Developing an Adaptive Risk-Based Access Control Model for the Internet of Things

Atlam, Hany F.; Alenezi, Ahmed; Walters, Robert John; Wills, Gary; Daniel, Joshua

doi:10.1109/ithings-greencom-cpscom-smartdata.2017.103

Cited by 71 publications

(35 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…According to [34], [35] Fig.1, user/agent context, resource sensitivity, action severity and risk history. These inputs/risk factors are used to estimate the security risk associated with each access request.…”

Section: Access Control Requirements In the Iotmentioning

confidence: 99%

“…A risk metric is assigned to each resource in the IoT system depending on how valuable the resource data is to the owner. For instance, the higher the data sensitivity, the higher the risk metric associated with the resource [34].…”

Section: Access Control Requirements In the Iotmentioning

confidence: 99%

“…This is because the risk history reflects previous users' behaviour patterns. Moreover, it is used to identify good and bad authorised users and predict the user future behaviour [34].…”

Section: Access Control Requirements In the Iotmentioning

confidence: 99%

See 2 more Smart Citations

Validation of an Adaptive Risk-based Access Control Model for the Internet of Things

Atlam¹,

Alenezi²,

Hussein³

et al. 2018

IJCNIS

Self Cite

View full text Add to dashboard Cite

Abstract-The Internet of Things (IoT) has spread into multiple dimensions that incorporate different physical and virtual things. These things are connected together using different communication technologies to provide unlimited services. These services help not only to improve the quality of our daily lives, but also to provide a communication platform for increasing object collaboration and information sharing. Like all new technologies, the IoT has many security challenges that stand as a barrier to the successful implementation of IoT applications. These challenges are more complicated due to the dynamic and heterogeneous nature of IoT systems. However, authentication and access control models can be used to address the security issue in the IoT. To increase information sharing and availability, the IoT requires a dynamic access control model that takes not only access policies but also real-time contextual information into account when making access decisions. One of the dynamic features is the security risk. This paper proposes an Adaptive Risk-Based Access Control (AdRBAC) model for the IoT and discusses its validation using expert reviews. The proposed AdRBAC model conducts a risk analysis to estimate the security risk value associated with each access request when making an access decision. This model has four inputs/risk factors: user context, resource sensitivity, action severity and risk history. These risk factors are used to estimate a risk value associated with the access request to make the access decision. To provide the adaptive features, smart contracts will be used to monitor the user behaviour during access sessions to detect any malicious actions from the granted users. To validate and refine the proposed model, twenty IoT security experts from inside and outside the UK were interviewed. The experts have suggested valuable information that will help to specify the appropriate risk factors and risk estimation technique for implantation of the AdRBAC model.

show abstract

Section: Access Control Requirements In the Iotmentioning

confidence: 99%

Section: Access Control Requirements In the Iotmentioning

confidence: 99%

See 1 more Smart Citation

Validation of an Adaptive Risk-based Access Control Model for the Internet of Things

Atlam¹,

Alenezi²,

Hussein³

et al. 2018

IJCNIS

Self Cite

View full text Add to dashboard Cite

show abstract

“…It has generated technological changes that extend to a wide range of applications. Cisco predicted that by 2020, there will be more than 50 billion of connected things worldwide [25]. The IoT growth brings huge chances to make our lives easier with enhancing efficiency, productivity, and safety of many business applications [25].…”

Section: Iot With Aimentioning

confidence: 99%

“…Therefore, providing a secure IoT system is a compulsory task to continue its successful deployments in our environment [24]. The IoT is intrinsically vulnerable to most of the wireless common attacks because most IoT devices are connected through wireless networks that are hard to protect against different attacks such as man-in-the-middle attack and other attacks [25]. So, with AI, how security and privacy issues can be reduced?…”

Section: Security and Privacymentioning

confidence: 99%

Intelligence of Things: Opportunities & Challenges

Atlam

Walters

Wills

2018

2018 3rd Cloudification of the Internet of Things (CIoT)

Self Cite

View full text Add to dashboard Cite

The Internet of Things (IoT) is a promising technology that can connect and communicate virtual and physical objects globally. It allows billions of devices to be connected and communicate with each other to share information that creates new application and services. These services result in improving our quality of life. On the other hand, Artificial Intelligence (AI) is applied in many fields of science. It aims to understand techniques that require an intelligent action and solve complex problems. Integrating IoT with AI will create a powerful technology that can solve many of IoT problems that relate to the huge amount of data created by different IoT devices. With the huge analytic capabilities of AI, IoT data can be analysed efficiently to extract meaningful information. In addition, AI can help IoT devices to interact with humans and other objects intelligently and make autonomous decisions. This paper provides an overview of the integration of the IoT with AI by highlighting the integration benefits and opportunities of AI in different IoT applications. Challenges standing in the way of successful convergence of IoT with AI are also discussed. We can conclude that the integration of AI with IoT will generate a robust technology that can help companies to avoid unplanned downtime, increase operating efficiency, and enable new IoT applications and services.

show abstract

Internet of Things and Blockchain

Sharma

2021

Blockchain for Business

View full text Add to dashboard Cite

Developing an Adaptive Risk-Based Access Control Model for the Internet of Things

Cited by 71 publications

References 27 publications

Validation of an Adaptive Risk-based Access Control Model for the Internet of Things

Validation of an Adaptive Risk-based Access Control Model for the Internet of Things

Intelligence of Things: Opportunities & Challenges

Internet of Things and Blockchain

Contact Info

Product

Resources

About