Zero trust (ZT) is the term for an evolving set of cybersecurity
paradigms that move defenses from static, network-based perimeters
to focus on users, assets, and resources. It assumes no implicit
trust is granted to assets or user accounts based solely on their
physical or network location. We have billions of devices in IoT
ecosystems connected to enable smart environments, and these
devices are scattered around different locations, sometimes multiple
cities or even multiple countries. Moreover, the deployment of
resource-constrained devices motivates the integration of IoT and
cloud services. This adoption of a plethora of technologies expands
the attack surface and positions the IoT ecosystem as a target for
many potential security threats. This complexity has outstripped
legacy perimeter-based security methods as there is no single, easily
identified perimeter for different use cases in IoT. Hence, we believe
that the need arises to incorporate ZT guiding principles in workflows,
systems design, and operations that can be used to improve
the security posture of IoT applications. This paper motivates the
need to implement ZT principles when developing access control
models for smart IoT systems. It first provides a structured mapping
between the ZT basic tenets and the PEI framework when designing
and implementing a ZT authorization system. It proposes the ZT
authorization requirements framework (ZT-ARF), which provides a
structured approach to authorization policy models in ZT systems.
Moreover, it analyzes the requirements of access control models
in IoT within the proposed ZT-ARF and presents the vision and
need for a ZT score-based authorization framework (ZT-SAF) that
is capable of maintaining the access control requirements for ZT
IoT connected systems.
more »
« less
CAPLets: Resource Aware, Capability-Based Access Control for IoT
We present CAPLets, an authorization mechanism that extends capability based security to support fine grained access control for multi-scale (sensors, edge, cloud) IoT deployments. To enable this, CAPLets uses a strong cryptographic construction to provide integrity while preserving computational efficiency for resource constrained systems. Moreover, CAPLets augments capabilities with dynamic, user defined constraints to describe arbitrary access control policies. We introduce an application specific, turing complete virtual machine, CapVM, alongside with eBPF and Wasm, to describe constraints. We show that CAPLets is able to express permissions and requirements at a fine grain, facilitating construction of non-trivial access control policies. We empirically evaluate the efficiency and flexibility of CAPLets abstractions using resource constrained devices and end-to-end IoT deployments, and compare it against related mechanisms in wide use today. Our empirical results show that CAPLets is an order of magnitude faster and more energy efficient than current IoT authorization systems.
more »
« less
- NSF-PAR ID:
- 10334298
- Date Published:
- Journal Name:
- IEEE/ACM Symposium on Edge Computing
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
We propose and implement Directory-Based Access Control (DBAC), a flexible and systematic access control approach for geographically distributed multi-administration IoT systems. DBAC designs and relies on a particular module, IoT directory, to store device metadata, manage federated identities, and assist with cross-domain authorization. The directory service decouples IoT access into two phases: discover device information from directories and operate devices through discovered interfaces. DBAC extends attribute-based authorization and retrieves diverse attributes of users, devices, and environments from multi-faceted sources via standard methods, while user privacy is protected. To support resource-constrained devices, DBAC assigns a capability token to each authorized user, and devices only validate tokens to process a request.more » « less
-
null (Ed.)For any successful business endeavor, recruitment of a required number of appropriately qualified employees in proper positions is a key requirement. For effective utilization of human resources, reorganization of such workforce assignment is also a task of utmost importance. This includes situations when the under-performing employees have to be substituted with fresh applicants. Generally, the number of candidates applying for a position is large, and hence, the task of identifying an optimal subset becomes critical. Moreover, a human resource manager would also like to make use of the opportunity of retirement of employees to improve manpower utilization. However, the constraints enforced by the security policies prohibit any arbitrary assignment of tasks to employees. Further, the new employees should have the capabilities required to handle the assigned tasks. In this article, we formalize this problem as the Optimal Recruitment Problem (ORP), wherein the goal is to select the minimum number of fresh employees from a set of candidates to fill the vacant positions created by the outgoing employees, while ensuring satisfiability of the specified security conditions. The model used for specification of authorization policies and constraints is Attribute-Based Access Control (ABAC), since it is considered to be the de facto next-generation framework for handling organizational security policies. We show that the ORP problem is NP-hard and propose a greedy heuristic for solving it. Extensive experimental evaluation shows both the effectiveness and efficiency of the proposed solution.more » « less
-
his work presents a sustainable cybersecurity solution using Physical Unclonable Functions (PUF), Trusted Platform Module (TPM), and Tangle Distributed Ledger Technology (DLT) for sustainable device and data security. Security-by-Design (SbD) or Hardware- Assisted Security (HAS) solutions have gained much prominence due to the requirement of tamper-proof storage for hardwareassisted cryptography solutions. Designing complex security mechanisms can impact their efficiency as IoT applications are more decentralized. In the proposed architecture, we presented a novel TPM-enabled PUF-based security mechanism with effective integration of PUF with TPM. The proposed mechanism is based on the process of sealing the PUF key in the TPM, which cannot be accessed outside the TPM and can only be unsealed by the TPM itself. A specified NV-index is assigned to each IoT node for sealing the PUF key to TPM using the Media Access Control (MAC) address. Access to the TPM's Non-Volatile Random Access Memory (NVRAM) is defined by the TPM's Enhanced Authorization policies as specified by the Trust Computing Group (TCG). The proposed architecture uses Tangle for sustainable data security and storage in decentralized IoT systems through a Masked Authentication Messaging (MAM) scheme for efficient and secure access control to Tangle. We validated the proposed approach through experimental analysis and implementation, which substantiates the potential of the presented PUFchain 4.0 for decentralized IoT-driven security solutions.more » « less
-
Scalable, fine-grained access control for Internet-of- Things are needed in enterprise environments, where thousands of subjects need to access possibly one to two orders of magnitude more objects. Existing solutions offer all-or-nothing access, or require all access to go through a cloud backend, greatly impeding access granularity, robustness and scale. In this paper, we propose Heracles, an IoT access control system that achieves robust, fine-grained access control at enterprise scale. Heracles adopts a capability-based approach using secure, unforgeable tokens that describe the authorizations of subjects, to either individual or collections of objects in single or bulk opera- tions. It has a 3-tier architecture to provide centralized policy and distributed execution desired in enterprise environments, and delegated operations for responsiveness of more resource- constrained objects. Extensive security analysis and performance evaluation on a testbed prove that Heracles achieves robust, responsive, fine-grained access control in large scale enterprise environments.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3453142.3491289
