Design and implementation of a secure and flexible access-right delegation for resource constrained environments

Research output: Contribution to journalArticleResearchpeer-review

Abstract

With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.

LanguageEnglish
Pages593-608
Number of pages16
JournalFuture Generation Computer Systems
Volume99
DOIs
Publication statusPublished - 1 Oct 2019

Fingerprint

Access control
Cryptography
Internet of things
Bandwidth
Data storage equipment
Communication

Keywords

  • Access control
  • Constrained environment
  • Delegation
  • Internet of Things
  • Policy management
  • Security

Cite this

@article{4e5a9333430f4ff78484c80b5187dd40,
title = "Design and implementation of a secure and flexible access-right delegation for resource constrained environments",
abstract = "With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.",
keywords = "Access control, Constrained environment, Delegation, Internet of Things, Policy management, Security",
author = "Tahiry Rabehaja and Shantanu Pal and Michael Hitchens",
year = "2019",
month = "10",
day = "1",
doi = "10.1016/j.future.2019.04.035",
language = "English",
volume = "99",
pages = "593--608",
journal = "Future Generation Computer Systems",
issn = "0167-739X",
publisher = "Elsevier",

}

TY - JOUR

T1 - Design and implementation of a secure and flexible access-right delegation for resource constrained environments

AU - Rabehaja, Tahiry

AU - Pal, Shantanu

AU - Hitchens, Michael

PY - 2019/10/1

Y1 - 2019/10/1

N2 - With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.

AB - With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.

KW - Access control

KW - Constrained environment

KW - Delegation

KW - Internet of Things

KW - Policy management

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85065518722&partnerID=8YFLogxK

U2 - 10.1016/j.future.2019.04.035

DO - 10.1016/j.future.2019.04.035

M3 - Article

VL - 99

SP - 593

EP - 608

JO - Future Generation Computer Systems

T2 - Future Generation Computer Systems

JF - Future Generation Computer Systems

SN - 0167-739X

ER -