Top

Published in:

2018 | OriginalPaper | Chapter

A Model-Driven Approach for Access Control in Internet of Things (IoT) Applications – An Introduction to UMLOA

Authors : Mehreen Khan, Muhammad Waseem Anwar, Farooque Azam, Fatima Samea, Muhammad Fahad Shinwari

Published in: Information and Software Technologies

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The Internet of Things (IoT) is a collection of billions of devices attached to the internet that collect and exchange data using nodes, sensors, and controllers. The world is now continuously shifting from the traditional approaches to the IoT technology in order to meet the demands of modern technological advancements. However, the selection and implementation of right access control method in IoT applications is always challenging. In this context, OAuth is a renowned access control protocol in IoT applications. However, it is difficult to provide access control in IoT application through OAuth due to its implementation complexity. Therefore, there is a strong dire to introduce a model based approach that provide simple access control mechanism in IoT applications while preserving the major OAuth features. This article introduces Unified Modeling Language profile for OAuth (UMLOA) to model the access control requirements for IoT applications. Particularly, UMLOA is capable of modeling confidentiality, integrity, availability, scalability, and interoperability requirements in IoT applications. This provides the basis to transform the UMLOA source models into different target models (e.g. iFogSim etc.) for early verification of access control requirements. The applicability of UMLOA is validated through intelligent shipping container case study.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Visualization for Open Access – A Case Study of Karlstad University and the University of Makerere in Uganda

next chapter A Workflow-Based Large-Scale Patent Mining and Analytics Framework

Mineraud, J., Mazhelis, O., Su, X., Tarkuma, S.: A gap analysis of Internet-of-Things platforms. J. Comput. Commun. 89(C), 5–16 (2016)CrossRef

Wu, X., Steinfeld, R., Liu, J., Rudolph, C.: An implementation of access-control protocol for IoT home scenario. In: IEEE/ACIS 16th International Conference on Computer and Information Science (ICIS) (2017)

Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other botnets. Computer 50(7), 80–84 (2017)CrossRef

Minoli, D., Soharby, K., Kouns, J.: IoT Security (IoTSec) considerations, requirements, and architectures. In: IEEE Annual Consumer Communications and Networking Conference (CCNC) (2017)

Kim, Y.-G., Oh, S.-R.: Security requirements analysis for the IoT. In: International Conference on Platform Technology and Service (PlatCon) (2017)

Sciancalepore, S., Piro, G., Caldarola, D., Boggia, G., Bianchi, G.: OAuth-IoT: an access control framework for the IoT based on open standards. In: IEEE Symposium on Computers and Communications (ISCC) (2017)

Pasta, B., Pieres, P.P.: Design and analysis of IoT applications: a model-driven approach. In: 4th International Conference on Dependable, Autonomic and Secure Computing (2016)

Cirani, S., Picone, M., Gonizzi, P., Veltri, L., Ferrari, G.: IoT-OAS: an OAuth-based authorization service architecture for secure services in IoT scenarios. IEEE Sens. J. 15(2), 1224–1234 (2015)CrossRef

Ouaddah, A., Mousannif, H., Elkalam, A.A.: Access control in the Internet of Things: big challenges and new opportunities. J. Comput. Netw. 122(C), 237–262 (2017)CrossRef

10.

Jensen, J., Jaatun, M.G.: Security in model driven development: a survey. In: IEEE International Conference on Availability, Reliability and Stability (2014)

11.

Fernandes, E., Rahmati, A., Eykholt, K., Prakash, A.: Internet of Things security research: a rehash of old ideas or new intellectual challenges? IEEE Priv. Secur. 15(4), 79–84 (2017)CrossRef

12.

Alqasem, I.: Privacy and security requirements for Internet of things (IoT). In: ICSE Companion (2014)

13.

Chernyshev, M., Baig, Z., Bello, O., Zeadally, S.: Internet of Things (IoT): research, simulators, and testbeds. IEEE Internet of Things J. (2017)

14.

Peter, S., Gopal, R.K.: Multi-level authentication system for smart home-security analysis and implementation. In: International Conference on Inventive Computation and Technology (2016)

15.

Koivu, A., et al.: Software security considerations for IoT. In: IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) (2016)

16.

Stout, W.Ms., Urias, V.E.: Challenges to securing Internet of Things. In: IEEE International Carnahan Conference on Security Technology (ICCST) (2016)

17.

Gabriel, H., Timoteo, R.: Security analysis of a proposed Internet of Things middleware. J. Cluster Comput. 20(1), 651–660 (2017)CrossRef

18.

Emerson, S., Choi, Y.K., Hwang, D.Y., Kim, K.S., Kim, K.H.: An OAuth based authentication mechanism for IoT networks. In: IEEE International Conference on Information and Communication Technology Convergence (ICTC) (2015)

19.

Yu, T., Sekar, V., Seshan, S., Agarwal, Y., Xu, C.: Handling a trillion (unfixable) flaws on a billion devices: rethinking network security for the Internet-of-Things. In: Proceeding 14th ACM Workshop on Hot Topics in Networks, p. 5 (2015)

20.

Anwar, M.W., Rashid, M., Azam, F., Kashif, M.: Model-based design verification for embedded systems through SVOCL: an OCL extension for SystemVerilog. J. Des. Autom. Embed. Syst. 21(1), 1–36 (2017). https://doi.org/10.1007/s10617-017-9182-zCrossRef

Title: A Model-Driven Approach for Access Control in Internet of Things (IoT) Applications – An Introduction to UMLOA
Authors: Mehreen Khan
Muhammad Waseem Anwar
Farooque Azam
Fatima Samea
Muhammad Fahad Shinwari
Publisher: Springer International Publishing
Book: Information and Software Technologies
Print ISBN: 978-3-319-99971-5

Electronic ISBN: 978-3-319-99972-2

Copyright Year: 2018
DOI: https://doi.org/10.1007/978-3-319-99972-2_16

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner