Smart object-oriented access control: Distributed access control for the Internet of Things

Ensuring that data and devices are secure is of critical importance to information technology. While access control has held a key role in traditional computer security, its role in the evolving Internet of Things is less clear. In particular, the access control literature has suggested that new challenges, such as multi-user controls, fine-grained controls, and dynamic controls, prompt a foundational re-thinking of access control. We analyse these challenges, finding instead that the main foundational challenge posed by the Internet of Things involves decentralization: accurately describing access control in Internet of Things environments (e.g., the Smart Home) requires a new model of multiple, independent access control systems. To address this challenge, we propose a meta-model (i.e., a model of models): Smart Object-Oriented Access Control (SOOAC). This model is an extension of the XACML framework, built from principles relating to modularity adapted from object-oriented programming and design. SOOAC draws attention to a new class of problem involving the resolution of policy conflicts that emerge from the interaction of smart devices in the home. Contrary to traditional (local) policy conflicts, these global policy conflicts emerge when contradictory policies exist across multiple access control systems. We give a running example of a global policy conflict involving transitive access. To automatically avoid global policy conflicts before they arise, we extend SOOAC with a recursive algorithm through which devices communicate access requests before allowing or denying access themselves. This algorithm ensures that both individual devices and the collective smart home are secure. We implement SOOAC within a prototype smart home and assess its validity in terms of effectiveness and efficiency. Our analysis shows that SOOAC is successful at avoiding policy conflicts before they emerge, in real time. Finally, we explore improvements that can be made to SOOAC and suggest directions for future work

UbiPAL : secure messaging and access control for ubiquitous computing

textThe ubiquitous computing environment and modern trends in personal computing, such as body sensor networks and smart houses, create unique challenges in privacy and access control. Lack of centralized computing and the dynamic nature of human environments and access rules render most access control systems insufficient for this new category of systems. UbiPAL is an object-oriented communication framework for ubiquitous systems which provides secure communication and decentralized access control. UbiPAL uses a modified SecPAL implementation to provide reliable, ad hoc access control. The UbiPAL system uses cryptographically signed, publicly held namespace certificates and access control lists in the style of TLS certificates. This approach allows message authentication and authorization in an ad hoc, completely decentralized method while maintaining human readability of policy language. UbiPAL was implemented as a C++ library, made freely available at (1), and evaluated to have minimized overhead. Even on the slowest device evaluated, a Raspberry Pi, UbiPAL authentication and authorization adds less than 20 milliseconds to the delivery a message with a message overhead of 153 bytes. The UbiPAL programming model separates access policy from application programming and results in small amounts of code required from the application programmer, creating an accessible paradigm for programming ubiquitous computing systems.Computer Science

Development and Validation of on-board systems control laws

Purpose - The purpose of this paper is to describe the tool and procedure developed in order to design the control laws of several UAV (Unmanned Aerial Vehicle) sub-systems. The authors designed and developed the logics governing: landing gear, nose wheel steering, wheel braking, and fuel system. Design/methodology/approach - This procedure is based on a general purpose, object-oriented, simulation tool. The development method used is based on three-steps. The main structure of the control laws is defined through flow charts; then the logics are ported to ANSI-C programming language; finally the code is implemented inside the status model. The status model is a Matlab-Simulink model, which uses an embedded Matlab-function to model the FCC (Flight Control Computer). The core block is linked with the components, but cannot access their internal model. Interfaces between FCCs and system components in the model reflect real system ones. Findings - The user verifies systems' reactions in real time, through the status model. Using block-oriented approach, development of the control laws and integration of several systems is faster. Practical implications - The tool aims to test and validate the control laws dynamically, helping specialists to find out odd logics or undesired responses, during the pre-design. Originality/value - The development team can test and verify the control laws in various failure scenarios. This tool allows more reliable and effective logics to be produced, which can be directly used on the system

ReMoTe: A complete tool to support software process management

The purpose of the project is to provide the Department of Computer Science at California State University, San Bernardino with a software project management tool that will help companies in their software development. ReMoTe (Recursively Estimating Multi-Threaded Observation Technology Enterprise) will assist software engineering teams with defining their scheduled delivery dates, life-cycle definitions, team hierarchy, and communication. Using the object-oriented approach, ReMoTe can support any software life cycle model. ReMoTe can help manage and control the software process over the Web. It also allows people to manage software artifacts using database systems such as mySQL, Microsoft Access, or Oracle

Commercial Integrity, Roles And Object-orientation

This thesis presents a study of realizing commercial security, as defined in the Clark and Wilson Model (CW87), using Object-Oriented (O-O) concepts.;Role-based security is implied in the Clark and Wilson model in which specified operations are grouped to compose roles. This approach to protection is suitable for applications involving large numbers of users with overlapping user requirements and/or where there is a large number of objects. It presents a flexible (hence adaptive) means for enforcing differing ranges of security policies. It enforces the principle of least privilege, hence minimizing the risk of Trojan horse attacks.;Consequently, in part, this work focuses on role-based protection, formalizes the role concept and proposes a model for role organization and administration. This model, intended to ease access rights administration, is defined by a set of properties. Algorithms for role administration are presented. These guarantee the properties of the role organization model. Role-based protection is also studied with respect to traditional protection schemes. One aspect of this enquiry focuses on information flow analysis in role-based security systems; the other addresses the realization of mandatory access control using role-based protection. This involves the imposition of acyclic information flows and rules that ensure secrecy. It demonstrates the strength of the role-based protection approach.;A role is a named collection of responsibilities and functions which we term privileges. Execution of one or more privileges of a role facilitates access to information available via the role. Access to information is realized both via user authorization to the role and the role\u27s privilege list. A role exists as a separate entity from the role-holder and/or the role administrator. In determining role organization, role relationships are used based on privilege sharing. This results in an acyclic role graph with roles being nodes and edges being role relationships. These relationships help us infer those privileges of a role that are implicitly defined. Analysis of this model indicates that it can simulate lattice-like models, hierarchical structures and privilege graphs.;Principles from the O-O paradigm are utilized to impose segmented access to object information. This approach uses methods to window an object\u27s interface to facilitate segmented access to object data through different roles, and hence different users. By defining these methods to suit the intended functionality and associating them with specific roles, we in effect distribute the object interface to different roles and users. An object model is proposed as the basis of O-O executions. Further, in order to impose the well-formed transaction (WFTs) requirement, a transaction model is proposed that imposes transactional properties on method executions. By use of transaction scripts we can design executions to realize desirable outcomes.;Separation of duty is another major requirement in the Clark and Wilson model. It requires object history for its enforcement. Our proposal ensures that objects track their history. Moreover, every execution on an object utilizes the object history to determine access and updates the history with any attempted access. (Abstract shortened by UMI.

CallE: An Effect System for Method Calls

Effect systems are used to statically reason about the effects an expression may have when evaluated. In the literature, such effects include various behaviours as diverse as memory accesses and exception throwing. Here we present CallE, an object-oriented language that takes a flexible approach where effects are just method calls: this works well because ordinary methods often model things like I/O operations, access to global state, or primitive language operations such as thread creation. CallE supports both flexible and fine-grained control over such behaviour, in a way designed to minimise the complexity of annotations. CallE's effect system can be used to prevent OO code from performing privileged operations, such as querying a database, modifying GUI widgets, exiting the program, or performing network communication. It can also be used to ensure determinism, by preventing methods from (indirectly) calling non-deterministic primitives like random number generation or file reading

A Framework for Data Sharing in Computer Supported Cooperative Environments

Concurrency control is an indispensable part of any information sharing system. Co-operative work introduces new requirements for concurrency control which cannot be met using existing applications and database management systems developed for non-cooperative environments. The emphasis of concurrency control in conventional database management systems is to keep users and their applications from inadvertently corrupting data rather than support a workgroup develop a product together. This insular approach is necessary because applications that access the database have been built with the assumptions that they have exclusive access to the data they manipulate and that users of these applications are generally oblivious of one another. These assumptions, however, are counter to the premise of cooperative work in which human-human interaction is emphasized among a group of users utilizing multiple applications to jointly accomplish a common goal. Consequently, applying conventional approaches to concurrency control are not only inappropriate for cooperative data sharing but can actually hinder group work. Computer support for cooperative work must therefore adopt a fresh approach to concurrency control which does promote group work as much as possible, but without sacrifice of all ability to guarantee system consistency. This research presents a new framework to support data sharing in computer supported cooperative environments; in particular, product development environments where computer support for cooperation among distributed and diverse product developers is essential to boost productivity. The framework is based on an extensible object-oriented data model, where data are represented as a collection of interrelated objects with ancillary attributes used to facilitate cooperation. The framework offers a flexible model of concurrency control, and provides support for various levels of cooperation among product developers and their applications. In addition, the framework enhances group activity by providing the functionality to implement user mediated consistency and to track the progress of group work. In this dissertation, we present the architecture of the framework; we describe the components of the architecture, their operation, and how they interact together to support cooperative data sharing