Abstract
In this paper, we propose an access control architecture for constrained healthcare resources in the IoT. Our policy-based approach provides fine-grained access for authorised users to services while protecting valuable resources from unauthorised access. We use a hybrid approach by employing attributes, roles and capabilities for our authorisation design. We apply attributes for role membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on further attributes of the user and are then used to access specific services provided by IoT devices. This significantly reduces the number of policies required for specifying access control settings. The proposed scheme is XACML driven. Our approach requires very little additional overhead when compared to other proposals employing capabilities for access control in the IoT. We have implemented a proof of concept prototype and provide a performance evaluation of the implementation.
| Original language | English |
|---|---|
| Title of host publication | 19th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2018 |
| Place of Publication | Piscataway, NJ |
| Publisher | Institute of Electrical and Electronics Engineers (IEEE) |
| Pages | 1-4 |
| Number of pages | 4 |
| ISBN (Electronic) | 9781538647257 |
| ISBN (Print) | 9781538647240 |
| DOIs | |
| Publication status | Published - 28 Aug 2018 |
| Event | 19th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2018 - Chania, Greece Duration: 12 Jun 2018 → 15 Jun 2018 |
Conference
| Conference | 19th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, WoWMoM 2018 |
|---|---|
| Country/Territory | Greece |
| City | Chania |
| Period | 12/06/18 → 15/06/18 |