SmartABAC: Enabling Constrained IoT Devices to Make Complex Policy-Based Access Control Decisions

【Author】 Fedrecheski, Geovane; De Biase, Laisa Caroline Costa; Calcina-Ccori, Pablo C.; de Deus Lopes, Roseli; Zuffo, Marcelo Knorich

【Source】IEEE INTERNET OF THINGS JOURNAL

【影响因子】10.238

【Abstract】While attribute-based access control (ABAC) is a promising technique to govern interactions in the Internet of Things (IoT), most existing ABAC models are designed to run on remote servers or gateway devices. This scenario is misaligned with recent trends toward IoT decentralization, such as the Swarm, which expects devices to autonomously share resources, making their own access decisions for enhanced privacy and reliability. In this article, we propose SmartABAC: a fast, concise, and expressive ABAC model that can be executed in constrained IoT devices. It combines the performance of policies based on attribute enumeration, with techniques that enhance policy expressiveness, such as typed and hierarchical attributes. We specified SmartABAC using first-order logic, designed a use case, and evaluated it in both constrained and nonconstrained IoT environments. Results show that our model can represent a variety of access policies, including nested multiattribute rules, while using less than 100 bytes per policy, on average, for a smart home use case. Our C-based SmartABAC implementation is at least 255 times faster than existing models and can evaluate 3000 policies under 5 ms on a 32-MHz MCU.

【Keywords】Access control; Internet of Things; Data models; Biological system modeling; Numerical models; Blockchains; Servers; Attribute-based access control (ABAC); authorization; Internet of Things (IoT) security

【发表时间】2022 APR 1

【收录时间】2022-05-27

【文献类型】实证性文章

【主题类别】

区块链技术-协同技术-物联网