The University of Southampton
University of Southampton Institutional Repository

XACML for building access control policies in Internet of Things

XACML for building access control policies in Internet of Things
XACML for building access control policies in Internet of Things
Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an efficient access control model for the IoT require selecting an appropriate access policy language to implement access policies. Therefore, this paper presents an overview of most common access policy languages. It starts with discussing different access control models and features of the access policy. After reviewing different access policy languages, we proposed XACML as the most efficient and appropriate policy language for the IoT as it compatible with different platforms, provides a distributed and flexible approach to work with different access control scenarios of the IoT system. In addition, we proposed an XACML model for an Adaptive Risk-Based Access Control (AdRBAC) for the IoT and showed how the access decision will be made using XACML.
253-260
Scitepress
Atlam, Hany F.
addb33f5-5f65-4523-a6b8-328d9677c5d2
Alassafi, Madini O.
231b07cb-5a2c-4875-b213-e7c32f328863
Alenezi, Ahmed
121c053f-ddf0-404f-b1cb-460b542ebed9
Walters, Robert
7b8732fb-3083-4f4d-844e-85a29daaa2c1
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0
Atlam, Hany F.
addb33f5-5f65-4523-a6b8-328d9677c5d2
Alassafi, Madini O.
231b07cb-5a2c-4875-b213-e7c32f328863
Alenezi, Ahmed
121c053f-ddf0-404f-b1cb-460b542ebed9
Walters, Robert
7b8732fb-3083-4f4d-844e-85a29daaa2c1
Wills, Gary
3a594558-6921-4e82-8098-38cd8d4e8aa0

Atlam, Hany F., Alassafi, Madini O., Alenezi, Ahmed, Walters, Robert and Wills, Gary (2018) XACML for building access control policies in Internet of Things. In Proceedings of the 3rd International Conference on Internet of Things, Big Data and Security: IoTBDS 2018. Scitepress. pp. 253-260. (doi:10.5220/0006725102530260).

Record type: Conference or Workshop Item (Paper)

Abstract

Although the Internet of things (IoT) brought unlimited benefits, it also brought many security issues. The access control is one of the main elements to address these issues. It provides the access to system resources only to authorized users and ensures that they behave in an authorized manner during their access sessions. One of the significant components of any access control model is access policies. They are used to build the criteria to permit or deny any access request. Building an efficient access control model for the IoT require selecting an appropriate access policy language to implement access policies. Therefore, this paper presents an overview of most common access policy languages. It starts with discussing different access control models and features of the access policy. After reviewing different access policy languages, we proposed XACML as the most efficient and appropriate policy language for the IoT as it compatible with different platforms, provides a distributed and flexible approach to work with different access control scenarios of the IoT system. In addition, we proposed an XACML model for an Adaptive Risk-Based Access Control (AdRBAC) for the IoT and showed how the access decision will be made using XACML.

Text Published version - Version of Record
Restricted to Repository staff only
Request a copy
Text XACML paper
Restricted to Repository staff only
Request a copy

More information

Accepted/In Press date: 11 January 2016
Published date: March 2018
Venue - Dates: 3rd International Conference on Internet of Things, Big Data and Security: IoTBDS 2018, Madeira, Portugal, 2018-03-19 - 2018-03-21

Identifiers

Local EPrints ID: 417261
URI: https://eprints.soton.ac.uk/id/eprint/417261
PURE UUID: f913e85e-0a0f-417c-8e0f-03bde3389ce4
ORCID for Hany F. Atlam: ORCID iD orcid.org/0000-0003-4142-6377
ORCID for Madini O. Alassafi: ORCID iD orcid.org/0000-0001-9919-8368
ORCID for Gary Wills: ORCID iD orcid.org/0000-0001-5771-4088

Catalogue record

Date deposited: 26 Jan 2018 17:30
Last modified: 05 Sep 2018 00:36

Export record

Altmetrics

Contributors

Author: Hany F. Atlam ORCID iD
Author: Madini O. Alassafi ORCID iD
Author: Ahmed Alenezi
Author: Robert Walters
Author: Gary Wills ORCID iD

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×