research-article

Access control with delegation for smart home applications

Authors:

Matt W. MutkaAuthors Info & Claims

IoTDI '19: Proceedings of the International Conference on Internet of Things Design and Implementation

Pages 142 - 147

https://doi.org/10.1145/3302505.3310076

Published: 15 April 2019 Publication History

Abstract

With the emergence of smart home applications, it is important to have flexible access control so that users can create/transfer their permissions in a convenient way. We propose a lightweight authorization protocol with support of a delegation chain in which a user can easily transfer (part of) his/her access rights to smart appliances in the form of a Bloom filter. The security of our protocol is based on the false positive rate of a Bloom filter. A prototype has been built for evaluation.

References

[1]

Michael P Andersen, John Kolb, Kaifei Chen, Gabriel Fierro, David E Culler, and Raluca Ada Popa. 2017. WAVE: A Decentralized Authorization System for IoT via Blockchain Smart Contracts. (2017).

[2]

Burton H. Bloom. 1970. Space/Time Trade-offs in Hash Coding with Allowable Errors. Commun. ACM 13, 7 (July 1970), 422--426.

Digital Library

[3]

Alexandra Dmitrienko, Ahmad-Reza Sadeghi, Sandeep Tamrakar, and Christian Wachsmann. 2012. SmartTokens: Delegable access control with NFC-enabled smartphones. Springer.

[4]

Earlence Fernandes, Jaeyeon Jung, and Atul Prakash. 2016. Security Analysis of Emerging Smart Home Applications. In Proceedings of the 37th IEEE Symposium on Security and Privacy.

[5]

Simon N Foley and Guillermo Navarro-Arribas. 2013. A Bloom Filter Based Model for Decentralized Authorization. International Journal of Intelligent Systems (2013).

[6]

Eu-Jin Goh et al. 2003. Secure Indexes. IACR Cryptology ePrint Archive (2003).

[7]

Sergio Gusmeroli, Salvatore Piccione, and Domenico Rotondi. 2013. A capability-based security approach to manage access control in the internet of things. Mathematical and Computer Modelling (2013).

[8]

Grant Ho, Derek Leung, Pratyush Mishra, Ashkan Hosseini, Dawn Song, and David Wagner. 2016. Smart Locks: Lessons for Securing Commodity Internet of Things Devices. In ASIA CCS '16. ACM.

Digital Library

[9]

D. Hussein, E. Bertin, and V. Frey. 2017. A Community-Driven Access Control Approach in Distributed IoT Environments. IEEE Communications Magazine (2017).

Digital Library

[10]

Tiffany Hyun-Jin Kim, Lujo Bauer, James Newsome, Adrian Perrig, and Jesse Walker. 2011. Access right assignment mechanisms for secure home networks. Journal of Communications and Networks (2011).

[11]

S. Notra, M. Siddiqi, H. Habibi Gharakheili, V. Sivaraman, and R. Boreli. 2014. An experimental study of security and privacy risks with emerging household appliances. In 2014 IEEE Conference on Communications and Network Security.

[12]

Rodrigo Roman, Jianying Zhou, and Javier Lopez. 2013. On the features and challenges of security and privacy in distributed internet of things. Computer Networks (2013).

Digital Library

[13]

Antonio F Skarmeta, José L Hernández-Ramos, and M Victoria Moreno. 2014. A decentralized approach for security and privacy challenges in the internet of things. In Internet of Things (WF-IoT), 2014 IEEE World Forum on. IEEE.

[14]

Blase Ur, Jaeyeon Jung, and Stuart Schechter. 2013. The current state of access control for smart devices in homes. In Workshop on Home Usable Privacy and Security (HUPS).

[15]

Eric Zeng, Shrirang Mare, and Franziska Roesner. 2017. End user security & privacy concerns with smart homes. In Symposium on Usable Privacy and Security (SOUPS).

Digital Library

Cited By

Sikder ABabun LCelik ZAksu HMcDaniel PKirda EUluagac A(2022)Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home EnvironmentACM Transactions on Internet of Things10.1145/35435133:4(1-39)Online publication date: 6-Sep-2022
https://dl.acm.org/doi/10.1145/3543513
Zhang HAgarwal YFredrikson MBulusu NAryafar EBalasubramanian ASong J(2022)TEOProceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services10.1145/3498361.3539774(302-315)Online publication date: 27-Jun-2022
https://dl.acm.org/doi/10.1145/3498361.3539774
Silva CBarraca J(2022)Dynamic Delegation-based Privacy Preserving in IoT Architectures2022 9th International Conference on Future Internet of Things and Cloud (FiCloud)10.1109/FiCloud57274.2022.00014(46-54)Online publication date: Aug-2022
https://doi.org/10.1109/FiCloud57274.2022.00014
Show More Cited By

Index Terms

Access control with delegation for smart home applications
1. Security and privacy
  1. Security services
    1. Access control

Recommendations

Delegation in role-based access control

User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
A delegation model for extended RBAC

In the field of access control, delegation is an important aspect that is considered part of the administration mechanism. Thus, a comprehensive access control model must provide a flexible administration model to manage delegation and revocation. ...
An attribute-based-delegation-model
InfoSecu '04: Proceedings of the 3rd international conference on Information security

Delegation constraint of current delegation models is mostly delegation prerequisite conditions. In these models, delegation security fully depends on delegator and security administrator. In many cases, we need a more secured delegation with a strict ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IoTDI '19: Proceedings of the International Conference on Internet of Things Design and Implementation

April 2019

299 pages

ISBN:9781450362832

DOI:10.1145/3302505

General Chairs:
Olaf Landsiedel
Univ. of Kiel,Germany,Chalmers Univ. of Technology, Sweden
,
Klara Nahrstedt
University of Illinois Urbana-Champaign

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGBED: ACM Special Interest Group on Embedded Systems

In-Cooperation

IEEE CS

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 April 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

IoTDI '19

Sponsor:

SIGBED

IoTDI '19: International Conference on Internet-of-Things Design and Implementation

April 15 - 18, 2019

Quebec, Montreal, Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
312
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sikder ABabun LCelik ZAksu HMcDaniel PKirda EUluagac A(2022)Who’s Controlling My Device? Multi-User Multi-Device-Aware Access Control System for Shared Smart Home EnvironmentACM Transactions on Internet of Things10.1145/35435133:4(1-39)Online publication date: 6-Sep-2022
https://dl.acm.org/doi/10.1145/3543513
Zhang HAgarwal YFredrikson MBulusu NAryafar EBalasubramanian ASong J(2022)TEOProceedings of the 20th Annual International Conference on Mobile Systems, Applications and Services10.1145/3498361.3539774(302-315)Online publication date: 27-Jun-2022
https://dl.acm.org/doi/10.1145/3498361.3539774
Silva CBarraca J(2022)Dynamic Delegation-based Privacy Preserving in IoT Architectures2022 9th International Conference on Future Internet of Things and Cloud (FiCloud)10.1109/FiCloud57274.2022.00014(46-54)Online publication date: Aug-2022
https://doi.org/10.1109/FiCloud57274.2022.00014
Bindra LEng KArdakanian OStroulia E(2021)Flexible, decentralised access control for smart buildings with smart contractsCyber-Physical Systems10.1080/23335777.2021.19225028:4(286-320)Online publication date: 25-Jul-2021
https://doi.org/10.1080/23335777.2021.1922502
Mahalle PShinde G(2021)OAuth-Based Authorization and Delegation in Smart Home for the Elderly Using Decentralized Identifiers and Verifiable CredentialsSecurity Issues and Privacy Threats in Smart Ubiquitous Computing10.1007/978-981-33-4996-4_6(95-109)Online publication date: 9-Apr-2021
https://doi.org/10.1007/978-981-33-4996-4_6
Ogonji MOkeyo GWafula J(2020)A survey on privacy and security of Internet of ThingsComputer Science Review10.1016/j.cosrev.2020.10031238(100312)Online publication date: Nov-2020
https://doi.org/10.1016/j.cosrev.2020.100312

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten