Hybrid Approaches (ABAC and RBAC) Toward Secure Access Control in Smart Home IoT

IF 7 2区 计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE
Safwa Ameer, James O. Benson, R. Sandhu
{"title":"Hybrid Approaches (ABAC and RBAC) Toward Secure Access Control in Smart Home IoT","authors":"Safwa Ameer, James O. Benson, R. Sandhu","doi":"10.1109/TDSC.2022.3216297","DOIUrl":null,"url":null,"abstract":"Smart homes are interconnected homes in which a wide variety of digital devices with limited resources communicate with multiple users and among themselves using multiple protocols. The deployment of resource-limited devices and the use of a wide range of technologies expand the attack surface and position the smart home as a target for many potential security threats. Access control is among the top security challenges in smart home IoT. Several access control models have been developed or adapted for IoT in general, with a few specifically designed for the smart home IoT domain. Most of these models are built on the role-based access control (RBAC) model or the attribute-based access control (ABAC) model. However, recently some researchers demonstrated that the need arises for a hybrid model combining ABAC and RBAC, thereby incorporating the benefits of both models to better meet IoT access control challenges in general and smart homes requirements in particular. In this paper, we used two approaches to develop two different hybrid models for smart home IoT. We followed a role-centric approach and an attribute-centric approach to develop HyBAC<inline-formula><tex-math notation=\"LaTeX\">$_{RC}$</tex-math><alternatives><mml:math><mml:msub><mml:mrow/><mml:mrow><mml:mi>R</mml:mi><mml:mi>C</mml:mi></mml:mrow></mml:msub></mml:math><inline-graphic xlink:href=\"ameer-ieq1-3216297.gif\"/></alternatives></inline-formula> and HyBAC<inline-formula><tex-math notation=\"LaTeX\">$_{AC}$</tex-math><alternatives><mml:math><mml:msub><mml:mrow/><mml:mrow><mml:mi>A</mml:mi><mml:mi>C</mml:mi></mml:mrow></mml:msub></mml:math><inline-graphic xlink:href=\"ameer-ieq2-3216297.gif\"/></alternatives></inline-formula>, respectively. We formally define these models and illustrate their features through a use case scenario demonstration. We further provide a proof-of-concept implementation for each model in Amazon Web Services (AWS) IoT platform. Finally, we conduct a theoretical comparison between the two models proposed in this paper in addition to the EGRBAC model (RBAC model for smart home IoT) and HABAC model (ABAC model for smart home IoT), which were previously developed to meet smart homes’ challenges.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":null,"pages":null},"PeriodicalIF":7.0000,"publicationDate":"2023-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Dependable and Secure Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2022.3216297","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 2

Abstract

Smart homes are interconnected homes in which a wide variety of digital devices with limited resources communicate with multiple users and among themselves using multiple protocols. The deployment of resource-limited devices and the use of a wide range of technologies expand the attack surface and position the smart home as a target for many potential security threats. Access control is among the top security challenges in smart home IoT. Several access control models have been developed or adapted for IoT in general, with a few specifically designed for the smart home IoT domain. Most of these models are built on the role-based access control (RBAC) model or the attribute-based access control (ABAC) model. However, recently some researchers demonstrated that the need arises for a hybrid model combining ABAC and RBAC, thereby incorporating the benefits of both models to better meet IoT access control challenges in general and smart homes requirements in particular. In this paper, we used two approaches to develop two different hybrid models for smart home IoT. We followed a role-centric approach and an attribute-centric approach to develop HyBAC$_{RC}$RC and HyBAC$_{AC}$AC, respectively. We formally define these models and illustrate their features through a use case scenario demonstration. We further provide a proof-of-concept implementation for each model in Amazon Web Services (AWS) IoT platform. Finally, we conduct a theoretical comparison between the two models proposed in this paper in addition to the EGRBAC model (RBAC model for smart home IoT) and HABAC model (ABAC model for smart home IoT), which were previously developed to meet smart homes’ challenges.
智能家居物联网安全访问控制的混合方法(ABAC和RBAC)
智能家居是一种相互连接的家庭,在这种家庭中,各种资源有限的数字设备使用多种协议与多个用户以及它们之间进行通信。资源有限设备的部署和广泛技术的使用扩大了攻击面,使智能家居成为许多潜在安全威胁的目标。访问控制是智能家居物联网中最大的安全挑战之一。已经为物联网开发或调整了几种访问控制模型,其中一些是专门为智能家居物联网领域设计的。这些模型大多建立在基于角色的访问控制(RBAC)模型或基于属性的访问控制(ABAC)模型之上。然而,最近一些研究人员表明,需要一种结合ABAC和RBAC的混合模型,从而结合两种模型的优点,以更好地满足物联网访问控制的挑战,特别是智能家居的需求。在本文中,我们使用两种方法来开发智能家居物联网的两种不同的混合模型。我们采用以角色为中心的方法和以属性为中心的方法分别开发HyBAC$_{RC}$RC和HyBAC$_{AC}$AC。我们正式定义这些模型,并通过用例场景演示说明它们的特性。我们进一步为亚马逊网络服务(AWS)物联网平台中的每个模型提供概念验证实现。最后,我们对本文提出的两种模型进行了理论比较,以及之前为应对智能家居挑战而开发的EGRBAC模型(智能家居物联网的RBAC模型)和HABAC模型(智能家居物联网的ABAC模型)。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
IEEE Transactions on Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing 工程技术-计算机:软件工程
CiteScore
11.20
自引率
5.50%
发文量
354
审稿时长
9 months
期刊介绍: The "IEEE Transactions on Dependable and Secure Computing (TDSC)" is a prestigious journal that publishes high-quality, peer-reviewed research in the field of computer science, specifically targeting the development of dependable and secure computing systems and networks. This journal is dedicated to exploring the fundamental principles, methodologies, and mechanisms that enable the design, modeling, and evaluation of systems that meet the required levels of reliability, security, and performance. The scope of TDSC includes research on measurement, modeling, and simulation techniques that contribute to the understanding and improvement of system performance under various constraints. It also covers the foundations necessary for the joint evaluation, verification, and design of systems that balance performance, security, and dependability. By publishing archival research results, TDSC aims to provide a valuable resource for researchers, engineers, and practitioners working in the areas of cybersecurity, fault tolerance, and system reliability. The journal's focus on cutting-edge research ensures that it remains at the forefront of advancements in the field, promoting the development of technologies that are critical for the functioning of modern, complex systems.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信