Access Control in Service Compositions

2013 ◽  
pp. 165-187
Author(s):  
Aurélien Faravelon ◽  
Stéphanie Chollet
Keyword(s):  
Access Control ◽  
Data Privacy ◽  
Use Case ◽  
Model Driven ◽  
Design Time ◽  
Runtime Environment ◽  
Security Challenges ◽  
Access Control Management ◽  
Model Driven Approach ◽  
Pervasive Applications

Pervasive applications are entering the mainstream, but at the present time, exhibit significant security weaknesses. Service-driven architectural approaches facilitate the development of pervasive applications, however, security with respect to access control and data privacy of pervasive applications are currently not managed comprehensively from design time through run time. This chapter presents a use case emphasizing the security challenges for pervasive applications and proposes a novel, generative architectural approach, to include security in pervasive applications at design time. This is a model-driven approach based on models pertaining to access control management that respect the temporal constraints relating to pervasive applications. The approach is implemented with a design and runtime environment and the results of the validation applied to the pervasive use case are presented.

scholarly journals Dynamic-IoTrust: A Dynamic Access Control for IoT Based on Smart Contracts

2021 ◽  
Vol 10 (2) ◽  
pp. 139
Author(s):  
Eman Samkri ◽  
Norah Farooqi
Keyword(s):  
Access Control ◽  
Single Point ◽  
Trust Value ◽  
Smart Contract ◽  
Access Control Policies ◽  
Security Challenges ◽  
Dynamic Trust ◽  
Access Control System ◽  
Access Rights ◽  
Access Control Management

The Internet of things (IoT) is an active, real-world area in need of more investigation. One of the top weaknesses in security challenges that IoTs face, the centralized access control server, which can be a single point of failure. In this paper, Dynamic-IoTrust, a decentralized access control smart contract based aims to overcome distrusted, dynamic, trust and authentication issues for access control in IoT. It also integrates dynamic trust value to evaluate users based on behavior. In particular, the Dynamic-IoTrust contains multiple Main Smart Contract, one Register Contract, and one Judging Contract to achieve efficient distributed access control management. Dynamic-IoTrust provides both static access rights by allowing predefined access control policies and also provides dynamic access rights by checking the trust value and the behavior of the user. The system also provides to detected user misbehavior and make a decision for user trust value and penalty. There are several levels of trusted users to access the IoTs device. Finally, the case study demonstrates the feasibility of the Dynamic-IoTrust model to offer a dynamic decentralized access control system with trust value attribute to evaluate the internal user used IoTs devices.

Sign in / Sign up

Export Citation Format

Share Document