Access Control in Industrial Internet of Things

The Industrial Internet of Things (IIoT) is an ecosystem that consists of - among others - various networked sensors and actuators, achieving mainly advancements related with lowering production costs and providing workflow flexibility. Introducing access control in such environments is considered to be challenging, mainly due to the variety of technologies and protocols in IIoT devices and networks. Thus, various access control models and mechanisms should be examined, as well as the additional access control requirements posed by these industrial environments. To achieve these aims, we elaborate on existing state-of-the-art access control models and architectures and investigate access control requirements in IIoT, respectively. These steps provide valuable indications on what type of an access control model and architecture may be beneficial for application in the IIoT. We describe an access control architecture capable of achieving access control in IIoT using a layered approach and based on existing virtualization concepts (e.g., the cloud). Furthermore, we provide information on the functionality of the individual access control related components, as well as where these should be placed in the overall architecture. Considering this research area to be challenging, we finally discuss open issues and anticipate these directions to provide interesting multi-disciplinary insights in both industry and academia

Blockchain-Based Access Control in a Globalized Healthcare Provisioning Ecosystem

The COVID-19 pandemic further outlined the importance of global healthcare services provisioning for diagnosing and treating patients who tend to travel and live for large periods away from home and can be anywhere at any given time. Advances in technology enable healthcare practitioners to access critical data regarding a person’s health status to provide better services. Medical data are sensitive in nature, and therefore, a reliable mechanism should ensure that only authorized entities can access data when needed. This paper, through a layered consideration of a Globalized Healthcare Provisioning Ecosystem (GHPE), reveals the interdependencies among its major components and suggests a necessary abstraction to identify requirements for the design of an access control suitable for the ecosystem. These requirements are imposed by the nature of the medical data as well as by the newly introduced potentials of Internet of Medical Things (IoMT) devices. As a result, an attribute-based access control framework is proposed aiming to provide prompt and secure access to medical data globally by utilizing state-of-the-art technologies and standards, including Next-Generation Access Control (NGAC), blockchain and smart contracts. Three types of smart contracts are proposed that enable access control to implement attribute and policy stores where policy classes and attributes are decentralized and immutable. In addition, the usage of blockchain-based distributed identities allows patients to be in control of access to their medical data and also enables healthcare service providers to access medical data promptly and reliably through the proposed access control framework. The qualitative characteristics of the proposed approach toward a decentralized and patient-centric access control in GHPE are demonstrated and discussed based on an application paradigm

Blockchain-Based Access Control in a Globalized Healthcare Provisioning Ecosystem

The COVID-19 pandemic further outlined the importance of global healthcare services provisioning for diagnosing and treating patients who tend to travel and live for large periods away from home and can be anywhere at any given time. Advances in technology enable healthcare practitioners to access critical data regarding a person’s health status to provide better services. Medical data are sensitive in nature, and therefore, a reliable mechanism should ensure that only authorized entities can access data when needed. This paper, through a layered consideration of a Globalized Healthcare Provisioning Ecosystem (GHPE), reveals the interdependencies among its major components and suggests a necessary abstraction to identify requirements for the design of an access control suitable for the ecosystem. These requirements are imposed by the nature of the medical data as well as by the newly introduced potentials of Internet of Medical Things (IoMT) devices. As a result, an attribute-based access control framework is proposed aiming to provide prompt and secure access to medical data globally by utilizing state-of-the-art technologies and standards, including Next-Generation Access Control (NGAC), blockchain and smart contracts. Three types of smart contracts are proposed that enable access control to implement attribute and policy stores where policy classes and attributes are decentralized and immutable. In addition, the usage of blockchain-based distributed identities allows patients to be in control of access to their medical data and also enables healthcare service providers to access medical data promptly and reliably through the proposed access control framework. The qualitative characteristics of the proposed approach toward a decentralized and patient-centric access control in GHPE are demonstrated and discussed based on an application paradigm