8,345 research outputs found
Trust Management in Decentralized IoT Access Control System
Heterogeneous and dynamic IoT environments require a lightweight, scalable,
and trustworthy access control system for protection from unauthorized access
and for automated detection of compromised nodes. Recent proposals in IoT
access control systems have incorporated blockchain to overcome inherent issues
in conventional access control schemes. However, the dynamic interaction of IoT
networks remains uncaptured. Here, we develop a blockchain based Trust and
Reputation System (TRS) for IoT access control, which progressively evaluates
and calculates the trust and reputation score of each participating node to
achieve a self-adaptive and trustworthy access control system. Trust and
reputation are explicitly incorporated in the attribute-based access control
policy, so that different nodes can be assigned to different access right
levels, resulting in dynamic access control policies. We implement our proposed
architecture in a private Ethereum blockchain comprised of a Docker container
network. We benchmark our solution using various performance metrics to
highlight its applicability for IoT contexts.Comment: Accepted to IEEE ICBC 202
ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability
Virtualization of Internet of Things(IoT) is a concept of dynamically
building customized high-level IoT services which
rely on the real time data streams from low-level physical
IoT sensors. Security in IoT virtualization is challenging,
because with the growing number of available (building
block) services, the number of personalizable virtual
services grows exponentially. This paper proposes Service
Object Capability(SOC) ticket system, a decentralized access
control mechanism between servers and clients to effi-
ciently authenticate and authorize each other without using
public key cryptography. SOC supports decentralized
partial delegation of capabilities specified in each server/-
client ticket. Unlike PKI certificates, SOC’s authentication
time and handshake packet overhead stays constant regardless
of each capability’s delegation hop distance from the
root delegator. The paper compares SOC’s security bene-
fits with Kerberos and the experimental results show SOC’s
authentication incurs significantly less time packet overhead
compared against those from other mechanisms based on
RSA-PKI and ECC-PKI algorithms. SOC is as secure as,
and more efficient and suitable for IoT environments, than
existing PKIs and Kerberos
- …