Situation-Aware Access Control for Industrie 4.0

  • Marc Hüffmeyer
  • Pascal Hirmer
  • Bernhard Mitschang
  • Ulf Schreier
  • Matthias Wieland
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 867)


In recent years, the Internet of Things emerges as a new paradigm that enables new applications, such as Smart Factories, Smart Homes, and Smart Cities. In these applications, privacy and security are important issues, especially regarding the access to sensors and actuators. Sometimes, this access should only be permitted if a certain situation occurs, e.g., access to a camera should only be allowed in an exceptional situation. In this paper, we enable situation-based access control for sensitive components in the Internet of Things, focusing on Industrie 4.0. To realize this, we combine an attribute-based access control system with a situation recognition system to create a highly flexible, well performing, and situation-aware access control system. This access control system is capable of automatically granting or prohibiting access depending on situation occurrences and other dynamic or static security attributes.


Authorization Attribute based access control Situation-awareness REST Internet of Things 



This work is partially funded by the BMWi project IC4F (01MA17008G).


  1. 1.
    Kassner, L., Gröger, C., Königsberger, J., Hoos, E., Kiefer, C., Weber, C., Silcher, S., Mitschang, B.: The Stuttgart IT architecture for manufacturing. In: Hammoudi, S., Maciaszek, L.A., Missikoff, M.M., Camp, O., Cordeiro, J. (eds.) ICEIS 2016. LNBIP, vol. 291, pp. 53–80. Springer, Cham (2017). Scholar
  2. 2.
    Franco da Silva, A.C., Hirmer, P., Wieland, M., Mitschang, B.: SitRS XT - towards near real time situation recognition. J. Inf. Data Manag. (2016)Google Scholar
  3. 3.
    Hirmer, P., Wieland, M., Schwarz, H., Mitschang, B., Breitenbücher, U., Leymann, F.: SitRS - a situation recognition service based on modeling and executing situation templates. In: Barzen, J., Khalaf, R., Leymann, F., Mitschang, B. (eds.) Proceedings of the 9th Symposium and Summer School On Service-Oriented Computing. Volume RC25564 of Technical Paper, IBM Research Report (2015)Google Scholar
  4. 4.
    Wieland, M., Schwarz, H., Breitenbücher, U., Leymann, F.: Towards situation-aware adaptive workflows. In: Proceedings of the 13th Annual IEEE International Conference on Pervasive Computing and Communications Workshops: 11th Workshop on Context and Activity Modeling and Recognition. IEEE (2015)Google Scholar
  5. 5.
    Hüffmeyer, M., Schreier, U.: RestACL - an attribute based access control language for RESTful services. In: ABAC 2016 - Proceedings of the 1st Workshop on Attribute Based Access Control (2016)Google Scholar
  6. 6.
    Hüffmeyer, M., Hirmer, P., Mitschang, B., Schreier, U., Wieland, M.: SitAC – a system for situation-aware access control - controlling access to sensor data. In: Mori, P., Furnell, S., Camp, O. (eds.) Proceedings of the 3rd International Conference on Information Systems Security and Privacy, vol. 1, pp. 113–125. SciTePress, Porto (2017)Google Scholar
  7. 7.
    Hoos, E., Hirmer, P., Mitschang, B.: Improving problem resolving on the shop floor by context-aware decision information packages. In: Franch, X., Ralyté, J. (eds.) Proceedings of the CAiSE 2017 Forum, Essen, CEUR Workshop Proceedings, 121–128 (2017)Google Scholar
  8. 8.
    Beimel, D., Peleg, M.: Using OWL and SWRL to represent and reason with situation-based access control policies. Data Knowl. Eng. 70(6), 596–615 (2011)CrossRefGoogle Scholar
  9. 9.
    Peleg, M., Beimel, D., Dorib, D., Denekamp, Y.: Situation-based access control: privacy management via modeling of patient data access scenarios. J. Biomed. Inform. 41(6), 1028–1040 (2008)CrossRefGoogle Scholar
  10. 10.
    Yau, S.S., Yao, Y., Banga, V.: Situation-aware access control for service-oriented autonomous decentralized systems. In: Proceedings of the 2005 International Symposium on Autonomous Decentralized Systems, ISADS 2005 (2005)Google Scholar
  11. 11.
    Ahn, G.J., Sandhu, R.: Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3(4), 207–226 (2000)CrossRefGoogle Scholar
  12. 12.
    Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41–55. Springer, Heidelberg (2012). Scholar
  13. 13.
    Yuan, E., Tong, J.: Attribute based access control (ABAC) for web services. In: ICWS 2005 - International Conference on Web Services (2005)Google Scholar
  14. 14.
    Kencana Ramli, C.D.P., Nielson, H.R., Nielson, F.: The logic of XACML. In: Arbab, F., Ölveczky, P.C. (eds.) FACS 2011. LNCS, vol. 7253, pp. 205–222. Springer, Heidelberg (2012). Scholar
  15. 15.
    Glombiewski, N., Hoßbach, B., Morgen, A., Ritter, F., Seeger, B.: Event processing on your own database. In: BTW Workshops, pp. 33–42 (2013)Google Scholar
  16. 16.
    Hasan, S., Curry, E., Banduk, M., O’Riain, S.: Toward situation awareness for the semantic sensor web: complex event processing with dynamic linked data enrichment. SSN 839, 69–81 (2011)Google Scholar
  17. 17.
    Häussermann, K., Hubig, C., Levi, P., Leymann, F., Simoneit, O., Wieland, M., Zweigle, O.: Understanding and designing situation-aware mobile and ubiquitous computing systems. In: Proceedings of International Conference on Mobile Ubiquitous and Pervasive Computing, pp. 329–339 (2010)Google Scholar
  18. 18.
    Wang, X., Zhang, D.Q., Gu, T., Pung, H.: Ontology based context modeling and reasoning using OWL. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops. IEEE Computer Society (2004)Google Scholar
  19. 19.
    Brumitt, B., Meyers, B., Krumm, J., Kern, A., Shafer, S.: EasyLiving: technologies for intelligent environments. In: Thomas, P., Gellersen, H.-W. (eds.) HUC 2000. LNCS, vol. 1927, pp. 12–29. Springer, Heidelberg (2000). Scholar
  20. 20.
    Dargie, W., Mendez, J., Mobius, C., Rybina, K., Thost, V., Turhan, A.Y., et al.: Situation recognition for service management systems using OWL 2 reasoners. In: Proceedings of the 10th IEEE Workshop on Context Modeling and Reasoning 2013, pp. 31–36. IEEE Computer Society (2013)Google Scholar
  21. 21.
    Attard, J., Scerri, S., Rivera, I., Handschuh, S.: Ontology-based situation recognition for context-aware systems. In: Proceedings of the 9th International Conference on Semantic Systems, pp. 113–120. ACM (2013)Google Scholar
  22. 22.
    Hirmer, P., Wieland, M., Breitenbücher, U., Mitschang, B.: Automated sensor registration, binding and sensor data provisioning. In: Proceedings of the CAiSE 2016 Forum, at the 28th International Conference on Advanced Information Systems Engineering (CAiSE 2016), CEUR Workshop Proceedings, vol. 1612. (2016)Google Scholar
  23. 23.
    Hirmer, P., Wieland, M., Breitenbücher, U., Mitschang, B.: Dynamic ontology-based sensor binding. In: Pokorný, J., Ivanović, M., Thalheim, B., Šaloun, P. (eds.) ADBIS 2016. LNCS, vol. 9809, pp. 323–337. Springer, Cham (2016). Scholar
  24. 24.
    Ferraiolo, D., Kuhn, R., Hu, V.: Attribute-based access control. In: Computer, vol. 48. IEEE Computer Society (2015)Google Scholar
  25. 25.
    Hüffmeyer, M., Schreier, U.: Analysis of an access control system for RESTful services. In: Bozzon, A., Cudre-Maroux, P., Pautasso, C. (eds.) ICWE 2016. LNCS, vol. 9671, pp. 373–380. Springer, Cham (2016). Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  • Marc Hüffmeyer
    • 1
  • Pascal Hirmer
    • 2
  • Bernhard Mitschang
    • 2
  • Ulf Schreier
    • 1
  • Matthias Wieland
    • 2
  1. 1.Hochschule Furtwangen UniversityFurtwangen im SchwarzwaldGermany
  2. 2.Universität StuttgartStuttgartGermany

Personalised recommendations