dc.contributor.author | Uriarte, Mikel | |
dc.contributor.author | Astorga Burgo, Jasone | |
dc.contributor.author | Jacob, Eduardo | |
dc.contributor.author | Huarte Arrayago, Maider | |
dc.contributor.author | Carnerero, Manuel | |
dc.date.accessioned | 2018-10-29T19:23:24Z | |
dc.date.available | 2018-10-29T19:23:24Z | |
dc.date.issued | 2018-02-01 | |
dc.identifier.citation | IEEE Access 6 :15-46 (2018) | es_ES |
dc.identifier.issn | 2169-3536 | |
dc.identifier.uri | http://hdl.handle.net/10810/29345 | |
dc.description.abstract | Upcoming smart scenarios enabled by the Internet of Things envision smart objects that expose services that can adapt to user behavior or be managed with the goal of achieving higher productivity, often in multi-stakeholder applications. In such environments, smart things are cheap sensors (and actuators) and, therefore, constrained devices. However, they are also critical components because of the importance of the provided information. Therefore, strong security is a must. Nevertheless, existing feasible approaches do not cope well with the principle of least privilege; they lack both expressiveness and the ability to update the policy to be enforced in the sensors. In this paper, we propose an access control model that comprises a policy language that provides dynamic fine-grained policy enforcement in the sensors based on local context conditions. This dynamic policy cycle requires a secure, efficient, and traceable message exchange protocol. For that purpose, a security protocol called Hidra is also proposed. A security and performance evaluation demonstrates the feasibility and adequacy of the proposed protocol and access control model. | es_ES |
dc.description.sponsorship | This work was supported in part by the Training and Research Unit through UPV/EHU under Grant UFI11/16 and in part by the
Department of Economic Development and Competitiveness of the Basque Government through the Security Technologies SEKUTEK Collaborative Research Project | es_ES |
dc.language.iso | eng | es_ES |
dc.publisher | IEEE | es_ES |
dc.rights | info:eu-repo/semantics/openAccess | es_ES |
dc.subject | access control model | es_ES |
dc.subject | authorization | es_ES |
dc.subject | resource-constrained device | es_ES |
dc.subject | expressive policy language | es_ES |
dc.subject | least privilege | es_ES |
dc.subject | message exchange protocol | es_ES |
dc.subject | mutual authentication | es_ES |
dc.subject | policy codification | es_ES |
dc.subject | sensor | es_ES |
dc.title | Expressive Policy-Based Access Control for Resource-Constrained Devices | es_ES |
dc.type | info:eu-repo/semantics/article | es_ES |
dc.rights.holder | (c) 2017 IEEE | es_ES |
dc.relation.publisherversion | https://ieeexplore.ieee.org/document/7990134 | es_ES |
dc.identifier.doi | 10.1109/ACCESS.2017.2730958 | |
dc.departamentoes | Ingeniería de comunicaciones | es_ES |
dc.departamentoeu | Komunikazioen ingeniaritza | es_ES |