See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/317522767

ON THE USABILITY OF ACCESS CONTROL MODELS IN IOT

Conference Paper · June 2017

CITATIONS READS

2 270

3 authors:

Milan Stojkov Branko Milosavljević

University of Novi Sad University of Novi Sad
11 PUBLICATIONS   18 CITATIONS    93 PUBLICATIONS   557 CITATIONS   

SEE PROFILE SEE PROFILE

Goran Sladic
University of Novi Sad
77 PUBLICATIONS   231 CITATIONS   

SEE PROFILE

Some of the authors of this publication are also working on these related projects:

Clean CaDET (Clean Code and Design Educational Tool) View project

Constellations View project

All content following this page was uploaded by Milan Stojkov on 11 June 2017.

The user has requested enhancement of the downloaded file.

 The 8th PSU-UNS International Conference on Engineering and
Technology (ICET-2017), Novi Sad, Serbia, June 8-10, 2017
University of Novi Sad, Faculty of Technical Sciences

ON THE USABILITY OF ACCESS

CONTROL MODELS IN IOT
Milan Stojkov1*, Branko Milosavljević1, Goran Sladić1
1
University of Novi Sad, Faculty of Technical Sciences, Novi Sad, Serbia
*Authors to correspondence should be addressed via emails: [email protected]

Abstract: Internet of Things is very popular research devices, unauthorized access to these devices and
topic since the market is flooded with new devices every privacy risks. At the perceptual layer, nodes are usually
day. These devices are being accessed through lossy very simple and lack computational power and storage
networks and intensively exchanging information capacity. For these reasons, it is very hard to establish
between each other. Security and privacy are the key better protection in terms of integrity, authenticity, and
issues which have to be addressed before deploying new confidentiality. For example, public key encryption
devices to the IoT ecosystems. The access control is one algorithms are very costly to apply, hence the
of the fundamental ways of risk mitigation in any recommended way to go is still symmetric key
environment and still there is not enough research in this cryptography which is more lightweight and meets the
area. This paper analyzes how existing traditional access needs for efficient end-to-end communication and is
control methods fit in IoT environment, and proposes applicable for the devices with constrained resources.
how to improve them to make them more usable for IoT. Security issues such as DOS/DDOS attacks,
Key Words: Internet of Things/ Authorization/ forgery/middle attack, heterogeneous network attacks,
Access Control/ RBAC/ ABAC/ CapBAC application risk of IPv6, WLAN application conflicts
affect the transport security of IoT[3]. At the application
layer, since the services cover a variety of peoples'
1. INTRODUCTION needs, different security problems in terms of access
control, data privacy and disclosure of information can
Nowadays, Internet of Things (IoT) has attracted
occur[4].
interest from both academia and industry. The idea of the
Among all the security issues, authentication and
IoT concept is the pervasive presence of a variety of
access control are known as the central elements to
things or objects in the observed environment - such as
address the security and privacy problems in computer
Radio-Frequency Identification (RFID) tags, sensors,
networks. They can prevent unauthorized users from
actuators, mobile phones, etc. – which, through unique
gaining access to resources, as well as prevent authorized
addressing schemes, are able to interact with each other
users from access resources which are not accessible to
and cooperate with their neighbours to reach common
them, and of course, to enable legitimate users to access
goals [1]. IoT architecture is logically divided into
resources in an authorized manner[5]. Since IoT devices
perception layer, transport layer, and application layer
are considered to be one of the main sources of the data
[2]. The security architecture accompanied by
generation, they also fit well in the big data environment.
corresponding security concerns is given in Figure 1.
That said, an academic at the University of Texas at San
The perception layer collects various information
Antonio claimed that access control is one of the most
through physical equipment. These nodes are connected
powerful and fundamental ways of risk mitigation in any
to the transport layer via a gateway which represents a
application. Interestingly, despite security concerns
subnet manager for these nodes. The second layer,
raised by big data applications, there is minimal research
transport layer, is responsible for the transmission of
in this area [6]. In this paper, authors tackle access
information from perception layer, initial processing of
control models in IoT.
information and classification. It is a combination of
The rest of this paper is organized as follows: Section
different heterogeneous networks. The application layer
II presents related work in the area of access control
enables users services according to their needs, and users
models in IoT. Section III describes some existing access
can access to the IoT using a device which can connect
control models, how they fit into the considered IoT
to these services. However, interconnecting many
environment and how it can be adjusted to fill the gaps.
devices also includes the possibility of interconnecting
The conclusion of the paper is presented in Section IV.
many different security risks, such as eavesdropping on
the wireless communication channel, tampering with
 Figure 1. Security architecture and security concerns in IoT layers
3.1. Role-Based Access Control (RBAC)
The RBAC is considered to be most widely adopted
2. RELATED WORK access control method in terms of the usage and
Although there is not enough research in the area of implementation. It is a method of regulating access to
access control models in IoT, there have been a few node resources based on the roles of individual users
proposals that solve different shortcomings of existing within a system. As a model, RBAC is being
access models. In [7], authors proposed hybrid access continuously developed in order to overcome the safety
control model based on RBAC and ABAC in order to issues of the core model. For example, one of the
improve some performance of the two. Proposed solution limitations of RBAC is that the model does not consider
in [8] describes the issue of role and permission the impacts of time and location. For tackling this issues,
delegation based on RBAC in a cross-domain GEO-RBAC was proposed in [10] which allows the user
environment using capabilities where the idea is to map to activate the corresponding role in a specific location
capabilities into roles and permissions in each domain. In based on the location of the user. That proposed model
[5] existing authentication and access control methods does not consider the impacts of the spatial limitation of
were analyzed and RBAC was used as the starting point the role hierarchy or separation of duties so generalized
for a design of feasible one for the IoT. The experimental spatiotemporal role-based access control (GSTRBAC)
results are not provided and the shortcomings of using model was proposed later in [11]. Since the access
RBAC are presented later in this paper. The proposed permissions can be assigned only through roles, and IoT
solution in [9] uses CapBAC. Capabilities are exchanged systems are considered as systems with a lot of nodes
in conjunction with a SHA-1 message digest in order to (users), which in return can imply the existence of a lot
check the tampering and forgery of the capabilities. The of roles, RBAC seems to be unfit because it has limited
details on the communication technologies involved or granularity. Also, the RBAC model is vulnerable to
the content of the capability tokens are not provided. confused deputy problem. Time efficiency for low-level
access, as well as scalability issues, are also
3. ACCESS CONTROL MODELS disadvantages of RBAC implemented in IoT
environment making this model inappropriate for
The concept of access control is established many targeted use.
years ago, and with every new technology that emerges
in the modern age, access control finds its use there. Four 3.2 Attribute-Based Access Control (ABAC)
main parts make the access control mechanism: The ABAC is newer, simpler to implement than
1. Identification – the process of assigning a RBAC, and accommodates real-time environmental
responsible user/device for making an action states as access control parameters. The ABAC tries to
2. Authentication – the ways used to prove the solve the problem of the potentially big number of roles
right to use an identity, role, attribute, etc. in RBAC concept by using user's, resource's or
3. Authorization – the ways of expressing the environment's properties to specify access policies. This
access policy by explicitly granting a right gives ABAC advantage to be applied to the scenarios
4. Access Decision – by combining the first where users are dynamically changing. The core of
three parts, it should be decided if the ABAC are policies which are generated by the Boolean
request should be fulfilled expressions of attributes.
In the following subsections, two most widely used The first main drawback is that policies, mainly
traditional access control models and one emerging based on the X.509 Attribute Certificate, can be very
model are analyzed. complex and the authentication method of the attribute
certificates are too strict, so the extension of the rules can
be difficult. Also, there is still a problem to solve the
least privilege principle. Also, the defined attributes have IoT environment expects to have a lot of devices
to be consistent within a domain of use, and domain in included, some kind of authorized service can be
IoT systems can vary, implying that attributes should established to generate these tokens for nodes that have
even be self-adjusted. Scalability issues in terms of the same features. This approach was a part of research
managing trust among different attribute and service presented in [14-15]. Also, token representation should
providers can be a problem in ABAC. With an enhanced be standardized. Overall, CapBAC is the model which
number of resources, this issue can be categorized even can be more easily adjusted and enhanced to the IoT
as a critical. Another problem that concerns ABAC (and needs.
RBAC) is that these models do not provide flexible
delegation of rights. For example, when one device goes 4. CONCLUSION
offline in the system due to failure or maintenance, there In this paper, authors presented a few traditional
should be a way to quickly manage temporary delegation access control models and gave their insights of how
of rights from the offline device to another working one. those models fit in IoT environment. Main shortcomings
In the IoT environment where a great number of devices of every model are listed. RBAC and ABAC are
is expected this is also considered as a relevant issue. considered inflexible, difficult to use and upgrade, hence
ABAC can be considered as a better approach than inadequate for IoT usage. Furthermore, in both models, it
RBAC, but still not good enough for IoT systems. is necessary to manage the trust of information providers
3.3 Capability Based Acess Control (CapBAC) and consumers with a central entity which is absent in
IoT environment and is considered to be the potential
In recent years, the access control model based on single point of failure. The roles and attributes cannot be
capabilities (CapBAC) has been postulated as a realistic defined in a consistent and general way since every
approach to being used in IoT [12]. The key concept of device is usually autonomous. If the only option is to use
this approach is the capability. The concept of capability ABAC and RBAC, they would have to be modified and
was originally defined as token, ticket, or key that gives used together to gain better performance. CapBAC can
the possessor permission to access an entity or object in a be a good starting point for modeling new access control
computer system[13]. Through the token, which every model suited for IoT. It covers a wide range of relevant
node has, one node can grant or revoke access rights to aspects concerning IoT environment such as scalability,
another node. The CapBAC supports the least privilege fulfilling the Least Privilege principle by default and
principle and more fine-grained access control. Also, it easy delegation of rights. Summary of the results is
has fewer security issues such as no confused deputy presented in Table 1.
problem. The complexity of nodes is not an issue for
CapBAC. The main disadvantage is that every node has
to have generated token with defined capabilities. Since

Table 1. Comparison of different access control models

Flexible
Time Easy to manage
Model Generic Scalable Granular delegation of
Efficient and upgrade
rights

Yes
RBAC No No No No No
(limited)

ABAC No No Yes No No No

CapBAC Yes Yes Yes Yes Yes Yes

[3] Q. Jing, et al. “Security of the Internet of Things:

In further work, authors will try to propose their own perspectives and challenges.” Wireless
access control model which will try to solve Networks 20.8 (2014): 2481-2501.
shortcomings detected during this research. [4] H. Suo, et al. “Security in the internet of things: a
review.” Computer Science and Electronics
5. REFERENCES Engineering (ICCSEE), 2012 international
conference on. Vol. 3. IEEE, 2012.
[1] D. Giusto, A. Iera, G. Morabito, L. Atzori (Eds.), [5] J. Liu, X. Yang, P. C. CL. “Authentication and
“The Internet of Things”, 1661 Springer, 2010. access control in the internet of things.” Distributed
ISBN: 978-1-4419-1673-0. Computing Systems Workshops (ICDCSW), 2012
[2] L. Atzori, A. Iera, G. Morabito, “The internet of 32nd International Conference on. IEEE, 2012.
things: A survey”, Computer Networks, 54(2010)15, [6] R. Krishnan. Access control and privacy policy
2787-2805. challenges in big data. NSF workshop on big data
security and privacy
 [7] S. Kaiwen, Y. Lihua. “Attribute-role-based hybrid based access control model." IEEE Systems
access control in the internet of things.” Asia-Pacific Journal 7.3 (2013): 501-515.
Web Conference. Springer International Publishing, [12] S. Gusmeroli, S. Piccione, D. Rotondi. "A
2014. capability-based security approach to manage access
[8] K. Hasebe, M. Mabuchi, A. Matsushita, “Capability- control in the internet of things." Mathematical and
based delegation model in RBAC,” Proc. of the 15th Computer Modelling 58.5 (2013): 1189-1205.
ACM symposium on Access control models and [13] J. Dennis, E. V. Horn. “Programming Semantics for
technologies, SACMAT 2010. New York, USA: Multiprogrammed Computations” Communications
ACM, 2010, pp. 109–118. of the ACM, 9(3):143–155. 1966
[9] P. N. Mahalle, B. Anggorojati, N. R. Prasad, and R. [14] G. D. Skinner. “Cyber Security Management of
Prasad. “Identity-driven Capability based Access Access Controls in Digital Ecosystems and
Control (ICAC) for the Internet of Things. Proc. of Distributed Environments”. Proc. 6th Int. Conf. on
the 6th IEEE International Conference on Advanced Information Technology and Applications (ICITA
Networks and Telecommunications Systems 2009), pp. 77-82. 2009
(ANTS’12), pp. 49–54. IEEE, 2012. [15] L. Fang, D. Gannon, F. Siebenlist. “XPOLA – An
[10] E. Bertino, B. Catania, M.L. Damiani, P. Perlasca. Extensible Capability-based Authorization
GEO-RBAC: A spatially aware RBAC. ACM Infrastructure for Grids.” 4th Annual PKI R&D
Transactions on Information and System Security Workshop, pp. 30-40. 2005
(TISSEC) 10.1 (2007): 2.
[11] R. Abdunabi, et al. "Specification, validation, and
enforcement of a generalized spatio-temporal role-

View publication stats