More Like this

1. Access Control Model for Virtual Objects (Shadows) Communication for AWS Internet of Things

   https://doi.org/10.1145/3176258.3176328  

   Alshehri, Asma ; Benson, James ; Patwa, Farhan ; Sandhu, Ravi ( March 2018 , CODASPY ’18: Eighth ACM Conference on Data and Application Security and Privacy, March 19–21, 2018, Tempe, AZ)

   The concept of Internet of Things (IoT) has received considerable attention and development in recent years. There have been significant studies on access control models for IoT in academia, while companies have already deployed several cloud-enabled IoT platforms. However, there is no consensus on a formal access control model for cloud-enabled IoT. The access-control oriented (ACO) architecture was recently proposed for cloud-enabled IoT, with virtual objects (VOs) and cloud services in the middle layers. Building upon ACO, operational and administrative access control models have been published for virtual object communication in cloud-enabled IoT illustrated by a use case of sensing speeding cars as a running example. In this paper, we study AWS IoT as a major commercial cloud- IoT platform and investigate its suitability for implementing the afore-mentioned academic models of ACO and VO communication control. While AWS IoT has a notion of digital shadows closely analogous to VOs, it lacks explicit capability for VO communication and thereby for VO communication control. Thus there is a significant mismatch between AWS IoT and these academic models. The principal contribution of this paper is to reconcile this mismatch by showing how to use the mechanisms of AWS IoT to effectively implement VO communication models. To this end, we develop an access control model for virtual objects (shadows) communication in AWS IoT called AWS-IoT-ACMVO. We develop a proof-of-concept implementation of the speeding cars use case in AWS IoT under guidance of this model, and provide selected performance measurements. We conclude with a discussion of possible alternate implementations of this use case in AWS IoT. 

   more » « less
2. Authorization Framework for Secure Cloud Assisted Connected Cars and Vehicular Internet of Things

   https://doi.org/10.1145/3205977.3205994  

   Gupta, Maanak ; Sandhu, Ravi ( June 2018 , Proceedings of 23rd ACM Symposium on Access Control Models and Technologies (SACMAT’18))

   Internet of Things has become a predominant phenomenon in every sphere of smart life. Connected Cars and Vehicular Internet of Things, which involves communication and data exchange between vehicles, traffic infrastructure or other entities are pivotal to realize the vision of smart city and intelligent transportation. Vehicular Cloud offers a promising architecture wherein storage and processing capabilities of smart objects are utilized to provide on-the-fly fog platform. Researchers have demonstrated vulnerabilities in this emerging vehicular IoT ecosystem, where data has been stolen from critical sensors and smart vehicles controlled remotely. Security and privacy is important in Internet of Vehicles (IoV) where access to electronic control units, applications and data in connected cars should only be authorized to legitimate users, sensors or vehicles. In this paper, we propose an authorization framework to secure this dynamic system where interactions among entities is not pre-defined. We provide an extended access control oriented (E-ACO) architecture relevant to IoV and discuss the need of vehicular clouds in this time and location sensitive environment. We outline approaches to different access control models which can be enforced at various layers of E-ACO architecture and in the authorization framework. Finally, we discuss use cases to illustrate access control requirements in our vision of cloud assisted connected cars and vehicular IoT, and discuss possible research directions. 

   more » « less
3. WearableDL: Wearable Internet-of-Things and Deep Learning for Big Data Analytics—Concept, Literature, and Future

   https://doi.org/10.1155/2018/8125126  

   Dargazany, Aras R. ; Stegagno, Paolo ; Mankodiya, Kunal ( November 2018 , Mobile Information Systems)

   This work introduces Wearable deep learning (WearableDL) that is a unifying conceptual architecture inspired by the human nervous system, offering the convergence of deep learning (DL), Internet-of-things (IoT), and wearable technologies (WT) as follows: (1) the brain, the core of the central nervous system, represents deep learning for cloud computing and big data processing. (2) The spinal cord (a part of CNS connected to the brain) represents Internet-of-things for fog computing and big data flow/transfer. (3) Peripheral sensory and motor nerves (components of the peripheral nervous system (PNS)) represent wearable technologies as edge devices for big data collection. In recent times, wearable IoT devices have enabled the streaming of big data from smart wearables (e.g., smartphones, smartwatches, smart clothings, and personalized gadgets) to the cloud servers. Now, the ultimate challenges are (1) how to analyze the collected wearable big data without any background information and also without any labels representing the underlying activity; and (2) how to recognize the spatial/temporal patterns in this unstructured big data for helping end-users in decision making process, e.g., medical diagnosis, rehabilitation efficiency, and/or sports performance. Deep learning (DL) has recently gained popularity due to its ability to (1) scale to the big data size (scalability); (2) learn the feature engineering by itself (no manual feature extraction or hand-crafted features) in an end-to-end fashion; and (3) offer accuracy or precision in learning raw unlabeled/labeled (unsupervised/supervised) data. In order to understand the current state-of-the-art, we systematically reviewed over 100 similar and recently published scientific works on the development of DL approaches for wearable and person-centered technologies. The review supports and strengthens the proposed bioinspired architecture of WearableDL. This article eventually develops an outlook and provides insightful suggestions for WearableDL and its application in the field of big data analytics. 

   more » « less
4. Attributes Aware Relationship-based Access Control for Smart IoT Systems

   Lopamudra Praharaj ; Safwa Ameer ; Maanak Gupta ; Ravi Sandhu ( December 2022 , 2022 IEEE 8th International Conference on Collaboration and Internet Computing (CIC))

   The pervasive nature of smart connected devices has intruded on our daily lives and has become an intrinsic part of our world. However, the wide use of the Internet of Things (IoT) in critical application domains has raised concerns for user privacy and security against growing cyber threats. In particular, the implications of cyber exploitation for IoT devices are beyond financial losses and could constitute risks to human life. Most deployed access control solutions for smart IoT systems do not offer policy individualization, the ability to specify or change the policy according to the individual user’s preference. As a result, currently deployed systems are not well suited to specify access control policies in a multi-user environment, where users access the same devices to perform different operations. The system’s security gets tricky when the smart ecosystem involves complicated social relationships, much like in a smart home. Relationship-based access control (ReBAC), widely used in online social networks, offers the ability to consider user relationships in defining access control decisions and supports policy individualization. However, to the best of our knowledge, no such attempt has been made to develop a formal ReBAC model for smart IoT systems. This paper proposes a ReBAC IoT dynamic and fine-grained access control model which considers the social relationships among users along with the attributes to support an attributes-aware relationship-based access control model for smart IoT systems. ReBAC IoT is formally defined, illustrated through different use cases, implemented, and tested. 

   more » « less
5. Attributes Aware Relationship-based Access Control for Smart IoT Systems

   Lopamudra Praharaj ; Safwa Ameer ; Maanak Gupta ; Ravi Sandhu ( December 2022 , 2022 IEEE 8th International Conference on Collaboration and Internet Computing (CIC))

   The pervasive nature of smart connected devices has intruded on our daily lives and has become an intrinsic part of our world. However, the wide use of the Internet of Things (IoT) in critical application domains has raised concerns for user privacy and security against growing cyber threats. In particular, the implications of cyber exploitation for IoT devices are beyond financial losses and could constitute risks to human life. Most deployed access control solutions for smart IoT systems do not offer policy individualization, the ability to specify or change the policy according to the individual user’s preference. As a result, currently deployed systems are not well suited to specify access control policies in a multi-user environment, where users access the same devices to perform different operations. The system’s security gets tricky when the smart ecosystem involves complicated social relationships, much like in a smart home. Relationship-based access control (ReBAC), widely used in online social networks, offers the ability to consider user relationships in defining access control decisions and supports policy individualization. However, to the best of our knowledge, no such attempt has been made to develop a formal ReBAC model for smart IoT systems. This paper proposes a ReBAC IoT dynamic and fine-grained access control model which considers the social relationships among users along with the attributes to support an attributes-aware relationship-based access control model for smart IoT systems. ReBAC IoT is formally defined, illustrated through different use cases, implemented, and tested. 

   more » « less