Abstract
This work builds on top of an architecture and prototype implementation of a novel trust-aware continuous authorization technology that targets consumer Internet of Things (IoT), e.g., Smart Home to introduce a novel trust algorithm and meta attribute evaluation. Our approach extends previous work in two complementary ways: (1) By introducing a novel set of meta attributes that characterize the values of condition attributes such as Time To Live. This set of meta attributes serves as additional information that can be used by the system in order to proper caching attribute values or deciding whether or not to use an attribute already retrieved or to ask for a fresh one. (2) By minimizing the network consumption related to requesting additional and fresh attributes to sensor in IoT environments. Network is the source of major energy consumption in IoT devices, therefore being able to minimize network consumption is beneficial for the whole system.
The research reported is part of a Huawei R&D project in cooperation with Security Forge. We would also like to acknowledge the contribution of the following colleagues: Yair Diaz and Liu Jignag at the Munich Research Center; Michael Shurman, Eyal Rundstein, Dror Moyal, Nir Makmal, Avi Halaf, Ido Zak, Daniel Bibi, Ye Zongbo at the Israel Research Center and of Professor Eyal Winter, Hebrew University, Israel.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Castelfranchi, C., Falcone, R.: Trust is much more than subjective probability: mental components and sources of trust. In: (HICSS-33), Hawaii, USA (2000)
Dezert, J., et al.: Can we trust subjective logic for information fusion? In: FUSION 2014, Salamanca, Spain, pp. 1–8. IEEE (2014)
Dimitrakos, T., Brossard, D., de Leusse, P.: Securing business operations in an SOA. CoRR abs/1203.0429 (2012). http://arxiv.org/abs/1203.0429
Dimitrakos, T., et al.: Trust aware continuous authorization for zero trust in consumer internet of things. In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1801–1812 (2020). https://doi.org/10.1109/TrustCom50675.2020.00247
Dimitrakos, T., Martrat, J., Wesner, S. (eds.): Service Oriented Infrastructures and Cloud Service Platforms for the Enterprise. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-04086-3
Dimitrakos, T.: System models, e-risks and e-trust - towards bridging the gap? In: (I3E 2001), Zürich, Switzerland, vol. 202, pp. 45–58. Kluwer (2001)
Grandison, T., Sloman, M.: Trust management tools for internet applications. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 91–107. Springer, Heidelberg (2003). https://doi.org/10.1007/3-540-44875-6_7
Heijden, R.W.V.D., Kopp, H., Kargl, F.: Multi-source fusion operations in subjective logic. In: FUSION 2018, Cambridge, UK, pp. 1990–1997. IEEE (2018)
Jøsang, A.: Subjective Logic - A Formalism for Reasoning Under Uncertainty. Artificial Intelligence: Foundations, Theory, and Algorithms, Springer, Cham (2016). https://doi.org/10.1007/978-3-319-42337-1
Jøsang, A., Elouedi, Z.: Interpreting belief functions as Dirichlet distributions. In: Mellouli, K. (ed.) ECSQARU 2007. LNCS (LNAI), vol. 4724, pp. 393–404. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75256-1_36
Jøsang, A., Keser, C., Dimitrakos, T.: Can we manage trust? In: Herrmann, P., Issarny, V., Shiu, S. (eds.) iTrust 2005. LNCS, vol. 3477, pp. 93–107. Springer, Heidelberg (2005). https://doi.org/10.1007/11429760_7
Lazouski, A., Martinelli, F., Mori, P.: A prototype for enforcing usage control policies based on XACML. In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 79–92. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32287-7_7
de Leusse, P., et al.: Self Managed Security Cell, a security model for the Internet of Things and Services. CoRR abs/1203.0439 (2012)
Liu, B.: A Survey on Trust Modeling from a Bayesian Perspective. CoRR abs/1806.03916 (2018). http://arxiv.org/abs/1806.03916
Lund, M.S., Solhaug, B., Stølen, K.: Evolution in relation to risk and trust management. IEEE Comput. 43(5), 49–55 (2010)
Marsh, S.P.: Formalising trust as a computational concept. University of Sterling, Technical repot (1994)
Nguyen, T.D., Bai, Q.: A dynamic Bayesian network approach for agent group trust evaluation. Comput. Hum. Behav. 89, 237–245 (2018)
OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0, January 2013. http://www.oasis-open.org/committees/xacml
OASIS: Abbreviated language for authorization Version 1.0 (2015). https://bit.ly/2UP6Jza
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. 7(1), 128–174 (2004)
Rafailidis, D.: Bayesian deep learning with trust and distrust in recommendation systems. In: IEEE/WIC/ACM, WI 2019, Thessaloniki, Greece, pp. 18–25 (2019)
Shirey, R.: Internet Security Glossary (2007). https://bit.ly/2UP77xC
Vishi, K., Jøsang, A.: A new approach for multi-biometric fusion based on subjective logic. In: IML 2017, Liverpool, UK. ACM (2017)
Zhang, L., Zou, J.: Research of ABAC mechanism based on the improved encryption algorithm under cloud environment. In: Park, J., Pan, Y., Chao, H.C., Yi, G. (eds.) Ubiquitous Computing Application and Wireless Sensor. LNEE, vol. 331, pp. 463–469. Springer, Dordrecht (2015). https://doi.org/10.1007/978-94-017-9618-7_46
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Dimitrakos, T. et al. (2021). Handling Meta Attribute Information in Usage Control Policies (Short Paper). In: Saracino, A., Mori, P. (eds) Emerging Technologies for Authorization and Authentication. ETAA 2021. Lecture Notes in Computer Science(), vol 13136. Springer, Cham. https://doi.org/10.1007/978-3-030-93747-8_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-93747-8_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-93746-1
Online ISBN: 978-3-030-93747-8
eBook Packages: Computer ScienceComputer Science (R0)