Abstract
Internet of Things has been penetrating into many aspects of human lives as the Informationization develops rapidly in the world. And yet traditional access control models, such as RBAC, have some shortage on the environment of large-scale dynamic users due to the real time and dynamic characteristics of Internet of Things, resulting in various problems especially on the disclosure of private information. We propose an access control model based on attribute and role to solve the scenarios of large scale dynamics users. The model put forward a policy language of attribute rules and a method to solve the policy conflict and redundancy. We also illustrate the feasibility of the model with an example of Wechat. The results indicate our model could simplify the complexity of traditional ABAC in the aspect of permissions assignment and policy management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Fang, B.X., Guo, Y.C., Zhou, Y.: Information Content Security on the Internet: the Control Model and Its Evaluation. J. Science in China Series F: Information Sciences 53, 30–49 (2010)
Sandhu, R., Coyne, E., Feinstein, H., et al.: Role-Based Access Control Models. J. IEEE Computer 29, 38–47 (1996)
Sandhu, R., Bhamidipati, V., Munawer, Q.: The ARBAC97 Model for Role-Based Administration of Roles. J. ACM Transactions on Information and System Security 2, 105–135 (1999)
Sandhu, R., Munawer, Q.: The ARBAC99 Model for Administration of Roles. In: Proceedings of the15th Annual Computer Security Applications Conference (ACSAC 1999), pp. 229–238. IEEE Computer Society, USA (1996)
Oh, S., Sandhu, R., Zhang, X.W.: An Effective Role Administration Model Using Organization Structure. J. ACM Transactions on Information and System Security 9, 113–137 (2006)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., et al.: Proposed NIST Standard for Role-Based Access Control. J. ACM Transactions on Information and System Security 4, 224–274 (2001)
Bertino, E., Catania, B., Damiani, M.L., Perlasca, P.: GEO-RBAC: A Spatially Aware RBAC. In: Proc. 10th ACM Symp., pp. C29–C37. SACMAT (2005)
Chen, L., Crampton, J.: On Spatio-Temporal Constraints and Inheritance in Role-Based Access Control. In: Proc. ACM Symp., pp. C205–C216. ASIACCS (2008)
Abdunabi, R., Al-Lail, M., Ray, I., et al.: Specification, Validation, and Enforcement of a Generalized Spatio-Temporal Role-Based Access Control Model. J. IEEE Systems Journal 7, 501–515 (2013)
Al-Kahtani, M.A., Sandhu, R.: A Model for Attribute-Based User-Role Assignment. In: Proceedings of the 18th Annual Computer Security Applications Conference, pp. 353–362. IEEE Computer Society, Washington (2008)
Zhu, Y., Li, J., Zhang, Q.: General Attribute-Based RBAC Model for Web Services. J. Wuhan University Journal of Natural Sciences 13, 81–86 (2008)
Yuan, E., Tong, J.: Attributed-Based Access Control (ABAC) for Web Services. In: Proceedings of the IEEE International Conference on Web Services, pp. 561–569. IEEE Computer Society, Washington (2005)
Hong, F., Yao, S., Duan, S.: Attribute-Based Model of Permissions-Role Assignment. J. Computer Applications 24, 153–155 (2004) (in Chinese)
Hu, Y.: Graph-Based Network Security Strategy Research of Conflict. Master’s Degree Thesis of Nanhua University (2007) (in Chinese)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Kaiwen, S., Lihua, Y. (2014). Attribute-Role-Based Hybrid Access Control in the Internet of Things. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds) Web Technologies and Applications. APWeb 2014. Lecture Notes in Computer Science, vol 8710. Springer, Cham. https://doi.org/10.1007/978-3-319-11119-3_31
Download citation
DOI: https://doi.org/10.1007/978-3-319-11119-3_31
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-11118-6
Online ISBN: 978-3-319-11119-3
eBook Packages: Computer ScienceComputer Science (R0)