User-trust centric lightweight access control for smart IoT crowd sensing applications in healthcare systems

Abstract

The Internet of Things (IoT) enables healthcare systems to handle emergencies, where multiple authorities interact to perform tasks. Prevention of unauthorized access and defining access domains for legitimate users are crucial. Attribute-Based Access Control System (ABACS) techniques play a vital role in defining boundaries in a multi-agent environment. However, adopting traditional ABAC in IoT-based resource-constrained networks is not feasible. This research analyzes the effects of attributes as key performance metrics, including execution time, memory overhead, and computational complexities. To address these challenges, this research proposes a Physical-Social Attributes Access Control Policy (PS-ABACS) framework that secures Multiparty Computation (SMC), symmetric encryption, and randomization-based access control methods. PS-ABASC introduces a lightweight two-party set intersection technique to generate an access policy. The analysis shows that the proposed technique is efficient in computing access policy and session key generation, and less number of attributes based on randomness characteristics is appropriate for resource-constrained networks. Moreover, it demonstrates advancements by reducing memory usage up to 0.048 KB for 60 attributes. The framework generates session keys proficiently, encrypts data, and minimizes computational expenses through a randomized attribute vector. In terms of communication overhead, the framework surpasses expectations by supporting up to 100 attributes, resulting in a reduction of transmission costs to 1120 bits. Overall, this framework improves security, reduces resource consumption, and enhances data exchange efficiency in IoT ecosystems.