Validating Requirements of Access Control for Cloud-Edge IoT Solutions (Short Paper)

  • Tahir AhmadEmail author
  • Silvio Ranise
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11358)


The pervasiveness of Internet of Things (IoT) solutions have stimulated research on the basic security mechanisms needed in the wide range of IoT use case scenarios, ranging from home automation to industrial control systems. We focus on access control for cloud-edge based IoT solutions for which—in previous work—we have proposed a lazy approach to Access Control as a Service for the specification, administration, and enforcement of policies. The validity of the approach was evaluated in a realistic smart-lock scenario. In this paper, we argue that the approach is adaptable to a wide range of IoT use case scenarios by validating the requirements elicited when analyzing the smart lock scenario.


Access control IoT Requirements validation 


  1. 1.
    IEC Role in the Internet of Things (2016). Accessed 10 Sept 2018
  2. 2.
    IoT 2020: Smart and Secure IoT Platform (2016). Accessed 10 Sept 2018
  3. 3.
    Ahmad, T., Morelli, U., Ranise, S., Zannone, N.: A lazy approach to access control as a service (ACaaS) for IoT: an AWS case study. In: Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies, pp. 235–246. ACM (2018)Google Scholar
  4. 4.
    Alonso, Á., Fernández, F., Marco, L., Salvachúa, J.: IAACaaS: IoT application-scoped access control as a service. Futur. Internet 9(4), 64 (2017)CrossRefGoogle Scholar
  5. 5.
    Fotiou, N., Machas, A., Polyzos, G.C., Xylomenos, G.: Access control as a service for the cloud. J. Internet Serv. Appl. 6(1), 11 (2015)CrossRefGoogle Scholar
  6. 6.
    Fremantle, P., Aziz, B., Kopeckỳ, J., Scott, P.: Federated identity and access management for the Internet of Things. In: International Workshop on Secure Internet of Things, pp. 10–17. IEEE (2014)Google Scholar
  7. 7.
    Hu, V.C., et al.: Guide to ABAC Definition and Considerations. No. 800–162 in NIST (2013)Google Scholar
  8. 8.
    Kaluvuri, S.P., Egner, A.I., den Hartog, J., Zannone, N.: SAFAX–an extensible authorization service for cloud environments. Front. ICT 2, 9 (2015)CrossRefGoogle Scholar
  9. 9.
    Morelli, U., Ranise, S.: Assisted authoring, analysis and enforcement of access control policies in the cloud. In: De Capitani di Vimercati, S., Martinelli, F. (eds.) SEC 2017. IAICT, vol. 502, pp. 296–309. Springer, Cham (2017). Scholar
  10. 10.
    Samarati, P., de Vimercati, S.C.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001). Scholar
  11. 11.
    Seitz, L., Gerdes, S., Selander, G., Mani, M., Kumar, S.: Use cases for authentication and authorization in constrained environments. Technical report (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Security & Trust UnitFBK-ICTTrentoItaly
  2. 2.DIBRISUniversity of GenovaGenoaItaly

Personalised recommendations