Produção Nacional
SmartABAC: Enabling Constrained IoT Devices to Make Complex Policy-Based Access Control Decisions
2021; Institute of Electrical and Electronics Engineers; Volume: 9; Issue: 7 Linguagem: Inglês
10.1109/jiot.2021.3110142
ISSN2372-2541
AutoresGeovane Fedrecheski, Laisa C. P. Costa, Pablo C. Calcina-Ccori, Roseli de Deus Lopes, Marcelo K. Zuffo,
Tópico(s)Internet Traffic Analysis and Secure E-voting
ResumoWhile attribute-based access control (ABAC) is a promising technique to govern interactions in the Internet of Things (IoT), most existing ABAC models are designed to run on remote servers or gateway devices. This scenario is misaligned with recent trends toward IoT decentralization, such as the Swarm, which expects devices to autonomously share resources, making their own access decisions for enhanced privacy and reliability. In this article, we propose SmartABAC: a fast, concise, and expressive ABAC model that can be executed in constrained IoT devices. It combines the performance of policies based on attribute enumeration, with techniques that enhance policy expressiveness, such as typed and hierarchical attributes. We specified SmartABAC using first-order logic, designed a use case, and evaluated it in both constrained and nonconstrained IoT environments. Results show that our model can represent a variety of access policies, including nested multiattribute rules, while using less than 100 bytes per policy, on average, for a smart home use case. Our C-based SmartABAC implementation is at least 255 times faster than existing models and can evaluate 3000 policies under 5 ms on a 32-MHz MCU.
Referência(s)