Abstract
The article presents a new access control model for IoT (Internet of Things), which is based on a dynamic approach. Our aim is to change the access control design concept from a static to a dynamic model in order to fit to characteristics and features of IoT. We do so by adapting TMAC (Team Access Control) model to IoT dynamic environment. DTMAC (Dynamic Team Access Control) allows the creation of dynamic teams that are deleted when the collaborative activities are over. In addition, it offers an easy management of the teams in a decentralized manner. We implement DTMAC as a web application using a relational database management to assess its security. The assessment of DTMAC shows that it adapts well to IoT dynamic network. Moreover, the model is user-driven, flexible and scalable. It also provides fine-grained access control, supports the well-known least privileges principle and separation of duties for the team members.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
De Pellegrini, F., Miorandi, I., Daniele, C., Sicari, S.: Internet of things: vision, applications and research challenges. Ad Hoc Netw. 10, 1497–1516 (2012)
Lopez, J., Roman, R., Zhou, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57, 2266–2279 (2013)
Sandhu, R.S.: Role Based Access Control (1998)
Zhang, G., Tian, J.: An extended role based access control model for the Internet of Things. In: ICINA (2010)
Jindou, J., Xiaofeng, Q., Cheng, C.: Access control method for web of things based on role and SNS. IEEE (2012)
Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: IEEE International Conference. IEEE (2005)
Ye, N., Zhu, Y., Wang, R.-C., Malekian, R., Qiao-min, L.: An efficient authentication and access control scheme for perception layer of Internet of Things. Appl. Math. Inf. Sci. Int. J. 4)(2014, 1617–1624 (1624)
Kalam, A., et al.: Organization based access control. IEEE (2003)
Ouaddah, A., Bouij-Pasquier, I., Abou Elkalam, A., Ait Ouahman, A.: Security analysis and proposal of new access control model in the Internet of Thing. IEEE (2015)
Bouij-Pasquier, I., El Kalam, A.A., Ouahman, A.A., De Montfort, M.: A security framework for Internet of Things. In: Reiter, M., Naccache, D. (eds.) CANS 2015. LNCS, vol. 9476, pp. 19–31. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-26823-1_2
Kagal, L., Finin, T., Joshi, A.: A Trust-Based Access Control Model for Pervasive Computing Applications. IEEE (2001)
Malhalle, P.N., Thakre, P.A., Prasad, N.R., Prasad, R.: A fuzzy approach to trust based access control in Internet of Things. IEEE (2013)
Bernabe, J.B., Ramos, J.L.H., Gomez, A.F.S.: TACIoT: multidimensional trust aware access control system for the Internet of Things. Soft Comput. 20, 1763–1779 (2016)
Dennis, J.B., Van Horn, E.C.: Programming semantics for multiprogrammed computations. Commun. ACM 9, 143–154 (1966)
Gusmeroli, S., Piccione, S., Rotondi, D.: A capability based security approach to manage access control in the Internet of Things. Math. Comput. Modell. 58, 1189–1205 (2013)
Hernandez-Ramos, J.L., Jara, A.J., Marin, L., Skarmeta, A.F.: Distributed capability-based access control for the Internet of Things. JISIS 3, 1–16 (2013)
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1, 36–63 (2001)
Sandhu, R., Park, J.: Usage control: a vision for next generation access control. In: Gorodetsky, V., Popyack, L., Skormin, V. (eds.) MMM-ACNS 2003. LNCS, vol. 2776, pp. 17–31. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45215-7_2
Zhang, G., Gong, W.: The research of access control based on UCON in the Internet of Things. J. Softw. 6, 724–731 (2011)
Zhang, Y., Wu, X.: Access Control in Internet of Things: A Survey (2016)
Ait Ouahman, A., Ouaddah, A., Mousannif, H., Abou Elkalam, A.: Acess control in the Internet of Things: big challlenges and new opportunities. Comput. Netw. 112, 237–262 (2017)
Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. ACM (1997)
Georgiadis, C.K., Thomas, K., Mavridis, I., Pangalos, G.I.: Flexible team-based access control using contexts. In: SACMAT (2001)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Benhadj Djilali, H., Tandjaoui, D. (2019). Dynamic Team Access Control for Collaborative Internet of Things. In: Renault, É., Boumerdassi, S., Bouzefrane, S. (eds) Mobile, Secure, and Programmable Networking. MSPN 2018. Lecture Notes in Computer Science(), vol 11005. Springer, Cham. https://doi.org/10.1007/978-3-030-03101-5_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-03101-5_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03100-8
Online ISBN: 978-3-030-03101-5
eBook Packages: Computer ScienceComputer Science (R0)