Attribute-Role-Based Hybrid Access Control in the Internet of Things

Kaiwen, Sun; Lihua, Yin

doi:10.1007/978-3-319-11119-3_31

Attribute-Role-Based Hybrid Access Control in the Internet of Things

Sun Kaiwen^20,21 &
Yin Lihua²¹

Conference paper

1864 Accesses
24 Citations

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 8710))

Abstract

Internet of Things has been penetrating into many aspects of human lives as the Informationization develops rapidly in the world. And yet traditional access control models, such as RBAC, have some shortage on the environment of large-scale dynamic users due to the real time and dynamic characteristics of Internet of Things, resulting in various problems especially on the disclosure of private information. We propose an access control model based on attribute and role to solve the scenarios of large scale dynamics users. The model put forward a policy language of attribute rules and a method to solve the policy conflict and redundancy. We also illustrate the feasibility of the model with an example of Wechat. The results indicate our model could simplify the complexity of traditional ABAC in the aspect of permissions assignment and policy management.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Fang, B.X., Guo, Y.C., Zhou, Y.: Information Content Security on the Internet: the Control Model and Its Evaluation. J. Science in China Series F: Information Sciences 53, 30–49 (2010)
Google Scholar
Sandhu, R., Coyne, E., Feinstein, H., et al.: Role-Based Access Control Models. J. IEEE Computer 29, 38–47 (1996)
Article Google Scholar
Sandhu, R., Bhamidipati, V., Munawer, Q.: The ARBAC97 Model for Role-Based Administration of Roles. J. ACM Transactions on Information and System Security 2, 105–135 (1999)
Article Google Scholar
Sandhu, R., Munawer, Q.: The ARBAC99 Model for Administration of Roles. In: Proceedings of the15th Annual Computer Security Applications Conference (ACSAC 1999), pp. 229–238. IEEE Computer Society, USA (1996)
Google Scholar
Oh, S., Sandhu, R., Zhang, X.W.: An Effective Role Administration Model Using Organization Structure. J. ACM Transactions on Information and System Security 9, 113–137 (2006)
Article Google Scholar
Ferraiolo, D.F., Sandhu, R., Gavrila, S., et al.: Proposed NIST Standard for Role-Based Access Control. J. ACM Transactions on Information and System Security 4, 224–274 (2001)
Article Google Scholar
Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: A Spatially Aware RBAC. In: Proc. 10th ACM Symp., pp. C29–C37. SACMAT (2005)
Google Scholar
Chen, L., Crampton, J.: On Spatio-Temporal Constraints and Inheritance in Role-Based Access Control. In: Proc. ACM Symp., pp. C205–C216. ASIACCS (2008)
Google Scholar
Abdunabi, R., Al-Lail, M., Ray, I., et al.: Specification, Validation, and Enforcement of a Generalized Spatio-Temporal Role-Based Access Control Model. J. IEEE Systems Journal 7, 501–515 (2013)
Article Google Scholar
Al-Kahtani, M.A., Sandhu, R.: A Model for Attribute-Based User-Role Assignment. In: Proceedings of the 18th Annual Computer Security Applications Conference, pp. 353–362. IEEE Computer Society, Washington (2008)
Google Scholar
Zhu, Y., Li, J., Zhang, Q.: General Attribute-Based RBAC Model for Web Services. J. Wuhan University Journal of Natural Sciences 13, 81–86 (2008)
Article MathSciNet Google Scholar
Yuan, E., Tong, J.: Attributed-Based Access Control (ABAC) for Web Services. In: Proceedings of the IEEE International Conference on Web Services, pp. 561–569. IEEE Computer Society, Washington (2005)
Google Scholar
Hong, F., Yao, S., Duan, S.: Attribute-Based Model of Permissions-Role Assignment. J. Computer Applications 24, 153–155 (2004) (in Chinese)
Google Scholar
Hu, Y.: Graph-Based Network Security Strategy Research of Conflict. Master’s Degree Thesis of Nanhua University (2007) (in Chinese)
Google Scholar

Download references

Author information

Authors and Affiliations

Beijing University of Posts and Telecommunications, Beijing, 100876, China
Sun Kaiwen
Institute of Information Engineering, CAS, Beijing, 100093, China
Sun Kaiwen & Yin Lihua

Authors

Sun Kaiwen
View author publications
You can also search for this author in PubMed Google Scholar
Yin Lihua
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

School of Computer Science, National University of Defense Technology, 410073, Changsha, China
Weihong Han
School of Information Technology & Electrical Engineering, University of Queensland, 4107, Brisbane, QLD, Australia
Zi Huang
School of Computer and Communication Engineering, University of Science and Technology Beijing, 100083, Beijing, China
Changjun Hu
School of Computer Science and Technology, Harbin Institute of Technology, 150006, Harbin, China
Hongli Zhang
Institute of Information Engineering, Chinese Academy of Sciences, 100864, Beijing, China
Li Guo

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kaiwen, S., Lihua, Y. (2014). Attribute-Role-Based Hybrid Access Control in the Internet of Things. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds) Web Technologies and Applications. APWeb 2014. Lecture Notes in Computer Science, vol 8710. Springer, Cham. https://doi.org/10.1007/978-3-319-11119-3_31

Download citation

DOI: https://doi.org/10.1007/978-3-319-11119-3_31
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11118-6
Online ISBN: 978-3-319-11119-3
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics