Advertisement

Attribute-Based Access Control Scheme in Federated IoT Platforms

  • Savio Sciancalepore
  • Michał Pilc
  • Svenja Schröder
  • Giuseppe Bianchi
  • Gennaro Boggia
  • Marek Pawłowski
  • Giuseppe Piro
  • Marcin Płóciennik
  • Hannes Weisgrab
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10218)

Abstract

The Internet of Things (IoT) introduced the possibility to connect electronic things from everyday life to the Internet, while making them ubiquitously available. With advanced IoT services, based on a trusted federation among heterogeneous IoT platforms, new security problems (including authentication and authorization) emerge. This contribution aims at describing the main facets of the preliminary security architecture envisaged in the context of the symbIoTe project, recently launched by European Commission under the Horizon 2020 EU program. Our approach features distributed and decoupled mechanisms for authentication and authorization services in complex scenarios embracing heterogeneous and federated IoT platforms, by leveraging Attribute Based Access Control and token-based authorization techniques.

Keywords

Internet of Things Security mechanisms Attribute-Based Access Control Interoperability framework Macaroons JSON Web Token 

Notes

Acknowledgments

This work is supported by the H2020 symbIoTe project, which has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 688156. The authors would like to cordially thank the entire symbIoTe consortium for their valuable comments and discussions.

References

  1. 1.
    Ashton, K.: That Internet of Things thing. RFID J. 22, 97–114 (2009)Google Scholar
  2. 2.
    Gershenfeld, N., Krikorian, R., Cohen, D.: The Internet-of-Things. Technical report, Scientific American (2004)Google Scholar
  3. 3.
    Gross, M.: Smart house and home automation technologies. Technical report, Encyclopedia of Housing (1998)Google Scholar
  4. 4.
    Mohanty, S.P., Choppali, U., Kougianos, E.: Everything you wanted to know about smart cities. IEEE Consum. Electron. Mag. 5(3), 60–70 (2016)CrossRefGoogle Scholar
  5. 5.
    Hu, V., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to Attribute Based Access Control (ABAC) definition and considerations. NIST special publication 800-162. NIST, January 2014Google Scholar
  6. 6.
    Khan, A.: Access control in cloud computing environment. ARPN J. Eng. Appl. Sci. 7(5), 613–615 (2012)Google Scholar
  7. 7.
    Juniper-Networks: Architecture for secure SCADA and distributed control system networks. Juniper Networks White Paper (2010)Google Scholar
  8. 8.
    Yan, Z., Zhang, P., Vasilakos, A.: A survey on trust management for Internet of Things. J. Netw. Comput. Appl. 42, 120–134 (2014)CrossRefGoogle Scholar
  9. 9.
    Sicari, S., Rizzardi, A., Grieco, L., Coen-Porisini, A.: Security, privacy and trust in Internet of Things: the road ahead. Comput. Netw. 76, 146–164 (2015)CrossRefGoogle Scholar
  10. 10.
    Birgisson, A., Gibbs Politz, J., Erlingisson, U., Lentczner, M.: Macaroons: cookies with contextual caveats for decentralized authorization in the cloud. In: Proceedings of the Conference on Network and Distributed System Security Symposium (2014)Google Scholar
  11. 11.
    Jones, M., Bradley, J., Sakimura, N.: JSON Web Token (JWT). RFC 5719, IETF, May 2015Google Scholar
  12. 12.
    Seitz, L., Selander, G., Wahlstroem, E., Erdtman, S., Tschofenig, H.: Authorization for the Internet of Things for constrained environments draft-ietf-ace-oauth-authz-04. Internet draft, IETF (2016)Google Scholar
  13. 13.
    Hennebert, C., et al.: IoT governance. privacy and security issues. Technical report, European Research Cluster on the Internet of Things, January 2015Google Scholar
  14. 14.
    Hardt, D.: The OAuth 2.0 authorization framework. RFC 6749, IETF, October 2012Google Scholar
  15. 15.
    Dierks, T., Rescorla, E.: The transport layer security protocol Version 1.1. IETF, April 2006Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Savio Sciancalepore
    • 1
    • 4
  • Michał Pilc
    • 2
  • Svenja Schröder
    • 3
  • Giuseppe Bianchi
    • 1
    • 5
  • Gennaro Boggia
    • 1
    • 4
  • Marek Pawłowski
    • 2
  • Giuseppe Piro
    • 1
    • 4
  • Marcin Płóciennik
    • 2
  • Hannes Weisgrab
    • 3
  1. 1.CNIT, Consorzio Nazionale Interuniversitario per le TelecomunicazioniParmaItaly
  2. 2.Poznań Supercomputing and Networking CenterIBCh PASPoznańPoland
  3. 3.Cooperative Systems Research GroupUniversity of ViennaViennaAustria
  4. 4.Department of Electrical and Information Engineering (DEI)Politecnico di BariBariItaly
  5. 5.Department of Electronic EngineeringUniversity of Rome Tor VergataRomeItaly

Personalised recommendations