Skip to main content
SpringerLink
Log in

Handling Meta Attribute Information in Usage Control Policies (Short Paper)

  • Conference paper
  • First Online:
Emerging Technologies for Authorization and Authentication (ETAA 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13136))

  • 598 Accesses

Abstract

This work builds on top of an architecture and prototype implementation of a novel trust-aware continuous authorization technology that targets consumer Internet of Things (IoT), e.g., Smart Home to introduce a novel trust algorithm and meta attribute evaluation. Our approach extends previous work in two complementary ways: (1) By introducing a novel set of meta attributes that characterize the values of condition attributes such as Time To Live. This set of meta attributes serves as additional information that can be used by the system in order to proper caching attribute values or deciding whether or not to use an attribute already retrieved or to ask for a fresh one. (2) By minimizing the network consumption related to requesting additional and fresh attributes to sensor in IoT environments. Network is the source of major energy consumption in IoT devices, therefore being able to minimize network consumption is beneficial for the whole system.

The research reported is part of a Huawei R&D project in cooperation with Security Forge. We would also like to acknowledge the contribution of the following colleagues: Yair Diaz and Liu Jignag at the Munich Research Center; Michael Shurman, Eyal Rundstein, Dror Moyal, Nir Makmal, Avi Halaf, Ido Zak, Daniel Bibi, Ye Zongbo at the Israel Research Center and of Professor Eyal Winter, Hebrew University, Israel.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 44.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 59.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    https://www.gov.uk/government/consultations/consultation-on-regulatory-proposals-on-consumer-iot-security.

References

  1. Castelfranchi, C., Falcone, R.: Trust is much more than subjective probability: mental components and sources of trust. In: (HICSS-33), Hawaii, USA (2000)

    Google Scholar 

  2. Dezert, J., et al.: Can we trust subjective logic for information fusion? In: FUSION 2014, Salamanca, Spain, pp. 1–8. IEEE (2014)

    Google Scholar 

  3. Dimitrakos, T., Brossard, D., de Leusse, P.: Securing business operations in an SOA. CoRR abs/1203.0429 (2012). http://arxiv.org/abs/1203.0429

  4. Dimitrakos, T., et al.: Trust aware continuous authorization for zero trust in consumer internet of things. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1801–1812 (2020). https://doi.org/10.1109/TrustCom50675.2020.00247

  5. Dimitrakos, T., Martrat, J., Wesner, S. (eds.): Service Oriented Infrastructures and Cloud Service Platforms for the Enterprise. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-04086-3

    Book  Google Scholar 

  6. Dimitrakos, T.: System models, e-risks and e-trust - towards bridging the gap? In: (I3E 2001), Zürich, Switzerland, vol. 202, pp. 45–58. Kluwer (2001)

    Google Scholar 

  7. Grandison, T., Sloman, M.: Trust management tools for internet applications. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 91–107. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-44875-6_7

    Chapter  MATH  Google Scholar 

  8. Heijden, R.W.V.D., Kopp, H., Kargl, F.: Multi-source fusion operations in subjective logic. In: FUSION 2018, Cambridge, UK, pp. 1990–1997. IEEE (2018)

    Google Scholar 

  9. Jøsang, A.: Subjective Logic - A Formalism for Reasoning Under Uncertainty. Artificial Intelligence: Foundations, Theory, and Algorithms, Springer, Cham (2016). https://doi.org/10.1007/978-3-319-42337-1

    Book  MATH  Google Scholar 

  10. Jøsang, A., Elouedi, Z.: Interpreting belief functions as Dirichlet distributions. In: Mellouli, K. (ed.) ECSQARU 2007. LNCS (LNAI), vol. 4724, pp. 393–404. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75256-1_36

    Chapter  Google Scholar 

  11. Jøsang, A., Keser, C., Dimitrakos, T.: Can we manage trust? In: Herrmann, P., Issarny, V., Shiu, S. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 93–107. Springer, Heidelberg (2005). https://doi.org/10.1007/11429760_7

    Chapter  Google Scholar 

  12. Lazouski, A., Martinelli, F., Mori, P.: A prototype for enforcing usage control policies based on XACML. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 79–92. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32287-7_7

    Chapter  Google Scholar 

  13. de Leusse, P., et al.: Self Managed Security Cell, a security model for the Internet of Things and Services. CoRR abs/1203.0439 (2012)

    Google Scholar 

  14. Liu, B.: A Survey on Trust Modeling from a Bayesian Perspective. CoRR abs/1806.03916 (2018). http://arxiv.org/abs/1806.03916

  15. Lund, M.S., Solhaug, B., Stølen, K.: Evolution in relation to risk and trust management. IEEE Comput. 43(5), 49–55 (2010)

    Article  Google Scholar 

  16. Marsh, S.P.: Formalising trust as a computational concept. University of Sterling, Technical repot (1994)

    Google Scholar 

  17. Nguyen, T.D., Bai, Q.: A dynamic Bayesian network approach for agent group trust evaluation. Comput. Hum. Behav. 89, 237–245 (2018)

    Article  Google Scholar 

  18. OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0, January 2013. http://www.oasis-open.org/committees/xacml

  19. OASIS: Abbreviated language for authorization Version 1.0 (2015). https://bit.ly/2UP6Jza

  20. Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1), 128–174 (2004)

    Article  Google Scholar 

  21. Rafailidis, D.: Bayesian deep learning with trust and distrust in recommendation systems. In: IEEE/WIC/ACM, WI 2019, Thessaloniki, Greece, pp. 18–25 (2019)

    Google Scholar 

  22. Shirey, R.: Internet Security Glossary (2007). https://bit.ly/2UP77xC

  23. Vishi, K., Jøsang, A.: A new approach for multi-biometric fusion based on subjective logic. In: IML 2017, Liverpool, UK. ACM (2017)

    Google Scholar 

  24. Zhang, L., Zou, J.: Research of ABAC mechanism based on the improved encryption algorithm under cloud environment. In: Park, J., Pan, Y., Chao, H.C., Yi, G. (eds.) Ubiquitous Computing Application and Wireless Sensor. LNEE, vol. 331, pp. 463–469. Springer, Dordrecht (2015). https://doi.org/10.1007/978-94-017-9618-7_46

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. German Research Center, Huawei Technologies Duesseldorf GmbH, Munich, Germany

    Theo Dimitrakos, Tezcan Dilshener & Athanasios Rizos

  2. School of Computing, University of Kent, Canterbury, UK

    Theo Dimitrakos

  3. European Business School University, Munich, Germany

    Tezcan Dilshener

  4. Israel Research Center, Huawei Technologies Co., Tel Aviv, Israel

    Alexander Kravtsov

  5. Security Forge, Pisa, Italy

    Antonio La Marra & Alessandro Rosetti

  6. Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, Pisa, Italy

    Fabio Martinelli

Authors
  1. Theo Dimitrakos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tezcan Dilshener
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Alexander Kravtsov
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Antonio La Marra
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fabio Martinelli
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Athanasios Rizos
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Alessandro Rosetti
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Athanasios Rizos .

Editor information

Editors and Affiliations

  1. Consiglio Nazionale delle Ricerche, Pisa, Italy

    Andrea Saracino

  2. Institute of Informatics and Telematics, Pisa, Italy

    Paolo Mori

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dimitrakos, T. et al. (2021). Handling Meta Attribute Information in Usage Control Policies (Short Paper). In: Saracino, A., Mori, P. (eds) Emerging Technologies for Authorization and Authentication. ETAA 2021. Lecture Notes in Computer Science(), vol 13136. Springer, Cham. https://doi.org/10.1007/978-3-030-93747-8_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-93747-8_10

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-93746-1

  • Online ISBN: 978-3-030-93747-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation