Towards a Fine-Grained Access Control Mechanism for Privacy Protection and Policy Conflict Resolution

Son, Ha Xuan; Chen, En

doi:10.14569/ijacsa.2019.0100265

Cited by 28 publications

(12 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Moreover, instead of dealing with security requirements such as collecting data from IoT devices, defining roles for each data user, this paper focuses on data management in the Microsoft’s Azure cloud. These above solutions did not solve the key problems of access control in the IoT platform; it merely introduced the traditional solution for data protection based on the RBAC model ( Son & Chen, 2019 ).…”

Section: Related Workmentioning

confidence: 99%

BMDD: a novel approach for IoT platform (broker-less and microservice architecture, decentralized identity, and dynamic transmission messages)

Nguyen

et al. 2022

PeerJ Computer Science

View full text Add to dashboard Cite

Undeniably, Internet of Things (IoT) devices are gradually getting better over time; and IoT-based systems play a significant role in our lives. The pervasiveness of the new essential service models is expanding, and includes self-driving cars, smart homes, smart cities, as well as promoting the development of some traditional fields such as agriculture, healthcare, and transportation; the development of IoT devices has not shown any sign of cooling down. On the one hand, several studies are coming up with many scenarios for IoT platforms, but some critical issues related to performance, speed, power consumption, availability, security, and scalability are not yet fully resolved. On the other hand, IoT devices are manufactured and developed by different organizations and individuals; hence, there is no unified standard (uniformity of IoT devices), i.e., sending and receiving messages among them and between them and the upper layer (e.g., edge devices). To address these issues, this paper proposes an IoT Platform called BMDD (Broker-less and Microservice architecture, Decentralized identity, and Dynamic transmission messages) that has a combination of two architectural models, including broker-less and microservices, with cutting-edge technologies such as decentralized identity and dynamic message transmission. The main contributions of this article are five-fold, including: (i) proposing broker-less and microservice for the IoT platform which can reduce single failure point of brokering architecture, easy to scale out and improve failover; (ii) providing a decentralized authentication mechanism which is suitable for IoT devices attribute (i.e., mobility, distributed); (iii) applying the Role-Based Access Control (RBAC) model for the authorization process; (iv) exploiting the gRPC protocol combined with the Kafka message queue enhances transmission rates, transmission reliability, and reduces power consumption in comparison with MQTT protocol; and (v) developing a dynamic message transmission mechanism that helps users communicate with any device, regardless of the manufacturer, since it provides very high homogeneity.

show abstract

Section: Related Workmentioning

confidence: 99%

BMDD: a novel approach for IoT platform (broker-less and microservice architecture, decentralized identity, and dynamic transmission messages)

Nguyen

et al. 2022

PeerJ Computer Science

View full text Add to dashboard Cite

show abstract

“…To develop a larger scenario and increase the number of devices/users authorized quickly, other security issues such as security, privacy, availability for objects are still the challenges. For the security aspect, further works will be deployed in different scenarios like healthcare environment [25], [26], [27], cash on delivery [28], [29]. For the privacy aspect, we will exploit attribute-based access control (ABAC) [30], [31] to manage the authorization process of the SIP-MBA Platform via the dynamic policy approach [32], [33], [34].…”

Section: Future Workmentioning

confidence: 99%

SIP-MBA: A Secure IoT Platform with Brokerless and Micro-service Architecture

Thanh¹,

Phien²,

Nguyen³

et al. 2021

IJACSA

Self Cite

View full text Add to dashboard Cite

The Internet of Things is one of the most interesting technology trends today. Devices in the IoT network are often geared towards mobility and compact in size, thus having a rather weak hardware configuration. There are many light weight protocols, tailor-made suitable for limited processing power and low energy consumption, of which MQTT is the typical one. The current MQTT protocol supports three types of qualityof-service (QoS) and the user has to trade-off the security of the packet transmission by transmission rate, bandwidth and energy consumption. The MQTT protocol, however, does not support packet storage mechanisms which means that when the receiver is interrupted, the packet cannot be retrieved. In this paper, we present a broker-less SIP-MBA Platform, designed for micro-service and using gRPC protocol to transmit and receive messages. This design optimizes the transmission rate, power consumption and transmission bandwidth, while still meeting reliability when communicating. Besides, we implement users and things management mechanisms with the aim of improving security issues. Finally, we present the test results by implementing a collect data service via gRPC protocol and comparing it with streaming data by using the MQTT protocol.

show abstract

“…To develop a larger scenario and increase the number of devices/users authorized quickly, other security issues such as security, privacy, availability for objects are still the challenges. For the security aspect, further works will be deployed in different scenarios like healthcare environment [26], [27], [28], cash on delivery [29], [30]. For the privacy aspect, we will exploit attribute-based access control (ABAC) [31], [32] to manage the authorization process of the IoT Platform via the dynamic policy approach [33], [34], [35].…”

Section: E Future Workmentioning

confidence: 99%

UIP2SOP: A Unique IoT Network applying Single Sign-On and Message Queue Protocol

Thanh¹,

Phien²,

Vo³

et al. 2021

IJACSA

Self Cite

View full text Add to dashboard Cite

Internet of Things (IoT), currently, plays an importance role in our life, also, this is one of the most rapidly developing technology trends. However, the present structure has some limitation -one of these is the communication via clientserver model -the users, devices, and applications using IoT services where all the connection/requirement is managed at IoT service providers. On the one hand, the IoT service providers (e.g., individual, organization) have different method to manage their devices, services, and users. Thus, the unique standard (i.e., communication method among the service providers and between client server) is still the challenge for the developers. On the other hand, Message Queuing Telemetry Protocol (MQTT) that is one of the most popular protocols in IoT deployments, has significant security and privacy issues by itself (e.g., authentication, authorization, as well as privacy problem). Therefore, this paper proposes UIP2SOP -an unique IoT network by using Single Sign-On (SSO) and message queue to improve the MQTT protocol's security problem. Besides, this model allows the organizations to provide the IoT services to connect into a single network but does not change the architecture of organization at all. The evaluation section proves the effectiveness of our proposed model. In particular, we consider the number of concurrent users publishing messages simultaneously in the two scenarios i) internal communication and ii) external communication. In addition, we evaluate recovery ability of system when occurred broken connection. Finally, to engage further reproducibility and improvement, we share a complete code solution is publicized on the GitHub repository.

show abstract

Towards a Fine-Grained Access Control Mechanism for Privacy Protection and Policy Conflict Resolution

Cited by 28 publications

References 19 publications

BMDD: a novel approach for IoT platform (broker-less and microservice architecture, decentralized identity, and dynamic transmission messages)

BMDD: a novel approach for IoT platform (broker-less and microservice architecture, decentralized identity, and dynamic transmission messages)

SIP-MBA: A Secure IoT Platform with Brokerless and Micro-service Architecture

UIP2SOP: A Unique IoT Network applying Single Sign-On and Message Queue Protocol

Contact Info

Product

Resources

About