TY - GEN
T1 - Situational access control in the internet of things
AU - Schuster, Roei
AU - Shmatikov, Vitaly
AU - Tromer, Eran
N1 - Publisher Copyright:
© 2018 Copyright held by the owner/author(s).
PY - 2018/10/15
Y1 - 2018/10/15
N2 - Access control in the Internet of Things (IoT) often depends on a situation-for example, “the user is at home”-that can only be tracked using multiple devices. In contrast to the (well-studied) smartphone frameworks, enforcement of situational constraints in the IoT poses new challenges because access control is fundamentally decentralized. It takes place in multiple independent frameworks, subjects are often external to the enforcement system, and situation tracking requires cross-framework interaction and permissioning. Existing IoT frameworks entangle access-control enforcement and situation tracking. This results in overprivileged, redundant, inconsistent, and inflexible implementations. We design and implement a new approach to IoT access control. Our key innovation is to introduce “environmental situation oracles” (ESOs) as first-class objects in the IoT ecosystem. An ESO encapsulates the implementation of how a situation is sensed, inferred, or actuated. IoT access-control frameworks can use ESOs to enforce situational constraints, but ESOs and frameworks remain oblivious to each other’s implementation details. A single ESO can be used by multiple access-control frameworks across the ecosystem. This reduces inefficiency, supports consistent enforcement of common policies, and-because ESOs encapsulate sensitive device-access rights-reduces overprivileging. ESOs can be deployed at any layer of the IoT software stack where access control is applied. We implemented prototype ESOs for the IoT resource layer, based on the IoTivity framework, and for the IoT Web services, based on the Passport middleware.
AB - Access control in the Internet of Things (IoT) often depends on a situation-for example, “the user is at home”-that can only be tracked using multiple devices. In contrast to the (well-studied) smartphone frameworks, enforcement of situational constraints in the IoT poses new challenges because access control is fundamentally decentralized. It takes place in multiple independent frameworks, subjects are often external to the enforcement system, and situation tracking requires cross-framework interaction and permissioning. Existing IoT frameworks entangle access-control enforcement and situation tracking. This results in overprivileged, redundant, inconsistent, and inflexible implementations. We design and implement a new approach to IoT access control. Our key innovation is to introduce “environmental situation oracles” (ESOs) as first-class objects in the IoT ecosystem. An ESO encapsulates the implementation of how a situation is sensed, inferred, or actuated. IoT access-control frameworks can use ESOs to enforce situational constraints, but ESOs and frameworks remain oblivious to each other’s implementation details. A single ESO can be used by multiple access-control frameworks across the ecosystem. This reduces inefficiency, supports consistent enforcement of common policies, and-because ESOs encapsulate sensitive device-access rights-reduces overprivileging. ESOs can be deployed at any layer of the IoT software stack where access control is applied. We implemented prototype ESOs for the IoT resource layer, based on the IoTivity framework, and for the IoT Web services, based on the Passport middleware.
KW - Access control; Internet of Things
UR - http://www.scopus.com/inward/record.url?scp=85056825682&partnerID=8YFLogxK
U2 - 10.1145/3243734.3243817
DO - 10.1145/3243734.3243817
M3 - פרסום בספר כנס
AN - SCOPUS:85056825682
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 1056
EP - 1073
BT - CCS 2018 - Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
PB - Association for Computing Machinery
Y2 - 15 October 2018
ER -