Identity authentication and capability based access control (IACAC) for the internet of things

Journal of Cyber Security and Mobility

Volumn 1, Issue 4, 2012, Pages 309-348

  Mahalle, Parikshit N ^a   Anggorojati, Bayu ^a   Prasad, Neeli R ^a   Prasad, Ramjee ^a  

^a AALBORG UNIVERSITY   (Denmark)

Author keywords

Access control; Authentication; Capability; Internet of Things

Indexed keywords

DENIAL-OF-SERVICE ATTACK; INTERNET OF THINGS; LOW POWER ELECTRONICS; NETWORK SECURITY;

ATTACK RESISTANTS; AUTHENTICATION BASED ACCESS CONTROLS; CAPABILITY; CAPABILITY BASED ACCESS CONTROLS; DYNAMIC NETWORK TOPOLOGY; IDENTITY AUTHENTICATION; LOW-POWER DEVICES; PERFORMANCES ANALYSIS; PHYSICAL SECURITY; SECURITY VULNERABILITIES;

AUTHENTICATION;

EID: 85002424663     PISSN: 22451439     EISSN: 22454578     Source Type: Journal    
DOI: None     Document Type: Article

References (63)

1. ITU-T Internet Reports, Internet of Things, November 2005.
2. E. Zouganeli and I. E. Svinnset. Connected objects and the Internet of Things -A paradigm shift, Photonics in Switching 2009, September 2009.
3. M. Weiser, The computer for the 21st century, Scientific American, 265: 66-75, 1991.
4. S. Sarma, D. L. Brock, and K. Ashton. The networked physical world. TR MITAUTOIDWH-001, MIT Auto-ID Center, 2000.
5. Jayavardhana Gubbi, Rajkumar Buyya, Slaven Marusic, and Marimuthu Palaniswami. Internet of Things (IoT): A vision, architectural elements, and future directions. Technical Report CLOUDS-TR-2012-2, Cloud Computing and Distributed Systems Laboratory, The University of Melbourne, 29 June 2012.
6. Xiaodong Lin, Rongxing Lu, Xuemin Shen, Y. Nemoto, and N. Kato. Sage: A strong privacy-preserving scheme against global eavesdropping for ehealth systems. IEEE Journal on Selected Areas in Communications, 27(4): 365-378, May 2009.
7. A. Gluhak, S. Krco, M. Nati, D. Pfisterer, N. Mitton, and T. Razafindralambo. A survey on facilities for experimental Internet of Things Research. IEEE Commun. Mag., 49: 58-67, 2011.
8. P. Spiess, S. Karnouskos, D. Guinard, D. Savio, O. Baecker, L. Souza, and V. Trifa. SOAbased integration of the internet of things in enterprise services. In Proceedings of IEEE ICWS 2009, Los Angeles, Ca, USA, July 2009.
9. I. F. Akyildiz, J. Xie, and S. Mohanty. A survey on mobility management in next generation All-IP based wireless systems. IEEE Wireless Communications Magazine, 11(4):16-28, 2004.
10. C. Mayer. Security and privacy challenges in the IoT. WowKivs, Electronic Communications of the EASST, Volume 17, Germany, 2009.
11. R. Prasad. My personal Adaptive Global NET (MAGNET). Signals and Communication Technology Book, Springer, The Netherlands, 2010.
12. D. M. Kyriazanos, G. I. Stassinopoulos, and N. R. Prasad. Ubiquitous access control and policy management in personal networks. In Third Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services, pp. 1-6, July 2006.
13. Michael Braun, Erwin Hess, and Bernd Meyer. Using elliptic curves on RFID tags. International Journal of Computer Science and Network Security, 8(2), 2008.
14. Sheikh Iqbal Ahamed, Farzana Rahman, and Endadul Hoque. ERAP: ECC based RFID authentication protocol. In 12th IEEE International Workshop on Future Trends of Distributed Computing Systems, 2008.
15. D. Balfanz, D. K. Smetters, P. Stewart, and H. C. Wong. Talking to strangers: Authentication in ad-hoc wireless networks. In Network and Distributed Systems Security Symposium (NDSS), February 2002.
16. Guanglei Zhao, Xianping Si, Jingcheng Wang, Xiao Long, and Ting Hu. A novel mutual authentication scheme for Internet of Things. In Proceedings of 2011 IEEE International Conference on Modelling, Identification and Control (ICMIC), pp. 563-566, 26-29 June 2011.
17. C. Jiang, B. Li, and H. Xu. An efficient scheme for user authentication in wireless sensor networks. In 21st International Conference on Advanced Information Networking and Applications Workshops, pp. 438-442, 2007.
18. R. R. S. Verma, D. O'Mahony, and H. Tewari. Progressive authentication in ad hoc networks. In Proceedings of the Fifth European Wireless Conference, February 2004.
19. T. Suen and A. Yasinsac. Ad hoc network security: Peer identification and authentication using signal properties. In Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop (IAW'05), pp. 432-433, 15-17 June 2005.
20. L. Venkatraman and D. P. Agrawal. A novel authentication scheme for ad hoc networks. In Wireless Communications and Networking Conference (WCNC2000), vol.3, pp. 1268-1273. IEEE, 2000.
21. B. Bing. Emerging Technologies in Wireless LANs -Theory, Design and Deployment. Cambridge University Press, 2008.
22. Best Current Practices for WISP Roaming, WiFi Alliance, 2003.
23. RFC 2865, Remote Authentication Dial in User Service (RADIUS).
24. Jian Feng. Analysis, implementation and extensions of RADIUS protocol. In International Conference on Networking and Digital Society (ICNDS'09), vol.1, pp. 154-157, 30-31 May 2009.
25. RFC 5247, Extensible Authentication Protocol (EAP) Key Management Framework, August 2008.
26. A. M. El-Nagar, A. A. El-Hafez, and A. Elhnawy. A novel EAP -Moderate weight Extensible Authentication Protocol. In IEEE Seventh International Conference on Computer Engineering (ICENCO2011), pp. -1-6, 27-28 December 2011.
27. Wei Yuan, Liang Hu, Hong-tu Li, Kuo Zhao, Jiang-feng Chu, and Yuyu Sun. Key replicating attack on an identity-based three-party authenticated key agreement protocol. In IEEE International Conference on Network Computing and Information Security (NCIS), vol. 2, pp. 249-253, 14-15 May 2011.
28. Jun Lei, Xiaoming Fu, Dieter Hogrefe, and Jianrong Tan. Comparative studies on authentication and key exchange methods for 802.11 wireless LAN. Computers & Security, 26(5): 401-409, August 2007.
29. OASIS.eXtensible Access Control Markup Language (XACML) Version 3.0, Working Draft 8, February 2009.
30. W3C Platform for Privacy Project: http://www.w3.org/privacy/.
31. The Shibboleth project: www.shibboleth.net.
32. The Liberty Alliance Project: www.projectliberty.org.
33. Ravi S. Sandhu. The typed access matrix model. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE CS Press, 1992.
34. T. Close. ACLs don't. HP Laboratories Technical Report,February 2009.
35. L. Gong. A secure identity-based capability system. In Proceedings of 1989 IEEE Symposium on Security and Privacy, Oakland, CA, May. IEEE Computer Society Press, Los Alamitos, 1989.
36. Ravi S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2): 38-47, February 1996.
37. J. B. D. Joshi, E. Bertino, U.Latif, and A. Ghafoor. A generalized temporal role-based access control model. IEEE Transactions on Knowledge and Data Engineering, 17(1): 4-23, January 2005.
38. R. Bhatti, E. Bertino, and A. Ghafoor. A trust-based context-aware access control model for web-services. Distributed and Parallel Databases, 18(1), July 2005.
39. Q. Ni, A. Trombetta, E. Bertino, and J. Lobo. Privacy-aware role based access control. In Proceedings of the 12th ACM Symposium on Access Control Models and Technologies (SACMAT'07), 2007.
40. E. Barka and R. Sandhu. A role-based delegation model and some extensions. In Proceedings of the 23rd National Information Systems Security Conference, 2000.
41. E. Barka and R. Sandhu. Role-based delegation model/hierarchical roles. In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC'04), 2004.
42. K. Hasebe, M. Mabuchi, and A. Matsushita. Capability-based delegation model in RBAC. In Proceedings of the 15th ACM Symposium on Access Control Models and Technologies (SACMAT'10). ACM, 2010.
43. Y. G. Kim, C. J. Mon, D. Jeong, J. O. Lee, C. Y. Song, and D. K. Baik. Context-aware access control mechanism for ubiquitous applications. In Advances in Web Intelligence, LNCS, Vol. 3528, pp. 236-242. Springer, Heidelberg, 2005.
44. D. Kulkarni and A. Tripathi. Context-aware role-based access control in pervasive computing systems. In SACMAT'08, Estes Park, CO, 11-13 June 2008.
45. Kyungah Shim and Young-Ran Lee. Security flaws in authentication and key establishment protocols for mobile communications. Applied Mathematics and Computation, 169(1): 62-74, October 2005.
46. G. Horn, K. M. Martin, and C. J. Mitchell. Authentication protocols for mobile network environment value added services. IEEE Transactions on Vehicular Technology, 51(2): 383-392, 2002.
47. M. J. Beller, L. F. Chang, and Y. Yacobi. Privacy and authentication on a portable communications system. IEEE Journal on Selected Areas in Communications, 11: 821-829, 1993.
48. C. Boyd and A. Mathuria. Key establishment protocols for Secure Mobile communications: A selective survey. In Information Security and Privacy, ACISP 98, LNCS, Vol. 1438, pp. 344-355. Springer, Heidelberg, 1998.
49. A. Aziz and W. Diffie. Privacy and authentication for wireless local area networks. IEEE Personal Communications, 1: 25-31, 1994.
50. D. S. Wong and A. H. Chan. Efficient and mutually authenticated key exchange for low power mobile device. In Advances in Cryptology -Asiarcypt01, LNCS, Vol. 2248, pp. 272-289. Springer-Verlag, Heidelberg, 2001.
51. N. Koblitz. Elliptic curve cryptosystems. Mathematics of Computation, 48: 203-209, 1987.
52. Avispa -A tool for Automated Validation of Internet Security Protocols. http://www.avispa-project.org.
53. D. Dolev and A. C.-C. Yao. On the security of public key protocols. In FOCS, pp. 350-357. IEEE, 1981.
54. R. Chakravorty. A programmable service architecture for mobile medical care. In 4th IEEE International Conference on Pervasive Computing and Communications, 2006.
55. C. Karlof, N. Sastry, and D. Wagner. Tinysec: Link layer security architecture for wireless sensor networks. In SensSys, ACM Conference on Embedded Networked Sensor Systems, 2004.
56. N. Gura, A. Patel, A. Wander, H. Eberle, and S. C. Shantz. Comparing elliptic curve cryptography and RSA on 8-it CPUs. In CHES 2004, LNCS, Vol. 3156, pp. 119-132, Springer, Heidelberg, 2004.
57. Y. L. Yin. The RC5 encryption algorithm: Two years on. CryptoBytes, 3(2),Winter 1997.
58. M. Bellare, J. Killan, and P. Rogaway. The security of cipher block chaining. In Y. Desmedt (Ed.), CRYPTO 1994. LNCS, Vol. 839, pp. 341-358. Springer, Heidelberg, 1994.
59. H.Wang, B. Sheng, and Q. Li. Elliptic curve cryptography based access control in sensor networks. Int. J. Security and Networks, 1(3/4): 127-137, 2006.
60. Bela Ban. Adding group communication to Java in a non-intrusive way using the ensemble toolkit. Technical Report, Dept. of Computer Science, Cornell University, November 1997.
61. Bayu Anggorojati, Parikshit N. Mahalle, Neeli R. Prasad, and Ramjee Prasad. Capability-based access control delegation model on the federated IoT network. In IEEE 15th International Symposium onWireless Personal Multimedia Communications (WPMC2012), Taipei, Taiwan, September 24-27, pp. 604-608, 2012.
62. Petar Popovski. On designing future communication systems: Some clean-slate perspectives. In R. Prasad, S. Dixit, R. Nee, and T. Ojanpera (Eds.), Globalization of Mobile and Wireless Communications, pp. 129-143. Springer Science+Business Media, 2011.
63. Alberto Leon-Garcia. Probability, Statistics, and Random Processes for Electrical Engineering (3rd ed.). Prentice Hall, 2008.