TY - JOUR
T1 - Design and implementation of a secure and flexible access-right delegation for resource constrained environments
AU - Rabehaja, Tahiry
AU - Pal, Shantanu
AU - Hitchens, Michael
PY - 2019/10/1
Y1 - 2019/10/1
N2 - With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.
AB - With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.
KW - Access control
KW - Constrained environment
KW - Delegation
KW - Internet of Things
KW - Policy management
KW - Security
UR - http://www.scopus.com/inward/record.url?scp=85065518722&partnerID=8YFLogxK
U2 - 10.1016/j.future.2019.04.035
DO - 10.1016/j.future.2019.04.035
M3 - Article
AN - SCOPUS:85065518722
SN - 0167-739X
VL - 99
SP - 593
EP - 608
JO - Future Generation Computer Systems
JF - Future Generation Computer Systems
ER -