Policy-based access control for constrained healthcare resources

Shantanu Pal, Michael Hitchens, Vijay Varadharajan, Tahiry Rabehaja

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

4 Citations (Scopus)

Abstract

In this paper, we propose an access control architecture for constrained healthcare resources in the IoT. Our policy-based approach provides fine-grained access for authorised users to services while protecting valuable resources from unauthorised access. We use a hybrid approach by employing attributes, roles and capabilities for our authorisation design. We apply attributes for role membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on further attributes of the user and are then used to access specific services provided by IoT devices. This significantly reduces the number of policies required for specifying access control settings. The proposed scheme is XACML driven. Our approach requires very little additional overhead when compared to other proposals employing capabilities for access control in the IoT. We have implemented a proof of concept prototype and provide a performance evaluation of the implementation.

Original languageEnglish
Title of host publication19th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2018
Place of PublicationPiscataway, NJ
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages1-4
Number of pages4
ISBN (Electronic)9781538647257
ISBN (Print)9781538647240
DOIs
Publication statusPublished - 28 Aug 2018
Event19th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2018 - Chania, Greece
Duration: 12 Jun 201815 Jun 2018

Conference

Conference19th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2018
CountryGreece
CityChania
Period12/06/1815/06/18

Fingerprint Dive into the research topics of 'Policy-based access control for constrained healthcare resources'. Together they form a unique fingerprint.

Cite this