scholarly journals Entitlement-Based Access Control for Smart Cities Using Blockchain

Sensors ◽  
2021 ◽  
Vol 21 (16) ◽  
pp. 5264
Author(s):  
Fariza Sabrina ◽  
Julian Jang-Jaccard
Keyword(s):  
Access Control ◽  
Large Scale ◽  
Smart Cities ◽  
Qualitative Evaluation ◽  
Control Solution ◽  
Resource Owner ◽  
Access Rights ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Analyze Data

Smart cities use the Internet of Things (IoT) devices such as connected sensors, lights, and meters to collect and analyze data to improve infrastructure, public utilities, and services. However, the true potential of smart cities cannot be leveraged without addressing many security concerns. In particular, there is a significant challenge for provisioning a reliable access control solution to share IoT data among various users across organizations. We present a novel entitlement-based blockchain-enabled access control architecture that can be used for smart cities (and for any ap-plication domains that require large-scale IoT deployments). Our proposed entitlement-based access control model is flexible as it facilitates a resource owner to safely delegate access rights to any entities beyond the trust boundary of an organization. The detailed design and implementation on Ethereum blockchain along with a qualitative evaluation of the security and access control aspects of the proposed scheme are presented in the paper. The experimental results from private Ethereum test networks demonstrate that our proposal can be easily implemented with low latency. This validates that our proposal is applicable to use in the real world IoT environments.

Information Flow Control Based on the CapBAC (Capability-Based Access Control) Model in the IoT

2019 ◽  
Vol 10 (4) ◽  
pp. 13-25 ◽  
Author(s):  
Shigenari Nakamura ◽  
Tomoya Enokido ◽  
Makoto Takizawa
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Information Flow ◽  
Control Model ◽  
The Internet ◽  
Information Flow Control ◽  
The Subject ◽  
Access Rights ◽  
Iot Devices ◽  
The Internet Of Things

In the Internet of Things (IoT), not only computers like servers but also devices with sensor and actuator devices are interconnected. It is critical to make the IoT secure, especially devices. In the capability-based access control (CapBAC) model proposed to make IoT devices secure, an owner of each device issues a capability token, i.e. a set of access rights, to a subject. Only a subject holding the capability token is allowed to manipulate the device. However, a subject may get data in a device d1 via another device d2 although the subject holds no capability token to get data from the device d1. Here, the data in the device d1 illegally flow to the subject. In this article, the authors propose the operation interruption (OI) protocol where illegal get operations are interrupted. In the evaluation, the ratio of the number of get operations interrupted to the total number of get operations is kept constant even if the numbers of subjects and access rights granted to each subject increase in the OI protocol.

scholarly journals IoT Traffic: Modeling and Measurement Experiments

IoT ◽  
2021 ◽  
Vol 2 (1) ◽  
pp. 140-162
Author(s):  
Hung Nguyen-An ◽  
Thomas Silverston ◽  
Taku Yamazaki ◽  
Takumi Miyoshi
Keyword(s):  
Smart Home ◽  
Large Scale ◽  
Traffic Modeling ◽  
The Novel ◽  
Network Behavior ◽  
Performance Accuracy ◽  
Traffic Generator ◽  
Multiple Devices ◽  
Iot Devices ◽  
The Internet Of Things

We now use the Internet of things (IoT) in our everyday lives. The novel IoT devices collect cyber–physical data and provide information on the environment. Hence, IoT traffic will count for a major part of Internet traffic; however, its impact on the network is still widely unknown. IoT devices are prone to cyberattacks because of constrained resources or misconfigurations. It is essential to characterize IoT traffic and identify each device to monitor the IoT network and discriminate among legitimate and anomalous IoT traffic. In this study, we deployed a smart-home testbed comprising several IoT devices to study IoT traffic. We performed extensive measurement experiments using a novel IoT traffic generator tool called IoTTGen. This tool can generate traffic from multiple devices, emulating large-scale scenarios with different devices under different network conditions. We analyzed the IoT traffic properties by computing the entropy value of traffic parameters and visually observing the traffic on behavior shape graphs. We propose a new method for identifying traffic entropy-based devices, computing the entropy values of traffic features. The method relies on machine learning to classify the traffic. The proposed method succeeded in identifying devices with a performance accuracy up to 94% and is robust with unpredictable network behavior with traffic anomalies spreading in the network.

Centralized, Distributed, and Everything in between

2022 ◽  
Vol 54 (7) ◽  
pp. 1-34
Author(s):  
Sophie Dramé-Maigné ◽  
Maryline Laurent ◽  
Laurent Castillo ◽  
Hervé Ganem
Keyword(s):  
Access Control ◽  
Future Research ◽  
The Internet ◽  
Research Directions ◽  
Security Issues ◽  
Security Properties ◽  
Future Research Directions ◽  
Iot Devices ◽  
The Internet Of Things ◽  
Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

scholarly journals ABSAC: Attribute-Based Access Control Model Supporting Anonymous Access for Smart Cities

2021 ◽  
Vol 2021 ◽  
pp. 1-11
Author(s):  
Runnan Zhang ◽  
Gang Liu ◽  
Shancang Li ◽  
Yongheng Wei ◽  
Quan Wang
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Private Information ◽  
Smart Cities ◽  
Control Model ◽  
User Privacy ◽  
Access Control Models ◽  
The Subject ◽  
Attribute Based Access Control ◽  
Iot Devices

Smart cities require new access control models for Internet of Things (IoT) devices that preserve user privacy while guaranteeing scalability and efficiency. Researchers believe that anonymous access can protect the private information even if the private information is not stored in authorization organization. Many attribute-based access control (ABAC) models that support anonymous access expose the attributes of the subject to the authorization organization during the authorization process, which allows the authorization organization to obtain the attributes of the subject and infer the identity of the subject. The ABAC with anonymous access proposed in this paper called ABSAC strengthens the identity-less of ABAC by combining homomorphic attribute-based signatures (HABSs) which does not send the subject attributes to the authorization organization, reducing the risk of subject identity re-identification. It is a secure anonymous access framework. Tests show that the performance of ABSAC implementation is similar to ABAC’s performance.

scholarly journals Towards Time-Sensitive and Verifiable Data Aggregation for Mobile Crowdsensing

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Tao Zhang ◽  
Xiongfei Song ◽  
Lele Zheng ◽  
Yani Han ◽  
Kai Zhang ◽  
...  
Keyword(s):  
Access Control ◽  
Data Aggregation ◽  
Large Scale ◽  
Response Speed ◽  
Aggregated Data ◽  
Mobile Crowdsensing ◽  
Time Sensitivity ◽  
Attribute Based Encryption ◽  
Personalized Services ◽  
Iot Devices

Mobile crowdsensing systems use the extraction of valuable information from the data aggregation results of large-scale IoT devices to provide users with personalized services. Mobile crowdsensing combined with edge computing can improve service response speed, security, and reliability. However, previous research on data aggregation paid little attention to data verifiability and time sensitivity. In addition, existing edge-assisted data aggregation schemes do not support access control of large-scale devices. In this study, we propose a time-sensitive and verifiable data aggregation scheme (TSVA-CP-ABE) supporting access control for edge-assisted mobile crowdsensing. Specifically, in our scheme, we use attribute-based encryption for access control, where edge nodes can help IoT devices to calculate keys. Moreover, IoT devices can verify outsourced computing, and edge nodes can verify and filter aggregated data. Finally, the security of the proposed scheme is theoretically proved. The experimental results illustrate that our scheme outperforms traditional ones in both effectiveness and scalability under time-sensitive constraints.

scholarly journals A Lightweight Two-Layer Blockchain Mechanism for Reliable Crossing-Domain Communication in Smart Cities

2021 ◽  
Author(s):  
Xiangyu Xu ◽  
Jianfei Peng
Keyword(s):  
Block Structure ◽  
Smart Cities ◽  
Consensus Protocol ◽  
Reliable Communication ◽  
Collusion Attack ◽  
Efficient Communication ◽  
Reliable Communications ◽  
Iot Devices ◽  
Cloud Servers ◽  
The Internet Of Things

The smart city is an emerging notion that is leveraging the Internet of Things (IoT) technique to achieve more comfortable, smart and controllable cities. The communications crossing domains between smart cities is indispensable to enhance collaborations. However, crossing-domain communications are more vulnerable since there are in different domains. Moreover, there are huge different devices with different computation capabilities, from sensors to the cloud servers. In this paper, we propose a lightweight two-layer blockchain mechanism for reliable crossing-domain communication in smart cities. Our mechanism provides a reliable communication mechanism for data sharing and communication between smart cities. We defined a two-layer blockchain structure for the communications inner and between smart cities to achieve reliable communications. We present a new block structure for the lightweight IoT devices. Moreover, we present a reputation-based multi-weight consensus protocol in order to achieve efficient communication while resistant to the nodes collusion attack for the proposed blockchain system. We also conduct a secure analysis to demonstrate the security of the proposed scheme. Finally, performance evaluation shows that our scheme is efficient and practical.

scholarly journals Exploiting Smart Contracts for Capability-Based Access Control in the Internet of Things

Sensors ◽  
2020 ◽  
Vol 20 (6) ◽  
pp. 1793 ◽  
Author(s):  
Yuta Nakamura ◽  
Yuanyu Zhang ◽  
Masahiro Sasabe ◽  
Shoji Kasahara
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Human Life ◽  
The Internet ◽  
Monetary Cost ◽  
Fine Grained ◽  
Smart Contract ◽  
Gas Consumption ◽  
Access Rights ◽  
The Internet Of Things

Due to the rapid penetration of the Internet of Things (IoT) into human life, illegal access to IoT resources (e.g., data and actuators) has greatly threatened our safety. Access control, which specifies who (i.e., subjects) can access what resources (i.e., objects) under what conditions, has been recognized as an effective solution to address this issue. To cope with the distributed and trust-less nature of IoT systems, we propose a decentralized and trustworthy Capability-Based Access Control (CapBAC) scheme by using the Ethereum smart contract technology. In this scheme, a smart contract is created for each object to store and manage the capability tokens (i.e., data structures recording granted access rights) assigned to the related subjects, and also to verify the ownership and validity of the tokens for access control. Different from previous schemes which manage the tokens in units of subjects, i.e., one token per subject, our scheme manages the tokens in units of access rights or actions, i.e., one token per action. Such novel management achieves more fine-grained and flexible capability delegation and also ensures the consistency between the delegation information and the information stored in the tokens. We implemented the proposed CapBAC scheme in a locally constructed Ethereum blockchain network to demonstrate its feasibility. In addition, we measured the monetary cost of our scheme in terms of gas consumption to compare our scheme with the existing Blockchain-Enabled Decentralized Capability-Based Access Control (BlendCAC) scheme proposed by other researchers. The experimental results show that the proposed scheme outperforms the BlendCAC scheme in terms of the flexibility, granularity, and consistency of capability delegation at almost the same monetary cost.

scholarly journals Evaluation of an IoT Application-Scoped Access Control Model over a Publish/Subscribe Architecture Based on FIWARE

Sensors ◽  
2020 ◽  
Vol 20 (15) ◽  
pp. 4341
Author(s):  
Alejandro Pozo ◽  
Álvaro Alonso ◽  
Joaquín Salvachúa
Keyword(s):  
Access Control ◽  
The Internet ◽  
Cyber Attack ◽  
Service Model ◽  
Production Chain ◽  
Household Tasks ◽  
Security Breaches ◽  
Hypertext Transfer Protocol ◽  
Iot Devices ◽  
The Internet Of Things

The Internet of Things (IoT) brings plenty of opportunities to enhance society’s activities, from improving a factory’s production chain to facilitating people’s household tasks. However, it has also brought new security breaches, compromising privacy and authenticity. IoT devices are vulnerable to being accessed from the Internet; they lack sufficient resources to face cyber-attack threats. Keeping a balance between access control and the devices’ resource consumption has become one of the highest priorities of IoT research. In this paper, we evaluate an access control architecture based on the IAACaaS (IoT application-Scoped Access Control as a Service) model with the aim of protecting IoT devices that communicate using the Publish/Subscribe pattern. IAACaaS is based on the OAuth 2.0 authorization framework, which externalizes the identity and access control infrastructure of applications. In our evaluation, we implement the model using FIWARE Generic Enablers and deploy them for a smart buildings use case with a wireless communication. Then, we compare the performance of two different approaches in the data-sharing between sensors and the Publish/Subscribe broker, using Constrained Application Protocol (CoAP) and Hypertext Transfer Protocol (HTTP) protocols. We conclude that the integration of Publish/Subscribe IoT deployments with IAACaaS adds an extra layer of security and access control without compromising the system’s performance.

scholarly journals Medium Access Control Protocols for the Internet of Things Based on Unmanned Aerial Vehicles: A Comparative Survey

Sensors ◽  
2020 ◽  
Vol 20 (19) ◽  
pp. 5586
Author(s):  
Shreya Khisa ◽  
Sangman Moh
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Medium Access Control ◽  
Unmanned Aerial Vehicles ◽  
Mac Protocols ◽  
The Internet ◽  
Medium Access ◽  
Aerial Vehicles ◽  
Iot Devices ◽  
The Internet Of Things

The Internet of Things (IoT), which consists of a large number of small low-cost devices, has become a leading solution for smart cities, smart agriculture, smart buildings, smart grids, e-healthcare, etc. Integrating unmanned aerial vehicles (UAVs) with IoT can result in an airborne UAV-based IoT (UIoT) system and facilitate various value-added services from sky to ground. In addition to wireless sensors, various kinds of IoT devices are connected in UIoT, making the network more heterogeneous. In a UIoT system, for achieving high throughput in an energy-efficient manner, it is crucial to design an efficient medium access control (MAC) protocol because the MAC layer is responsible for coordinating access among the IoT devices in the shared wireless medium. Thus, various MAC protocols with different objectives have been reported for UIoT. However, to the best of the authors’ knowledge, no survey had been performed so far that dedicatedly covers MAC protocols for UIoT. Hence, in this study, state-of-the-art MAC protocols for UIoT are investigated. First, the communication architecture and important design considerations of MAC protocols for UIoT are examined. Subsequently, different MAC protocols for UIoT are classified, reviewed, and discussed with regard to the main ideas, innovative features, advantages, limitations, application domains, and potential future improvements. The reviewed MAC protocols are qualitatively compared with regard to various operational characteristics and system parameters. Additionally, important open research issues and challenges with recommended solutions are summarized and discussed.

scholarly journals A Novel Smart City-Based Framework on Perspectives for Application of Machine Learning in Combating COVID-19

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Absalom E. Ezugwu ◽  
Ibrahim Abaker Targio Hashem ◽  
Olaide N. Oyelade ◽  
Mubarak Almutari ◽  
Mohammed A. Al-Garadi ◽  
...  
Keyword(s):  
Machine Learning ◽  
Smart Cities ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Learning Approach ◽  
Learning Framework ◽  
National Healthcare ◽  
Machine Learning Approach ◽  
The Internet Of Things ◽  
Analyze Data

The spread of COVID-19 worldwide continues despite multidimensional efforts to curtail its spread and provide treatment. Efforts to contain the COVID-19 pandemic have triggered partial or full lockdowns across the globe. This paper presents a novel framework that intelligently combines machine learning models and the Internet of Things (IoT) technology specifically to combat COVID-19 in smart cities. The purpose of the study is to promote the interoperability of machine learning algorithms with IoT technology by interacting with a population and its environment to curtail the COVID-19 pandemic. Furthermore, the study also investigates and discusses some solution frameworks, which can generate, capture, store, and analyze data using machine learning algorithms. These algorithms can detect, prevent, and trace the spread of COVID-19 and provide a better understanding of the disease in smart cities. Similarly, the study outlined case studies on the application of machine learning to help fight against COVID-19 in hospitals worldwide. The framework proposed in the study is a comprehensive presentation on the major components needed to integrate the machine learning approach with other AI-based solutions. Finally, the machine learning framework presented in this study has the potential to help national healthcare systems in curtailing the COVID-19 pandemic in smart cities. In addition, the proposed framework is poised as a pointer for generating research interests that would yield outcomes capable of been integrated to form an improved framework.

Sign in / Sign up

Export Citation Format

Share Document