Abstract
Internet of Things environments are comprised of heterogeneous devices that are continuously exchanging information and being accessed ubiquitously through lossy networks. This drives the need of a flexible, lightweight and adaptive access control mechanism to cope with the pervasive nature of such global ecosystem, ensuring, at the same time, reliable communications between trusted devices. To fill this gap, this paper proposes a flexible trust-aware access control system for IoT (TACIoT), which provides an end-to-end and reliable security mechanism for IoT devices, based on a lightweight authorization mechanism and a novel trust modelthat has been specially devised for IoT environments. TACIoT extends traditional access control systems by taking into account trust values which are based on reputation, quality of service, security considerations and devices’ social relationships. TACIoT has been implemented and evaluated successfully in a real testbed for constrained and non-constrained IoT devices.
Similar content being viewed by others
References
A socially aware citizen-centric Internet of Things C (2013) Eu fp7 sociotal project. http://sociotal.eu
Architecture D.I.S. proof of concept I.P.B. Eu fp7 butler project (2013)
Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Elsevier Comput Netw 54(15):2787–2805
Atzori L, Iera A, Morabito G, Nitti M (2012) The social internet of things (siot)-when social networks meet the internet of things: concept, architecture and network characterization. Comput Netw 56(16):3594–3608
Bao F, Chen IR, Guo J (2013) Scalable, adaptive and survivable trust management for community of interest based internet of things systems. In: Autonomous Decentralized Systems (ISADS), 2013 IEEE Eleventh International Symposium on, pp 1–7. IEEE
Bao F, Chen IR (2012) Dynamic trust management for internet of things applications. In: Proceedings of the 2012 international workshop on Self-aware internet of things, pp 1–6. ACM
Bassi A, Bauer M, Fiedler M, Kramp T, van Kranenburg R, Lange S, Meissner S (2013) Enabling things to talk. Springer, Berlin, Heidelberg
Bernabe BJ, Luis Hernndez MVM, Skarmeta A (2014) Privacy-preserving security framework for a social-aware internet of things. In: UCAm I 2014, pp 408–415
Chen D, Chang G, Sun D, Li J, Jia J, Wang X (2011) Trm-iot: a trust management model based on fuzzy reputation for internet of things. Comput Sci Inf Syst 8(4):1207–1228
Chen D, Chang G, Sun D, Jia J, Wang X (2012) Modeling access control for cyber-physical systems using reputation. Comput Electr Eng 38(5):1088–1101
Crockford D (2006) RFC 4627: The application/json Media Type for Javascript Object Notation (JSON). IETF RFC 4627. http://www.ietf.org/rfc/rfc4627.txt
Ferraiolo D, Cugini J, Kuhn R (1995) Role-based access control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp 241–48
Gerdes S (2014) Actors in the ace architecture. IETF Internet Draft, draft-gerdes-ace-actors-01
Gusmeroli S, Piccione S, Rotondi D (2013) A capability-based security approach to manage access control in the internet of things. Math Comput Model 58(5–6):1189–1205
Heer T, Garcia-Morchon O, Hummen R, Keoh SL, Kumar SS, Wehrle K (2011) Security challenges in the ip-based internet of things. Wirel Pers Commun 61(3):527–542
Hernández-Ramos JL, Jara AJ, Marín L, Skarmeta AF (2014) Dcapbac: Embedding authorization logic into smart things through ecc optimizations. Int J Comput Math 1–22. doi:10.1080/00207160.2014.915316
Jara AJ, Lopez P, Fernandez D, Castillo JF, Zamora MA, Skarmeta AF (2014) Mobile digcovery: discovering and interacting with the world through the internet of things. Pers Ubiquitous Comput 18(2):323–338
Langheinrich M (2001) Privacy by designprinciples of privacy-aware ubiquitous systems. In: Ubicomp 2001: Ubiquitous Computing, pp 273–291. Springer
Mahalle PN, Thakre PA, Prasad NR, Prasad R (2013) A fuzzy approach to trust based access control in internet of things. In: Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), 2013 3rd International Conference on, pp 1–5. IEEE
Mahalle, PN, Anggorojati B, Prasad NR, Prasad R (2012) Identity driven capability based access control (ICAC) for the Internet of Things. In: Proceedings of the 6th IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bangalore, India, pp 49–54. IEEE
Marin L, Jara A, Skarmeta A (2013) Shifting primes on openrisc processors with hardware multiplier. In: Information and Communication Technology, pp 540–549. Springer
Marti S, Garcia-Molina H (2006) Taxonomy of trust: categorizing p2p reputation systems. Comput Netw 50(4):472–484
Medaglia CM, Serbanati A (2010) An overview of privacy and security issues in the internet of things. In: The Internet of Things, pp. 389–395. Springer
Nitti M, Girau R, Atzori L (2013) Trustworthiness management in the social internet of things. IEEE Trans Knowl Data Eng 26(5):1253–1266
Rada-Vilela J (2014) Fuzzylite: a fuzzy logic control library. http://www.fuzzylite.com
Rescola E, Modadugu N (2006) Rfc 4347: Datagram transport layer security (dtls). Request for Comments, IETF
Rissanen E (2012) extensible access control markup language (xacml) version 3.0 oasis standard
Saied Ben, Olivereau Y, Zeghlache D, Laurent M (2013) Trust management system design for the internet of things: a context-aware and multi-service approach. Comput Secur 39:351–365
Schaffers H, Komninos N, Pallot M, Trousse B, Nilsson M, Oliveira A (2011) Smart cities and the future internet: towards cooperation frameworks for open innovation. Springer
Seitz L, Selander G (2014) Problem description for authorization in constrained environments. IETF Internet Draft, draft-seitz-ace-problem-description-01
Shelby Z, Hartke K, Bormann C (2014) The constrained application protocol (coap). IETF RFC 7252:10
Weiser M (1991) The computer for the 21st century. Sci Am 265(3):94–104
Yager RR, Filev D (1994) Essentials of fuzzy modeling and control. Wiley, New York
Yuan E, Tong J (2005) Attributed based access control (ABAC) for web services. In: Proceedings of the 12th IEEE International Conference on Web Services (ICWS), Orlando, USA. IEEE
Ziegler S, Crettaz C, Ladid L, Krco S, Pokric B, Skarmeta AF, Jara A, Kastner W, Jung M (2013) Iot6-moving to an ipv6-based future iot. Springer, Berlin, Heidelberg
Acknowledgments
This work has been sponsored by European Commission through the FP7-SOCIOTAL-609112 EU Projects, and the Spanish Seneca Foundation by means of the Excellence Researching Group Program (04552/GERM/06).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by A. Jara, M. R. Ogiela, I. You and F.-Y. Leu.
Rights and permissions
About this article
Cite this article
Bernal Bernabe, J., Hernandez Ramos, J.L. & Skarmeta Gomez, A.F. TACIoT: multidimensional trust-aware access control system for the Internet of Things. Soft Comput 20, 1763–1779 (2016). https://doi.org/10.1007/s00500-015-1705-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-015-1705-6