Soft Computing

, Volume 20, Issue 5, pp 1763–1779 | Cite as

TACIoT: multidimensional trust-aware access control system for the Internet of Things

  • Jorge Bernal Bernabe
  • Jose Luis Hernandez Ramos
  • Antonio F. Skarmeta Gomez
Focus

Abstract

Internet of Things environments are comprised of heterogeneous devices that are continuously exchanging information and being accessed ubiquitously through lossy networks. This drives the need of a flexible, lightweight and adaptive access control mechanism to cope with the pervasive nature of such global ecosystem, ensuring, at the same time, reliable communications between trusted devices. To fill this gap, this paper proposes a flexible trust-aware access control system for IoT (TACIoT), which provides an end-to-end and reliable security mechanism for IoT devices, based on a lightweight authorization mechanism and a novel trust modelthat has been specially devised for IoT environments. TACIoT extends traditional access control systems by taking into account trust values which are based on reputation, quality of service, security considerations and devices’ social relationships. TACIoT has been implemented and evaluated successfully in a real testbed for constrained and non-constrained IoT devices.

Keywords

Trust model Access control  Internet of Things  Security framework 

Notes

Acknowledgments

This work has been sponsored by European Commission through the FP7-SOCIOTAL-609112 EU Projects, and the Spanish Seneca Foundation by means of the Excellence Researching Group Program (04552/GERM/06).

References

  1. A socially aware citizen-centric Internet of Things C (2013) Eu fp7 sociotal project. http://sociotal.eu
  2. Architecture D.I.S. proof of concept I.P.B. Eu fp7 butler project (2013)Google Scholar
  3. Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Elsevier Comput Netw 54(15):2787–2805CrossRefMATHGoogle Scholar
  4. Atzori L, Iera A, Morabito G, Nitti M (2012) The social internet of things (siot)-when social networks meet the internet of things: concept, architecture and network characterization. Comput Netw 56(16):3594–3608CrossRefGoogle Scholar
  5. Bao F, Chen IR, Guo J (2013) Scalable, adaptive and survivable trust management for community of interest based internet of things systems. In: Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International Symposium on, pp 1–7. IEEEGoogle Scholar
  6. Bao F, Chen IR (2012) Dynamic trust management for internet of things applications. In: Proceedings of the 2012 international workshop on Self-aware internet of things, pp 1–6. ACMGoogle Scholar
  7. Bassi A, Bauer M, Fiedler M, Kramp T, van Kranenburg R, Lange S, Meissner S (2013) Enabling things to talk. Springer, Berlin, HeidelbergGoogle Scholar
  8. Bernabe BJ, Luis Hernndez MVM, Skarmeta A (2014) Privacy-preserving security framework for a social-aware internet of things. In: UCAm I 2014, pp 408–415Google Scholar
  9. Chen D, Chang G, Sun D, Li J, Jia J, Wang X (2011) Trm-iot: a trust management model based on fuzzy reputation for internet of things. Comput Sci Inf Syst 8(4):1207–1228CrossRefGoogle Scholar
  10. Chen D, Chang G, Sun D, Jia J, Wang X (2012) Modeling access control for cyber-physical systems using reputation. Comput Electr Eng 38(5):1088–1101CrossRefGoogle Scholar
  11. Crockford D (2006) RFC 4627: The application/json Media Type for Javascript Object Notation (JSON). IETF RFC 4627. http://www.ietf.org/rfc/rfc4627.txt
  12. Ferraiolo D, Cugini J, Kuhn R (1995) Role-based access control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp 241–48Google Scholar
  13. Gerdes S (2014) Actors in the ace architecture. IETF Internet Draft, draft-gerdes-ace-actors-01Google Scholar
  14. Gusmeroli S, Piccione S, Rotondi D (2013) A capability-based security approach to manage access control in the internet of things. Math Comput Model 58(5–6):1189–1205CrossRefGoogle Scholar
  15. Heer T, Garcia-Morchon O, Hummen R, Keoh SL, Kumar SS, Wehrle K (2011) Security challenges in the ip-based internet of things. Wirel Pers Commun 61(3):527–542CrossRefGoogle Scholar
  16. Hernández-Ramos JL, Jara AJ, Marín L, Skarmeta AF (2014) Dcapbac: Embedding authorization logic into smart things through ecc optimizations. Int J Comput Math 1–22. doi:10.1080/00207160.2014.915316
  17. Jara AJ, Lopez P, Fernandez D, Castillo JF, Zamora MA, Skarmeta AF (2014) Mobile digcovery: discovering and interacting with the world through the internet of things. Pers Ubiquitous Comput 18(2):323–338CrossRefGoogle Scholar
  18. Langheinrich M (2001) Privacy by designprinciples of privacy-aware ubiquitous systems. In: Ubicomp 2001: Ubiquitous Computing, pp 273–291. SpringerGoogle Scholar
  19. Mahalle PN, Thakre PA, Prasad NR, Prasad R (2013) A fuzzy approach to trust based access control in internet of things. In: Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), 2013 3rd International Conference on, pp 1–5. IEEEGoogle Scholar
  20. Mahalle, PN, Anggorojati B, Prasad NR, Prasad R (2012) Identity driven capability based access control (ICAC) for the Internet of Things. In: Proceedings of the 6th IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bangalore, India, pp 49–54. IEEEGoogle Scholar
  21. Marin L, Jara A, Skarmeta A (2013) Shifting primes on openrisc processors with hardware multiplier. In: Information and Communication Technology, pp 540–549. SpringerGoogle Scholar
  22. Marti S, Garcia-Molina H (2006) Taxonomy of trust: categorizing p2p reputation systems. Comput Netw 50(4):472–484CrossRefMATHGoogle Scholar
  23. Medaglia CM, Serbanati A (2010) An overview of privacy and security issues in the internet of things. In: The Internet of Things, pp. 389–395. SpringerGoogle Scholar
  24. Nitti M, Girau R, Atzori L (2013) Trustworthiness management in the social internet of things. IEEE Trans Knowl Data Eng 26(5):1253–1266Google Scholar
  25. Rada-Vilela J (2014) Fuzzylite: a fuzzy logic control library. http://www.fuzzylite.com
  26. Rescola E, Modadugu N (2006) Rfc 4347: Datagram transport layer security (dtls). Request for Comments, IETFGoogle Scholar
  27. Rissanen E (2012) extensible access control markup language (xacml) version 3.0 oasis standardGoogle Scholar
  28. Saied Ben, Olivereau Y, Zeghlache D, Laurent M (2013) Trust management system design for the internet of things: a context-aware and multi-service approach. Comput Secur 39:351–365CrossRefGoogle Scholar
  29. Schaffers H, Komninos N, Pallot M, Trousse B, Nilsson M, Oliveira A (2011) Smart cities and the future internet: towards cooperation frameworks for open innovation. SpringerGoogle Scholar
  30. Seitz L, Selander G (2014) Problem description for authorization in constrained environments. IETF Internet Draft, draft-seitz-ace-problem-description-01Google Scholar
  31. Shelby Z, Hartke K, Bormann C (2014) The constrained application protocol (coap). IETF RFC 7252:10Google Scholar
  32. Weiser M (1991) The computer for the 21st century. Sci Am 265(3):94–104CrossRefGoogle Scholar
  33. Yager RR, Filev D (1994) Essentials of fuzzy modeling and control. Wiley, New YorkGoogle Scholar
  34. Yuan E, Tong J (2005) Attributed based access control (ABAC) for web services. In: Proceedings of the 12th IEEE International Conference on Web Services (ICWS), Orlando, USA. IEEEGoogle Scholar
  35. Ziegler S, Crettaz C, Ladid L, Krco S, Pokric B, Skarmeta AF, Jara A, Kastner W, Jung M (2013) Iot6-moving to an ipv6-based future iot. Springer, Berlin, HeidelbergGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  • Jorge Bernal Bernabe
    • 1
  • Jose Luis Hernandez Ramos
    • 1
  • Antonio F. Skarmeta Gomez
    • 1
  1. 1.Department of Information and Communications EngineeringUniversity of MurciaMurciaSpain

Personalised recommendations