Access Control Model Based on Dynamic Delegations and Privacy in a Health System of Connected Objects

Conference paper
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 275)


The Internet of Things (IoT) promotes the development of new platforms, services and applications that connect the physical world to the virtual world. Defining access control policies for these platforms remains a challenge for researchers, as security gaps are still observed in several domains, including health. There are much scientific work on systems for remote patient monitoring and most of them have technological limits in access control of patients’ personal and confidential information. Moreover, these systems do not allow collaborative work because the doctor, in case of unavailability or in case of need of collegial decision, cannot delegate his role to another doctor having the same skills and the same attributes as him. In this paper, we propose a model based on dynamic role delegation, emphasizing on collaborative work and the protection of patients’ privacy. This model is a redefinition of the ORBAC model taking into account the notion of user attributes. We use first order logic and non-monotonic logic T-JCLASSICδε to perform an axiomatic interpretation of the model. We implement the model with WebRTC, Node.js and Kurento Media Server technologies to facilitate real-time communication between users, and raspberry pi for collecting biometric information received from sensors.


Access control Delegation IoT E-health 


  1. 1.
    Zerkouk, M.: Modèles de contrôle d’accès dynamiques (Doctoral dissertation, University of sciences and Technology in Oran) (2015)Google Scholar
  2. 2.
    El Kalam, A.A., et al.: Or-BAC: un modèle de contrôle d’accès basé sur les organisations. Cahiers francophones de la recherche en sécurité de l’information 1, 30–43 (2003)Google Scholar
  3. 3.
    Bettaz, O., Boustia, N., Mokhtari, A.: Dynamic delegation based on temporal context. Procedia Comput. Sci. 96, 245–254 (2016)CrossRefGoogle Scholar
  4. 4.
    Abakar, M.A.: Etude et mise en oeuvre d’une architecture pour l’authentification et la gestion de documents numériques certifiés: application dans le contexte des services en ligne pour le grand public (Doctoral dissertation, Saint Etienne) (2012)Google Scholar
  5. 5.
    Ennahbaoui, M.: Contributions aux contrôles d’accès dans la sécurité des systèmes d’information (2016)Google Scholar
  6. 6.
    Ghorbel-Talbi, M.B., Cuppens, F., Cuppens-Boulahia, N., Bouhoula, A.: Managing delegation in access control models. In: International Conference on Advanced Computing and Communications. ADCOM 2007, pp. 744–751. IEEE, December 2007Google Scholar
  7. 7.
    Ray, I., Mulamba, D., Ray, I., Han, K.J.: A model for trust-based access control and delegation in mobile clouds. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 242–257. Springer, Heidelberg (2013). Scholar
  8. 8.
    Zhang, L., Ahn, G.J., Chu, B.T.: A rule-based framework for role-based delegation and revocation. ACM Trans. Inf. Syst. Secur. (TISSEC) 6(3), 404–441 (2003)CrossRefGoogle Scholar
  9. 9.
    Chakraborty, S., Ray, I.: TrustBAC: integrating trust relationships into the RBAC model for access control in open systems. In: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 49–58. ACM, June 2006Google Scholar
  10. 10.
    Miege, A.: Definition of a formal framework for specifying security policies. The Or-BAC model and extensions (Doctoral dissertation, Télécom ParisTech) (2005)Google Scholar
  11. 11.
    El Kalam, A.A., Deswarte, Y.: Security model for health care computing and communication systems. In: Gritzalis, D., De Capitani di Vimercati, S., Samarati, P., Katsikas, S. (eds.) SEC 2003. ITIFIP, vol. 122, pp. 277–288. Springer, Boston, MA (2003). Scholar
  12. 12.
    Barka, E., Sandhu, R.: A role-based delegation model and some extensions. In: Proceedings of the 23rd National Information Systems Security Conference, vol. 4, pp. 49–58, December 2000Google Scholar
  13. 13.
    Truică, C.O., Boicea, A., Trifan, I.: CRUD Operations in Mon-goDB. In: International Conference on Advanced Computer Science and Electronics Information, pp. 347–348 (2013)Google Scholar
  14. 14.
    Chopade, M.R.M., Dhavase, N.S.: Mongodb, couchbase: performance comparison for image dataset. In: 2017 2nd International Conference for Convergence in Technology (I2CT), Mumbai, pp. 255–258 (2017)Google Scholar
  15. 15.
    Jose, B., Abraham, S.: Exploring the merits of NoSQL: a study based on mongodb. In: 2017 International Conference on Networks & Advances in Computational Technologies (NetACT), Thiruvanthapuram, pp. 266–271 (2017)Google Scholar
  16. 16.
    Patil, M.M., Hanni, A., Tejeshwar, C.H., Patil, P.: A qualitative analysis of the perfor-mance of MongoDB vs MySQL database based on insertion and retriewal operations using a web/android application to explore load balancing—Sharding in MongoDB and its advantages. In: 2017 International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC), Palladam, 2017, pp. 325–330 (2017)Google Scholar
  17. 17.
    Kumar, J., Garg, V.: Security analysis of unstructured data in NOSQL MongoDB data-base. In: 2017 International Conference on Computing and Communication Technologies for Smart Nation (IC3TSN), Gurgaon, India, 2017, pp. 300–305 (2017)Google Scholar
  18. 18.
    Smari, W.W., Clemente, P., Lalande, J.F.: An extended attribute based access control model with trust and privacy: application to a collaborative crisis management system. Future Gener. Comput. Syst. 31, 147–168 (2014)CrossRefGoogle Scholar

Copyright information

© ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2019

Authors and Affiliations

  1. 1.LIRT Laboratory, Higher Polytechnic SchoolUniversity of DakarDakarSenegal

Personalised recommendations