Skip to main content
SpringerLink
Log in

Anonymous Fine-Grained User Access Control Scheme for Internet of Things Architecture

  • Conference paper
  • First Online:
Proceedings of the Fifth International Conference on Mathematics and Computing

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1170))

Abstract

With the rapid growth of wireless technology, Internet of Things (IoT) became very popular in both industrial as well as consumer product domains. While there is a lot of available platforms and technologies for IoT, the access control issue is often overlooked in the IoT security research. An effective access control depends on the proper user authentication mechanism. Thus, access control in this scenario is an emerging and challenging problem in the IoT environment. In this paper, we design an anonymous fine-grained user access control mechanism for IoT architecture. In the proposed scheme, the user authentication is performed by the smart device node based on the user attributes, which enables fine-grained access control over the authorized data. We utilize the widely accepted formal verification tool, called the Automated Validation of Internet Security Protocols and Applications (AVISPA), to formally prove the security of the proposed scheme. Additionally, we also provide a detailed informal security analysis of the scheme. Finally, we perform a simulation study using the broadly used NS3 network simulator to show the practical impact on the proposed scheme on various network parameters.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. SPAN, the Security Protocol ANimator for AVISPA. http://www.avispa-project.org. Accessed on September 2018

  2. Attrapadung, N., Herranz, J., Laguillaumie, F., Libert, B., De Panafieu, E., Ràfols, C.: Attribute-based encryption schemes with constant-size ciphertexts. Theor. Comput. Sci. 422, 15–38 (2012)

    Article  MathSciNet  Google Scholar 

  3. Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010)

    Article  Google Scholar 

  4. Bertino, E., Shang, N., Jr., S.S.W.: An efficient time-bound hierarchical key management scheme for secure broadcasting. IEEE Trans. Dependable Sec. Comput. 5(2), 65–70 (2008)

    Google Scholar 

  5. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy (S&P’07), pp. 321–334 (2007)

    Google Scholar 

  6. Carlin, A., Hammoudeh, M., Aldabbas, O.: Intrusion detection and countermeasure of virtual cloud systems-state of the art and current challenges. Int. J. Adv. Comput. Sci. Appl. 6(6) (2015)

    Google Scholar 

  7. Challa, S., Wazid, M., Das, A.K., Kumar, N., Reddy, A.G., Yoon, E.J., Yoo, K.Y.: Secure signature-based authenticated key establishment scheme for future IoT applications. IEEE Access 5, 3028–3043 (2017)

    Google Scholar 

  8. Chase, M., Chow, S.S.: Improving privacy and security in multi-authority attribute-based encryption. In: 16th ACM Conference on Computer and Communications Security (CCS’09), pp. 121–130. Chicago, Illinois, USA (2009)

    Google Scholar 

  9. Chatterjee, S., Das, A.K.: An effective ecc-based user access control scheme with attribute-based encryption for wireless sensor networks. Sec. Commun. Netw. 8(9), 1752–1771 (2015)

    Article  Google Scholar 

  10. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques- Advances in Cryptology (Eurocrypt’04). LNCS, vol. 3027, pp. 523–540. Springer, Interlaken, Switzerland (2004)

    Google Scholar 

  11. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  Google Scholar 

  12. Ghafir, I., Prenosil, V., Alhejailan, A., Hammoudeh, M.: Social engineering attack strategies and defence approaches. In: IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud’16), pp. 145–149 (2016)

    Google Scholar 

  13. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM conference on Computer and Communications Security (CCS’06), pp. 89–98. Alexandria, VA, USA (2006)

    Google Scholar 

  14. Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): a vision, architectural elements, and future directions. Future Gen. Comput. Syst. 29(7), 1645–1660 (2013)

    Article  Google Scholar 

  15. Guo, F., Mu, Y., Susilo, W., Wong, D.S., Varadharajan, V.: CP-ABE with constant-size keys for lightweight devices. IEEE Trans. Inf. Forensics Sec. 9(5), 763–771 (2014)

    Article  Google Scholar 

  16. Hanumanthappa, P., Singh, S.: Privacy preserving and ownership authentication in ubiquitous computing devices using secure three way authentication. In: International Conference on Innovations in Information Technology (IIT’12), pp. 107–112. IEEE (2012)

    Google Scholar 

  17. Jeong, J., Chung, M.Y., Choo, H.: Integrated otp-based user authentication scheme using smart cards in home networks. In: 41st Annual Hawaii International Conference on System Sciences, pp. 294–294. IEEE (2008)

    Google Scholar 

  18. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Annual International Cryptology Conference, pp. 388–397. Springer (1999)

    Google Scholar 

  19. Lai, J., Deng, R.H., Guan, C., Weng, J.: Attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Inf. Forensics Sec. 8(8), 1343–1354 (2013)

    Article  Google Scholar 

  20. Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25(8), 2201–2210 (2014)

    Article  Google Scholar 

  21. Lounis, A., Hadjidj, A., Bouabdallah, A., Challal, Y.: Healing on the cloud: secure cloud architecture for medical wireless sensor networks. Future Gen. Comput. Syst. 55, 266–277 (2016)

    Article  Google Scholar 

  22. Messerges, T.S., Dabbish, E.A., Sloan, R.H.: Examining smart-card security under the threat of power analysis attacks. IEEE Trans. Comput. 51(5), 541–552 (2002)

    Article  MathSciNet  Google Scholar 

  23. von Oheimb, D.: The high-level protocol specification language hlpsl developed in the eu project avispa. In: Proceedings of 3rd APPSEM II (Applied Semantics II) Workshop (APPSEM’05), pp. 1–17. Frauenchiemsee, Germany (2005)

    Google Scholar 

  24. Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: Proceedings of the 14th ACM conference on Computer and Communications Security (CCS’07), pp. 195–203. Alexandria, VA, USA (2007)

    Google Scholar 

  25. Roman, R., Najera, P., Lopez, J.: Securing the Internet of Things. Computer 44(9), 51–58 (2011)

    Article  Google Scholar 

  26. Vigano, L.: Automated security protocol analysis with the AVISPA tool. Electron. Notes Theor. Comput. Sci. 155, 61–86 (2006)

    Article  Google Scholar 

  27. Wazid, M., Das, A.K., Odelu, V., Kumar, N., Susilo, W.: Secure Remote User Authenticated Key Establishment Protocol for Smart Home Environment. IEEE Trans. Dependable Sec. Comput. (2018)

    Google Scholar 

  28. Yu, S., Ren, K., Lou, W.: Fdac: toward fine-grained distributed data access control in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. 22(4), 673–686 (2011)

    Article  Google Scholar 

  29. Zhou, L., Li, X., Yeh, K.H., Su, C., Chiu, W.: Lightweight iot-based authentication scheme in cloud computing circumstance. Future Gen. Comput. Syst. 91, 244–251 (2019)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Jadavpur University, Salt Lake City, 700 098, Kolkata, India

    Soumya Banerjee & Samiran Chattopadhyay

  2. Department of Computer Science and Information Systems, Birla Institute of Technology and Science, Pilani Hyderabad Campus, Hyderabad, 500 078, India

    Vanga Odelu

  3. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad, 500 032, India

    Ashok Kumar Das

  4. Department of Information Technology, Maulana Abul Kalam Azad University of Technology, Kolkata, 700064, India

    Debasis Giri

Authors
  1. Soumya Banerjee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vanga Odelu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ashok Kumar Das
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Samiran Chattopadhyay
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Debasis Giri
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Soumya Banerjee or Vanga Odelu .

Editor information

Editors and Affiliations

  1. Department of Information Technology, Maulana Abul Kalam Azad University of Technology, Haringhata, West Bengal, India

    Debasis Giri

  2. Faculty of Engineering and Physical Sciences, University of Surrey, Guildford, UK

    Anthony T. S. Ho

  3. Indian Institute of Technology Madras, Chennai, India

    S. Ponnusamy

  4. Department of Information Management, National Taiwan University of Science and Technology, Taipei City, Taiwan

    Nai-Wei Lo

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Banerjee, S., Odelu, V., Das, A.K., Chattopadhyay, S., Giri, D. (2021). Anonymous Fine-Grained User Access Control Scheme for Internet of Things Architecture. In: Giri, D., Ho, A.T.S., Ponnusamy, S., Lo, NW. (eds) Proceedings of the Fifth International Conference on Mathematics and Computing. Advances in Intelligent Systems and Computing, vol 1170. Springer, Singapore. https://doi.org/10.1007/978-981-15-5411-7_4

Download citation

Publish with us

Policies and ethics

Search

Navigation