Access control framework for API-enabled devices in smart buildings

The area of smart homes is one of the most popular for deploying smart connected devices. One of the most vulnerable aspects of smart homes is access control. Recent advances in IoT have led to several access control models being developed or adapted to IoT from other domains, with few specifically designed to meet the challenges of smart homes. Most of these models use role-based access control (RBAC) or attribute-based access control (ABAC) models. As of now, it is not clear what the advantages and disadvantages of ABAC over RBAC are in general, and in the context of smart-home IoT in particular. In this paper, we introduce HABACα, an attribute-based access control model for smart-home IoT. We formally define HABACα and demonstrate its features through two use-case scenarios and a proof-of-concept implementation. Furthermore, we present an analysis of HABACα as compared to the previously published EGRBAC (extended generalized role-based access control) model for smart-home IoT by first describing approaches for constructing HABACα specification from EGRBAC and vice versa in order to compare the theoretical expressiveness power of these models, and second, analyzing HABACα and EGRBAC models against standard criteria for access control models. Our findings suggest that a hybrid model that combines both HABACα and EGRBAC capabilities may be the most suitable for smart-home IoT, and probably more generally.

show abstract

“…Some solutions rely on RBAC [22,23] (as in [5,8,[24][25][26][27][28][29]). Other solutions, however, rely on ABAC [30,31].…”

Section: Related Workmentioning

confidence: 99%

An Attribute-Based Approach toward a Secured Smart-Home IoT Access Control and a Comparison with a Role-Based Approach

2022

View full text Add to dashboard Cite

show abstract

“…Another framework for securing API-enabled IoT devices in smart buildings [43] is also inspired by OAuth and uses JSON Web Tokens. The proposed security manager is split into two services to enable better scalability.…”

Section: Authorizationmentioning

confidence: 99%

“…The works we considered that apply or adapt existing technologies and methods from other security domains to the IoT environment often consider OAuth 2 technology [19,24,29,41,43]. Two proposals also adopt the WS-Security specification to IoT devices and communication between them [30,49].…”

Section: Existing Versus Novel Approachesmentioning

confidence: 99%

“…In summary, there are various novel proposals [33,36,39,40,42,45,48,50], especially focusing on distributed solutions [33,39,40,45,48,50], that potentially suit the IoT environment better in terms of scalability, maintainability, and flexibility, but due to their novelty it is difficult or impossible to predict which ideas might be adopted or see wide use. A significant amount of research [19,23,29,30,34,41,43,49] is focused on adoption of existing technologies; all exhibit promising results.…”

Section: Existing Versus Novel Approachesmentioning

confidence: 99%

“…Users, on the other hand, may find monotonous or continual-load requirements onerous at best and impossible at worst. Given these differences in capability, the adaptation of existing M2M security technologies [21,30,34,43,55] works well for IoT scenarios where a user is not required. Proposals exist for M2M authentication even with low-resource devices [20,44,45].…”

Section: User Versus Device-centrismmentioning

confidence: 99%

See 2 more Smart Citations

Survey of Authentication and Authorization for the Internet of Things

Trnka

Černý

Stickney

2018

Security and Communication Networks

View full text Add to dashboard Cite

The Internet of Things is currently getting significant interest from the scientific community. Academia and industry are both focused on moving ahead in attempts to enhance usability, maintainability, and security through standardization and development of best practices. We focus on security because of its impact as one of the most limiting factors to wider Internet of Things adoption. Numerous research areas exist in the security domain, ranging from cryptography to network security to identity management. This paper provides a survey of existing research applicable to the Internet of Things environment at the application layer in the areas of identity management, authentication, and authorization. We survey and analyze more than 200 articles, categorize them, and present current trends in the Internet of Things security domain.

show abstract

UML design for access control architecture in smart building application

Chaabane

Rodriguez

Belkhiria

2023

Concurrency and Computation

View full text Add to dashboard Cite

SummaryCyber physical systems are complex systems to build and implement, electronic devices and concepts such as the energy saving, the user comfort and the privacy of sensitive data. In the physical world, buildings represent a major part of total energy consumption, that's why improving the energy efficiency levels of buildings is topical by which the emergence of smart buildings. Since, even if efforts are being made in normalizing the process of energy saving management while maintaining a high level of users' comfort, managing the access control in smart buildings systems remains an ad‐hoc process. This is why a number of researches focus on the design and implementation of solutions aimed at covering the process of access control management. In the context of developing a smart building application, already developed in our laboratory, we have set up an access control management system to manage users' access. We present the design of an access control architecture, using the Unified Modeling Language, upon the smart building application which is the subject of a maintenance work. The designed solution is implemented with the purpose of evolving the application to be used by multiple users. The implemented access control solution is an extended role‐based access control model.

show abstract

Access control framework for API-enabled devices in smart buildings

Cited by 21 publications

References 14 publications

An Attribute-Based Approach toward a Secured Smart-Home IoT Access Control and a Comparison with a Role-Based Approach

An Attribute-Based Approach toward a Secured Smart-Home IoT Access Control and a Comparison with a Role-Based Approach

Survey of Authentication and Authorization for the Internet of Things

UML design for access control architecture in smart building application

Contact Info

Product

Resources

About