nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

Understanding Security Challenges and Defending Access Control Models for Cloud-Based Internet of Things Network

verfasst von : Pallavi Zambare, Ying Liu

Erschienen in: Internet of Things. Advances in Information and Communication Technology

Verlag: Springer Nature Switzerland

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Access control is one of the most important measures for protecting information and system resources because it prevents unauthorized users from gaining access to protected objects and legitimate users from exceeding their access rights. This paper provides an in-depth exploration of the security challenges posed by the confluence of Internet of Things (IoT) networks and cloud-based architectures, with a particular focus on Access Control Models (ACMs). As the integration of IoT devices with cloud services becomes more pervasive, securing access to resources and data has emerged as a critical area of concern. To address this, we delve into the principles of Access Control and their applications within a Cloud-IoT Architecture. The paper dissects popular ACMs, exploring their strengths, limitations, and suitability for securing Cloud-IoT networks. Along with these the comprehensive analysis of the prevalent Cloud Security Challenges are presented, highlighting the vulnerabilities in current ACMs and proposing potential mitigations. In addition, open research challenges are identified, underlining the need for further investigation and development in this area. The goal of this work is to provide a thorough understanding of the issues and threats in this domain and contribute to the advancement of robust, secure, and efficient access control mechanisms for the evolving landscape of Cloud-IoT networks.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel An Efficient and Secure Mechanism for Ubiquitous Sustainable Computing System

Nächstes Kapitel Fog Computing in the Internet of Things: Challenges and Opportunities

Hassanalieragh, M., et al.: Health monitoring and management using Internet-of-Things (IoT) sensing with cloud-based processing: opportunities and challenges. In: 2015 IEEE International Conference on Services Computing, pp. 285–292. IEEE (2015)

Khan, R., Khan, S.U., Zaheer, R., Khan, S.: Future Internet: the Internet of Things architecture, possible applications and key challenges. In: 2012 10th International Conference on Frontiers of Information Technology, pp. 257–260. IEEE (2012)

Islam, S.M.R., Hossain, M., Hasan, R., Duong, T.Q.: A conceptual framework for an IoT-based health assistant and its authorization model. In: 2018 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC), pp. 616–621. IEEE (2018)

Sandhu, R.: Rationale for the RBAC96 family of access control models. In: Proceedings of the First ACM Workshop on Role-Based Access Control, pp. 9-es (1996)

Thomas, R.K., Sandhu, R.S.: Task-based authorization controls (TBAC): a family of models for active and enterprise-oriented authorization management. Status and Prospects, Database Security XI (1998)

Karataş, G., Akbulut, A.: Survey on access control mechanisms in cloud computing. J. Cyber Secur. Mobility 7(3), 1–36 (2018)

Goudarzi, M., Ilager, S., Buyya, R.: Cloud Computing and Internet of Things: recent trends and directions. In: Buyya, R., Garg, L., Fortino, G., Misra, S. (eds.) New Frontiers in Cloud Computing and Internet of Things. Internet of Things. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-05528-7_1

Sandhu, R.S.: Role-based access control. In: Advances in Computers, vol. 46, pp. 237–286. Elsevier (1998)

Kalam, A.A.E., et al.: Organization based access control. In: Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks, pp. 120–131. IEEE (2003)

10.

Liu, M., Yang, C., Li, H., Zhang, Y.: An efficient attribute-based access control (ABAC) policy retrieval method based on attribute and value levels in multimedia networks. Sensors 20(6), 1741 (2020)

11.

Hu, V.C., et al.: Guide to attribute based access control (ABAC) definition and considerations (draft). NIST Spec. Publ. 800-162 (2013)

12.

Ye, N., Zhu, Y., Wang, R., Malekian, R., Lin, Q.: An efficient authentication and access control scheme for perception layer of Internet of Things. Appl. Math. Inf. Sci. 8(4), 1617 (2014)CrossRef

13.

Kaiwen, S., Lihua, Y.: Attribute-role-based hybrid access control in the Internet of Things. In: Han, W., Huang, Z., Hu, C., Zhang, H., Guo, L. (eds.) APWeb 2014. LNCS, vol. 8710, pp. 333–343. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11119-3_31CrossRef

14.

Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. ACM Trans. Inf. Syst. Secur. (TISSEC) 8(4), 351–387 (2005)CrossRef

15.

Park, J., Sandhu, R.: Towards usage control models: beyond traditional access control. In: Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies, pp. 57–64 (2002)

16.

Riad, K., Yan, Z.: Multi-factor synthesis decision-making for trust-based access control on cloud. Int. J. Coop. Inf. Syst. 26(04), 1750003 (2017)

17.

Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the Internet of Things. Math. Comput. Model. 58(5–6), 1189–1205 (2013)CrossRef

18.

Bouij-Pasquier, I., Ouahman, A.A., El Kalam, A.A., de Montfort, M.O.: SmartOrBAC security and privacy in the Internet of Things. In: 2015 IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA), pp. 1–8. IEEE (2015)

19.

El Bouanani, S., El Kiram, M.A., Achbarou, O., Outchakoucht, A.: Pervasive-based access control model for IoT environments. IEEE Access 7, 54575–54585 (2019)CrossRef

20.

Zhu, Y., Qin, Y., Gan, G., Shuai, Y., Chu, W.C.-C.: TBAC: transaction-based access control on blockchain for resource sharing with cryptographically decentralized authorization. In: 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), vol. 1, pp. 535–544. IEEE (2018)

21.

Chatterjee, S., Das, A.K.: An effective ECC-based user access control scheme with attribute-based encryption for wireless sensor networks. Secur. Commun. Netw. 8(9), 1752–1771 (2015)CrossRef

22.

Srivastava, S., Chaurasia, B.K., Singh, D.: Blockchain-based IoT security solutions. In: Distributed Computing to Blockchain, pp. 327–339. Academic Press (2023)

23.

Nižetić, S., Šolić, P., Lopez-de-Ipiña Gonzalez-De, D., Patrono, L.: Internet of Things (IoT): opportunities, issues and challenges towards a smart and sustainable future. J. Cleaner Prod. 274, 122877 (2020)CrossRef

Titel: Understanding Security Challenges and Defending Access Control Models for Cloud-Based Internet of Things Network
verfasst von: Pallavi Zambare
Ying Liu
Verlag: Springer Nature Switzerland
Buch: Internet of Things. Advances in Information and Communication Technology
Print ISBN: 978-3-031-45881-1

Electronic ISBN: 978-3-031-45882-8

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-3-031-45882-8_13

Premium Partner

Bildnachweise

Rittal/© Rittal, NTT Data/© NTT Data, Wildix/© Wildix, Ceyoniq Technology GmbH/© Ceyoniq Technology GmbH, arvato Systems GmbH/© arvato Systems GmbH, Ninox Software GmbH/© Ninox Software GmbH, Everyday Software S.L./© Everyday Software S.L., Redgate/© Redgate, CELONIS Labs GmbH, DC-Datacenter-Group GmbH/© DC-Datacenter-Group GmbH, all for one/© all for one, G Data CyberDefense/© G Data CyberDefense, FAST LTA/© FAST LTA, Vendosoft/© Vendosoft, Kumavision/© Kumavision, Noriis Network AG/© Noriis Network AG, WSW Software GmbH/© WSW Software GmbH

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"