Title | Securing User Access at IoT Middleware Using Attribute Based Access Control |
Publication Type | Conference Paper |
Year of Publication | 2019 |
Authors | Garg, Hittu, Dave, Mayank |
Conference Name | 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT) |
Date Published | jul |
Keywords | Access Control, attribute based access control, attribute-based encryption, authentication, authorisation, Authorization, ciphertext-policy attribute-based encryption, computer network security, cryptography, data encryption, data handling, device data, Human Behavior, Internet of Things, internetworking, IoT, IoT devices, IoT gateway, IoT middleware, IoT system architecture, Logic gates, middleware, middleware layer, policy-based governance, pubcrawl, Scalability, security, typical IoT system model, user access control |
Abstract | IoT middleware is an additional layer between IoT devices and the cloud applications that reduces computation and data handling on the cloud. In a typical IoT system model, middleware primarily connects to different IoT devices via IoT gateway. Device data stored on middleware is sensitive and private to a user. Middleware must have built-in mechanisms to address these issues, as well as the implementation of user authentication and access control. This paper presents the current methods used for access control on middleware and introduces Attribute-based encryption (ABE) on middleware for access control. ABE combines access control with data encryption for ensuring the integrity of data. In this paper, we propose Ciphertext-policy attribute-based encryption, abbreviated CP-ABE scheme on the middleware layer in the IoT system architecture for user access control. The proposed scheme is aimed to provide security and efficiency while reducing complexity on middleware. We have used the AVISPA tool to strengthen the proposed scheme. |
DOI | 10.1109/ICCCNT45670.2019.8944879 |
Citation Key | garg_securing_2019 |