Hybrid Approaches (ABAC and RBAC) Toward Secure Access Control in Smart Home IoT

Ameer, Safwa; Benson, James; Sandhu, Ravi

doi:10.1109/tdsc.2022.3216297

Cited by 18 publications

(5 citation statements)

References 68 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a groundbreaking study [15] uses a hybrid method, namely the EGRBAC (RBAC) and HABAC (ABAC) models in smart home IoT. Where the research combines two methods based on role-centric and attribute-centric approaches in model building which produces HyBACRC and HyBACAC.…”

Section: Extensible Access Control Markup (Xacml)mentioning

confidence: 99%

“…Both RBAC and ABAC have their own advantages and disadvantages in big corporate applications. Therefore, there is a requirement for a hybrid access control model that combines the strengths of both models [15] [16].…”

Section: Introductionmentioning

confidence: 99%

“…Therefore, to further enhance the security and access management system, this research aims to introduce a novel approach by integrating both ABAC and RBAC models. In [15] hybrid model offers a starting point, but its applicability to digital evidence storage, with a specific emphasis on policy statement clarity, remains unexplored. This research proposes to utilize the hybrid ABAC and RBAC model in digital evidence storage, employing the eXtensible Access Control Markup Language (XACML) as the policy statement.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Unified Access Management for Digital Evidence Storage: Integrating Attribute-based and Role-based Access Control with XACML

Maulina,

Rasjid

2024

IJACSA

View full text Add to dashboard Cite

Digital evidence is stored in digital evidence storage. An access control system is crucial in situations where not all users can access digital evidence, ensuring that each user's access is limited to what is essential for them to do their jobs. As a result, access control must be included. Role-based access control (RBAC) and attribute-based access control (ABAC) are two of the several varieties of access control. Only the ABAC model is applied in digital evidence storage systems in the research that has been done. In order to get more precise findings, some academics have suggested combining these two models. In light of this, this study suggests a hybrid paradigm for digital evidence storage that combines the key components of both ABAC and RBAC. In addition to utilizing eXtensible Access Control Markup (XACML) throughout the policy statement creation process. A programming language called XACML uses the XML format to specify RBAC and ABAC rules. The study's findings demonstrate that the ABAC and RBAC models can function in accordance with the developed permit and deny test scenarios.

show abstract

Section: Extensible Access Control Markup (Xacml)mentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Unified Access Management for Digital Evidence Storage: Integrating Attribute-based and Role-based Access Control with XACML

Maulina,

Rasjid

2024

IJACSA

View full text Add to dashboard Cite

show abstract

“…The study [38], evaluates the proposed approach on a prototype smart home system and demonstrates its effectiveness in preventing unauthorized access and ensuring data privacy. The workflow primarily consists of four phases.…”

Section: A System Design and Architecturementioning

confidence: 99%

Fabrication of Flexible Role-Based Access Control Based on Blockchain for Internet of Things Use Cases

Zaidi,

Usman,

Aftab

et al. 2023

IEEE Access

View full text Add to dashboard Cite

The Internet of Things (IoT) connects many objects and allows continuous communication and data sharing has emerged as a revolutionary technology. However, expanding IoT devices has raised concerns regarding data security and access control. Traditional access control mechanisms face challenges in managing access rights, particularly in scenarios where multiple users with the same roles try to access several resources which may lead to conflicting roles. Additionally, there is also an overhead of system performance using traditional approaches. In existing studies, the main problem of conflict roles is not addressed or not even identified appropriately. This paper proposes a framework to address these challenges using blockchain technology and role-based access control with a smart contract implementation on the hyperledger fabric framework. The proposed methodology introduces a role management system that resolves conflicts based on predefined rules and user preferences. It employs a consensus mechanism to determine access permissions, ensuring fairness and accountability. The findings demonstrate that applying the suggested framework eliminates conflicting problems, improves system security and also provides better results in response times of twelve seconds on average for thirty-five concurrent user requests. It also provides a secure and transparent access control framework which improves response time and provides security based on roles.

show abstract

“…Technologies such as access control, encryption, and blockchain are fortunately capable of addressing the challenges faced by IoT data sharing. Access control stands out as a leading technology for securing IoT data, permitting users to access data within specified limits, legally [7][8][9]. It is widely recognized that conventional access control models provide only broad and coarse-grained access control, rendering them inadequate for the typical open environments of the IoT.…”

Section: Introductionmentioning

confidence: 99%

SDACS: Blockchain-Based Secure and Dynamic Access Control Scheme for Internet of Things

Gong,

Zhang,

Wei

et al. 2024

Sensors

View full text Add to dashboard Cite

With the rapid growth of the Internet of Things (IoT), massive terminal devices are connected to the network, generating a large amount of IoT data. The reliable sharing of IoT data is crucial for fields such as smart home and healthcare, as it promotes the intelligence of the IoT and provides faster problem solutions. Traditional data sharing schemes usually rely on a trusted centralized server to achieve each attempted access from users to data, which faces serious challenges of a single point of failure, low reliability, and an opaque access process in current IoT environments. To address these disadvantages, we propose a secure and dynamic access control scheme for the IoT, named SDACS, which enables data owners to achieve decentralized and fine-grained access control in an auditable and reliable way. For access control, attribute-based control (ABAC), Hyperledger Fabric, and interplanetary file system (IPFS) were used, with four kinds of access control contracts deployed on blockchain to coordinate and implement access policies. Additionally, a lightweight, certificateless authentication protocol was proposed to minimize the disclosure of identity information and ensure the double-layer protection of data through secure off-chain identity authentication and message transmission. The experimental and theoretical analysis demonstrated that our scheme can maintain high throughput while achieving high security and stability in IoT data security sharing scenarios.

show abstract

Hybrid Approaches (ABAC and RBAC) Toward Secure Access Control in Smart Home IoT

Cited by 18 publications

References 68 publications

Unified Access Management for Digital Evidence Storage: Integrating Attribute-based and Role-based Access Control with XACML

Unified Access Management for Digital Evidence Storage: Integrating Attribute-based and Role-based Access Control with XACML

Fabrication of Flexible Role-Based Access Control Based on Blockchain for Internet of Things Use Cases

SDACS: Blockchain-Based Secure and Dynamic Access Control Scheme for Internet of Things

Contact Info

Product

Resources

About