Scenario-Driven Device-to-Device Access Control in Smart Home IoT

The Internet of Things (IoT) has been widely integrated in people's everyday lives. As an infrastructure of connected heterogeneous devices, IoT has not yet achieved the seamless integration of device-to-device collaboration which is necessary for real-life home automation. Smart home IoT devices expect to exchange their collected data or status in certain circumstances, in spite of their heterogeneity, viz. working with different communication protocols, IoT platforms, middleware, data and semantics. Deploying appropriate access control models and mechanisms is of utmost importance as any unauthorized access to data could have a cascading violation of privacy, safety and security of users. In this work, we propose a novel device-to-device access control paradigm in the smart home IoT. Our approach relies on message passing as the paradigm for device-to-device interactions. We further introduce actions and scenarios reflecting the chain of events in the smart home context, which facilitates scenario-driven attribute-based access control. Each scenario is triggered by triggering events, based on previously set administrative definitions. We define totally ordered sets of triggering events using priorities to enable conflict resolution for devices which may run into conflicting commands delivered though messages in different ongoing scenarios. The viability of the proposed approach is substantiated via a formal model and an enforcement architecture, backed up by a proof-of-concept implementation which affirms a trade-off between required authorization and efficacy. Potential future challenges are explored in the context of smart home IoT platforms.

• Publication year

  2022

• Venue

  International Conference on Trust, Privacy and Security in Intelligent Systems and Applications

• Publication date

  2022-12-01

• Fields of study

  Computer Science, Engineering, Environmental Science

• Identifiers
  DOI 10.1109/TPS-ISA56441.2022.00035
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• An Attribute-Based Approach toward a Secured Smart-Home IoT Access Control and a Comparison with a Role-Based Approach

  2022cited by this paper
• CAPLets: Resource Aware, Capability-Based Access Control for IoT

  2021cited by this paper
• Establishing Confidence in IoT Device Security: How do we get there? (Draft)

  2021cited by this paper
• Access control and authorization in smart homes: A survey

  2021cited by this paper
• Ruledger: Ensuring Execution Integrity in Trigger-Action IoT Platforms

  2021cited by this paper
• A Multi Perspective Access Control in a Smart Home

  2021cited by this paper
• Blockchain for Access Control Systems

  2021cited by this paper
• The HABAC Model for Smart Home IoT and Comparison to EGRBAC

  2021cited by this paper
• A new scalable authentication and access control mechanism for 5G-based IoT

  2020cited by this paper
• Internet of Things (IoT) for Next-Generation Smart Systems: A Review of Current Challenges, Future Trends and Prospects for Emerging 5G-IoT Scenarios

  2020cited by this paper
• A Survey on Access Control in the Age of Internet of Things

  2020cited by this paper
• Survey on Identity and Access Management for Internet of Things

  2020cited by this paper
• Security and Privacy Implementation in Smart Home: Attributes Based Access Control and Smart Contracts

  2020cited by this paper
• The EGRBAC Model for Smart Home IoT

  2020cited by this paper
• Blockchain-Based Access Control for IoT in Smart Home Systems

  2020cited by this paper
• Smart Home Beyond the Home: A Case for Community-Based Access Control

  2020cited by this paper
• ABAC-CC: Attribute-Based Access Control and Communication Control for Internet of Things

  2020cited by this paper
• Context Sensitive Access Control in Smart Home Environments

  2020influential reference
• IoT Passport: A Blockchain-Based Trust Framework for Collaborative Internet-of-Things

  2019cited by this paper
• Overview of Device Access Control in the IoT and its Challenges

  2019cited by this paper
• Access control in the Internet of Things: a survey of existing approaches and open research questions

  2019cited by this paper
• An Interoperable Access Control Framework for Diverse IoT Platforms Based on OAuth and Role

  2019cited by this paper
• PrivHome: Privacy-Preserving Authenticated Communication in Smart Home Environment

  2019cited by this paper
• Access control in Internet-of-Things: A survey

  2019cited by this paper
• Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study

  2019cited by this paper
• VICINITY: IoT Semantic Interoperability Based on the Web of Things

  2019cited by this paper
• Secure D2D Communication for 5G IoT Network Based on Lightweight Cryptography

  2019cited by this paper
• Kratos: multi-user multi-device-aware access control system for the smart home

  2019cited by this paper
• Towards Multi-layer Interoperability of Heterogeneous IoT Platforms: The INTER-IoT Approach

  2018cited by this paper
• Access Control Mechanism for IoT Environments Based on Modelling Communication Procedures as Resources

  2018cited by this paper
• Contexts-States-Aware Access Control for Internet of Things

  2018cited by this paper
• OrBAC from access control model to access usage model

  2018cited by this paper
• Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms

  2018cited by this paper
• Securing Home IoT Environments with Attribute-Based Access Control

  2018cited by this paper
• Access Control Enforcement within MQTT-based Internet of Things Ecosystems

  2018influential reference
• Interoperability in Internet of Things: Taxonomies and Open Challenges

  2018cited by this paper
• Sensitive Information Tracking in Commodity IoT

  2018cited by this paper
• Rethinking Access Control and Authentication for the Home Internet of Things (IoT)

  2018cited by this paper
• FACT: Functionality-centric Access Control System for IoT Programming Frameworks

  2017cited by this paper
• An Overview of Access Control Mechanisms for Internet of Things

  2017cited by this paper
• Virtual Neighbourhood Network to Connect IoT Infrastructures and Smart Objects –

  2017cited by this paper
• Security and privacy issues for an IoT based smart home

  2017cited by this paper
• Unlocking the Potential of the Internet of Things to Improve Resource Efficiency in Food Supply Chains

  2017cited by this paper
• An open virtual neighbourhood network to connect IoT infrastructures and smart objects — Vicinity: IoT enables interoperability as a service

  2017cited by this paper
• Blockchain for IoT security and privacy: The case study of a smart home

  2017cited by this paper
• Security Vulnerabilities of Internet of Things: A Case Study of the Smart Plug System

  2017cited by this paper
• IoT Goes Nuclear: Creating a ZigBee Chain Reaction

  2017cited by this paper
• Access control in the Internet of Things: Big challenges and new opportunities

  2017cited by this paper
• A threat-model for building and home automation

  2016cited by this paper
• Towards the cross-domain interoperability of IoT platforms

  2016cited by this paper
• Intelligent Device-to-Device Communication in the Internet of Things

  2016cited by this paper
• Mind the tracker you wear: a security analysis of wearable health trackers

  2016cited by this paper
• Building an IoT Open Innovation Ecosystem for Connected Smart Objects

  2016cited by this paper
• Security Analysis of Emerging Smart Home Applications

  2016cited by this paper
• AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle

  2016cited by this paper
• Architectural Considerations in Smart Object Networking

  2015influential reference
• An experimental study of security and privacy risks with emerging household appliances

  2014cited by this paper
• The Current State of Access Control for Smart Devices in Homes

  2013cited by this paper
• Context-aware Dynamic Discovery and Configuration of 'Things' in Smart Environments

  2013cited by this paper
• Capability-based access control delegation model on the federated IoT network

  2012cited by this paper
• Seamless Integration of Heterogeneous Devices and Access Control in Smart Homes

  2012cited by this paper
• Multilevel and Hybrid Architecture for Device Abstraction and Context Information Management in Smart Home Environments

  2010cited by this paper
• An extended role based access control model for the Internet of Things

  2010cited by this paper
• The DOG gateway: enabling ontology-based intelligent domotic environments

  2008cited by this paper
• Usage Control: A Vision for Next Generation Access Control

  2003cited by this paper
• Towards a Better Understanding of Context and Context-Awareness

  1999cited by this paper
• On the security of public key protocols

  1981cited by this paper

• IoT Enabled Device-to-Device Communication for Smart City Application

  2024cites this paper