{"title":"一种基于能力的安全方法,用于管理物联网中的访问控制","authors":"Sergio Gusmeroli , Salvatore Piccione , Domenico Rotondi","doi":"10.1016/j.mcm.2013.02.006","DOIUrl":null,"url":null,"abstract":"<div><p>Resource and information protection plays a relevant role in distributed systems like the ones present in the Internet of Things (IoT). Authorization frameworks like RBAC and ABAC do not provide scalable, manageable, effective, and efficient mechanisms to support distributed systems with many interacting services and are not able to effectively support the dynamicity and scaling needs of IoT contexts that envisage a potentially unbound number of sensors, actuators and related resources, services and subjects, as well as a more relevance of short-lived, unplanned and dynamic interaction patterns. Furthermore, as more end-users start using smart devices (e.g. smart phones, smart home appliances, etc.) the need to have more scalable, manageable, understandable and easy to use access control mechanisms increases. This paper describes a capability based access control system that enterprises, or even individuals, can use to manage their own access control processes to services and information. The proposed mechanism supports rights delegation and a more sophisticated access control customization. The proposed approach is being developed within the European FP7 IoT@Work project to manage access control to some of the project’s services deployed in the shop floor.</p></div>","PeriodicalId":49872,"journal":{"name":"Mathematical and Computer Modelling","volume":"58 5","pages":"Pages 1189-1205"},"PeriodicalIF":0.0000,"publicationDate":"2013-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1016/j.mcm.2013.02.006","citationCount":"312","resultStr":"{\"title\":\"A capability-based security approach to manage access control in the Internet of Things\",\"authors\":\"Sergio Gusmeroli , Salvatore Piccione , Domenico Rotondi\",\"doi\":\"10.1016/j.mcm.2013.02.006\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Resource and information protection plays a relevant role in distributed systems like the ones present in the Internet of Things (IoT). Authorization frameworks like RBAC and ABAC do not provide scalable, manageable, effective, and efficient mechanisms to support distributed systems with many interacting services and are not able to effectively support the dynamicity and scaling needs of IoT contexts that envisage a potentially unbound number of sensors, actuators and related resources, services and subjects, as well as a more relevance of short-lived, unplanned and dynamic interaction patterns. Furthermore, as more end-users start using smart devices (e.g. smart phones, smart home appliances, etc.) the need to have more scalable, manageable, understandable and easy to use access control mechanisms increases. This paper describes a capability based access control system that enterprises, or even individuals, can use to manage their own access control processes to services and information. The proposed mechanism supports rights delegation and a more sophisticated access control customization. The proposed approach is being developed within the European FP7 IoT@Work project to manage access control to some of the project’s services deployed in the shop floor.</p></div>\",\"PeriodicalId\":49872,\"journal\":{\"name\":\"Mathematical and Computer Modelling\",\"volume\":\"58 5\",\"pages\":\"Pages 1189-1205\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-09-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1016/j.mcm.2013.02.006\",\"citationCount\":\"312\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Mathematical and Computer Modelling\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S089571771300054X\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Mathematical and Computer Modelling","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S089571771300054X","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A capability-based security approach to manage access control in the Internet of Things
Resource and information protection plays a relevant role in distributed systems like the ones present in the Internet of Things (IoT). Authorization frameworks like RBAC and ABAC do not provide scalable, manageable, effective, and efficient mechanisms to support distributed systems with many interacting services and are not able to effectively support the dynamicity and scaling needs of IoT contexts that envisage a potentially unbound number of sensors, actuators and related resources, services and subjects, as well as a more relevance of short-lived, unplanned and dynamic interaction patterns. Furthermore, as more end-users start using smart devices (e.g. smart phones, smart home appliances, etc.) the need to have more scalable, manageable, understandable and easy to use access control mechanisms increases. This paper describes a capability based access control system that enterprises, or even individuals, can use to manage their own access control processes to services and information. The proposed mechanism supports rights delegation and a more sophisticated access control customization. The proposed approach is being developed within the European FP7 IoT@Work project to manage access control to some of the project’s services deployed in the shop floor.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
