate context through a new element ‘environment' in workflows, and can accommodate context in policies through well-known attribute based access control mechanism (ABAC). This research mainly addresses these problems by proposing a model to integrate workflows and access control policies and thereby identifying workflow activities that are not being protected by access control policies and improving the workflow activities and/or existing access control policies using SARE (Subject, Action, Resource, and environment) elements.

scholarly journals PROVISIONING LARGE-SCALED DATA WITH PARAMETERIZED QUERY PLANS: A CASE STUDY

2021 ◽  
Vol 4 (1) ◽  
pp. 3-14
Author(s):  
Zdzislaw Polkowski ◽  
◽  
Sambit Kumar Mishra ◽  
Keyword(s):  
Large Scale ◽  
Sensitive Information ◽  
Security Measures ◽  
High Data ◽  
Integral Methods ◽  
Large Scale Data ◽  
Process Visualization ◽  
Authentication And Authorization ◽  
High Level ◽  
Scale Data

In a general scenario, the approaches linked to the innovation of large-scaled data seem ordinary; the informational measures of such aspects can differ based on the applications as these are associated with different attributes that may support high data volumes high data quality. Accordingly, the challenges can be identified with an assurance of high-level protection and data transformation with enhanced operation quality. Based on large-scale data applications in different virtual servers, it is clear that the information can be measured by enlisting the sources linked to sensors networked and provisioned by the analysts. Therefore, it is very much essential to track the relevance and issues with enormous information. While aiming towards knowledge extraction, applying large-scaled data may involve the analytical aspects to predict future events. Accordingly, the soft computing approach can be implemented in such cases to carry out the analysis. During the analysis of large-scale data, it is essential to abide by the rules associated with security measures because preserving sensitive information is the biggest challenge while dealing with large-scale data. As high risk is observed in such data analysis, security measures can be enhanced by having provisioned with authentication and authorization. Indeed, the major obstacles linked to the techniques while analyzing the data are prohibited during security and scalability. The integral methods towards application on data possess a better impact on scalability. It is observed that the faster scaling factor of data on the processor embeds some processing elements to the system. Therefore, it is required to address the challenges linked to processors correlating with process visualization and scalability.

scholarly journals Enabling efficient traceable and revocable time-based data sharing in smart city

2022 ◽  
Vol 2022 (1) ◽  
Author(s):  
Jiawei Zhang ◽  
Teng Li ◽  
Qi Jiang ◽  
Jianfeng Ma
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Smart City ◽  
Large Scale ◽  
Fog Computing ◽  
Data Access ◽  
Sensitive Information ◽  
Fine Grained ◽  
Data Access Control ◽  
Security Proof

AbstractWith the assistance of emerging techniques, such as cloud computing, fog computing and Internet of Things (IoT), smart city is developing rapidly into a novel and well-accepted service pattern these days. The trend also facilitates numerous relevant applications, e.g., smart health care, smart office, smart campus, etc., and drives the urgent demand for data sharing. However, this brings many concerns on data security as there is more private and sensitive information contained in the data of smart city applications. It may incur disastrous consequences if the shared data are illegally accessed, which necessitates an efficient data access control scheme for data sharing in smart city applications with resource-poor user terminals. To this end, we proposes an efficient traceable and revocable time-based CP-ABE (TR-TABE) scheme which can achieve time-based and fine-grained data access control over large attribute universe for data sharing in large-scale smart city applications. To trace and punish the malicious users that intentionally leak their keys to pursue illicit profits, we design an efficient user tracing and revocation mechanism with forward and backward security. For efficiency improvement, we integrate outsourced decryption and verify the correctness of its result. The proposed scheme is proved secure with formal security proof and is demonstrated to be practical for data sharing in smart city applications with extensive performance evaluation.

Research and Implementation of Mixed Access Control Model

2011 ◽  
Vol 474-476 ◽  
pp. 1081-1086
Author(s):  
Long Jun Huang ◽  
Cai Ying Zhou ◽  
Yuan Wang Wei ◽  
Li Ping Dai
Keyword(s):  
Access Control ◽  
Complex Systems ◽  
Large Scale ◽  
Control Model ◽  
Formal Definition ◽  
System Safety ◽  
Access Control Model ◽  
Single Access ◽  
Safety Requirements ◽  
Hybrid Access

The scale of modern systems is increasingly large, the system safety requirements have become more sophisticated, a single access control model could not do. In view of this situation, this paper presents a core RBAC, integration MAC, DAC thought and proposed a hybrid access control model - M-AC model (Mixed Access Control Model). The model is fully three kinds of advantages of the traditional access control model to eliminate each other's shortcomings, to meet the large-scale complex systems, the stringent requirements for access control. In the formal definition is given of the model, as well as rules, with an actual project, the implementation of the model methods are analyzed and studied.

Analysis of Healthcare Workflows in Accordance with Access Control Policies

2020 ◽  
pp. 1378-1400
Author(s):  
Sandeep Lakaraju ◽  
Dianxiang Xu ◽  
Yong Wang
Keyword(s):  
Access Control ◽  
Sensitive Information ◽  
Control Mechanisms ◽  
Healthcare Organizations ◽  
Organizational Boundaries ◽  
Healthcare Information ◽  
Control Policies ◽  
Crucial Element ◽  
Access Control Policies ◽  
Attribute Based Access Control

Healthcare information systems deal with sensitive data across complex workflows. They often allow various stakeholders from different environments to access data across organizational boundaries. This elevates the risk of exposing sensitive healthcare information to unauthorized personnel, leading ‘controlling access to resources' a major concern. To prevent unwanted access to sensitive information, healthcare organizations need to adopt effective workflows and access control mechanisms. Many healthcare organizations are not yet considering or do not know how to accommodate the ‘context' element as a crucial element in their workflows and access control policies. The authors envision the future of healthcare where ‘context' will be considered as a crucial element. They can accommodate context through a new element ‘environment' in workflows, and can accommodate context in policies through well-known attribute based access control mechanism (ABAC). This research mainly addresses these problems by proposing a model to integrate workflows and access control policies and thereby identifying workflow activities that are not being protected by access control policies and improving the workflow activities and/or existing access control policies using SARE (Subject, Action, Resource, and environment) elements.

scholarly journals Privacy-aware Decentralized and Scalable Access Control Management for IoT Environment

2019 ◽  
Vol 8 (1) ◽  
pp. 71-84 ◽  
Author(s):  
Abrar O. Alkhamisi and Fathy Alboraei Abrar O. Alkhamisi and Fathy Alboraei
Keyword(s):  
Access Control ◽  
Contextual Information ◽  
Vital Role ◽  
Control Mechanisms ◽  
Resource Constrained ◽  
Blockchain Technology ◽  
Smart Contract ◽  
Authentication And Authorization ◽  
Security Concerns ◽  
Iot Devices

In recent years, the Internet of Things (IoT) plays a vital role in our daily activities .Owing to the increased number of vulnerabilities on the IoT devices, security becomes critical in the untrustworthy IoT environment. Access control is one of the top security concerns, however, implementing the traditional access control mechanisms in the resource-constrained nature of the IoT devices is a challenging task. With the emergence of blockchain technology, several recent research works have focused on the adoption of blockchain in IoT to resolve the security concerns. Despite, integrating the blockchain in the resource-constrained IoT context is difficult. To overcome these obstacles, the proposed work presents a privacy-aware IoT security architecture to ensure the access control based on Smart contract for resource-constrained and distributed IoT devices. The design of the proposed architecture incorporates three main components such as the contextual blockchain gateway, decentralized revocation manager, and non-interactive zero-knowledge proof based validation. By modeling the contextual blockchain gateway, the proposed architecture ensures the dynamic authentication and authorization based on the contextual information and access policies. Instead of integrating the blockchain technology into resource-constrained IoT devices, the smart contract-based distributed access control system with the contextual blockchain gateway provides the scalable solution. With the association of decentralized revocation manager in the smart contract, it prevents the resource access from the unauthorized users by dynamically generating and updating the revoked user list of all the nodes in the smart contract. Moreover, the proposed architecture employs the non-interactive zeroknowledge proof cryptographic protocol to ensure the transaction privacy within the smart contract. Consequently, it maintains the trade-off between the transparency and privacy while ensuring the security for the distributed IoT environment.

Analysis of Healthcare Workflows in Accordance with Access Control Policies

2020 ◽  
pp. 277-299
Author(s):  
Sandeep Lakaraju ◽  
Dianxiang Xu ◽  
Yong Wang
Keyword(s):  
Access Control ◽  
Sensitive Information ◽  
Control Mechanisms ◽  
Healthcare Organizations ◽  
Organizational Boundaries ◽  
Healthcare Information ◽  
Control Policies ◽  
Crucial Element ◽  
Access Control Policies ◽  
Attribute Based Access Control

Healthcare information systems deal with sensitive data across complex workflows. They often allow various stakeholders from different environments to access data across organizational boundaries. This elevates the risk of exposing sensitive healthcare information to unauthorized personnel, leading ‘controlling access to resources' a major concern. To prevent unwanted access to sensitive information, healthcare organizations need to adopt effective workflows and access control mechanisms. Many healthcare organizations are not yet considering or do not know how to accommodate the ‘context' element as a crucial element in their workflows and access control policies. The authors envision the future of healthcare where ‘context' will be considered as a crucial element. They can accommodate context through a new element ‘environment' in workflows, and can accommodate context in policies through well-known attribute based access control mechanism (ABAC). This research mainly addresses these problems by proposing a model to integrate workflows and access control policies and thereby identifying workflow activities that are not being protected by access control policies and improving the workflow activities and/or existing access control policies using SARE (Subject, Action, Resource, and environment) elements.

Sign in / Sign up

Export Citation Format

Share Document