Journal article Open Access

On the Design of a Decentralized and Multiauthority Access Control Scheme in Federated and Cloud-Assisted Cyber-Physical Systems

Sciancalepore, Savio; Piro, Giuseppe; Caldarola, Daniele; Boggia, Gennaro; Bianchi, Giuseppe


DataCite XML Export

<?xml version='1.0' encoding='utf-8'?>
<resource xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://datacite.org/schema/kernel-4" xsi:schemaLocation="http://datacite.org/schema/kernel-4 http://schema.datacite.org/meta/kernel-4.1/metadata.xsd">
  <identifier identifierType="URL">https://zenodo.org/record/2572596</identifier>
  <creators>
    <creator>
      <creatorName>Sciancalepore, Savio</creatorName>
      <givenName>Savio</givenName>
      <familyName>Sciancalepore</familyName>
      <affiliation>Consorzio Nazionale Interuniversitario per le Telecomunicazioni</affiliation>
    </creator>
    <creator>
      <creatorName>Piro, Giuseppe</creatorName>
      <givenName>Giuseppe</givenName>
      <familyName>Piro</familyName>
      <affiliation>Consorzio Nazionale Interuniversitario per le Telecomunicazioni</affiliation>
    </creator>
    <creator>
      <creatorName>Caldarola, Daniele</creatorName>
      <givenName>Daniele</givenName>
      <familyName>Caldarola</familyName>
      <affiliation>Consorzio Nazionale Interuniversitario per le Telecomunicazioni</affiliation>
    </creator>
    <creator>
      <creatorName>Boggia, Gennaro</creatorName>
      <givenName>Gennaro</givenName>
      <familyName>Boggia</familyName>
      <affiliation>Consorzio Nazionale Interuniversitario per le Telecomunicazioni</affiliation>
    </creator>
    <creator>
      <creatorName>Bianchi, Giuseppe</creatorName>
      <givenName>Giuseppe</givenName>
      <familyName>Bianchi</familyName>
      <affiliation>Consorzio Nazionale Interuniversitario per le Telecomunicazioni</affiliation>
    </creator>
  </creators>
  <titles>
    <title>On the Design of a Decentralized and Multiauthority Access Control Scheme in Federated and Cloud-Assisted Cyber-Physical Systems</title>
  </titles>
  <publisher>Zenodo</publisher>
  <publicationYear>2018</publicationYear>
  <subjects>
    <subject>Attribute-based access control</subject>
    <subject>cloud-assisted cyber-physical systems (CPSs)</subject>
    <subject>federated Internet of Things (IoT)</subject>
  </subjects>
  <dates>
    <date dateType="Issued">2018-08-08</date>
  </dates>
  <resourceType resourceTypeGeneral="JournalArticle"/>
  <alternateIdentifiers>
    <alternateIdentifier alternateIdentifierType="url">https://zenodo.org/record/2572596</alternateIdentifier>
  </alternateIdentifiers>
  <relatedIdentifiers>
    <relatedIdentifier relatedIdentifierType="DOI" relationType="IsIdenticalTo">10.1109/JIOT.2018.2864300</relatedIdentifier>
  </relatedIdentifiers>
  <rightsList>
    <rights rightsURI="https://creativecommons.org/licenses/by/4.0/legalcode">Creative Commons Attribution 4.0 International</rights>
    <rights rightsURI="info:eu-repo/semantics/openAccess">Open Access</rights>
  </rightsList>
  <descriptions>
    <description descriptionType="Abstract">&lt;p&gt;While enabling brand new services and opportunities, the federation of vertical Internet of Things platforms presents new challenges in terms of secure and controlled access to heterogeneous resources, especially when authorization permissions must be regulated by multiple decentralized authorities. The work presented herein designs, develops, and experimentally validates a flexible and effective attribute-based access control framework, properly devised to operate in a federated and cloud-assisted cyber-physical system (CPS). Our main novelty stems in the original way we turn a policy-based encryption scheme, customarily used for accessing data, into a cyber-physical resource access control protocol. The proposed design approach is able to address several security issues characterizing the emerging use cases in this context, including the decoupling between authentication and authorization, fine-grained, offline, and time-limited authorization, protection against collusion attacks, access rights revocation, and user privacy. A security analysis and a performance evaluation executed through experimental tests clearly demonstrate the viability of the proposed approach in realistic cloud-assisted CPSs, as well as its ability to overcome the lacks affecting competitive approaches without introducing huge communication and computational requirements.&lt;/p&gt;</description>
  </descriptions>
  <fundingReferences>
    <fundingReference>
      <funderName>European Commission</funderName>
      <funderIdentifier funderIdentifierType="Crossref Funder ID">10.13039/100010661</funderIdentifier>
      <awardNumber awardURI="info:eu-repo/grantAgreement/EC/H2020/688156/">688156</awardNumber>
      <awardTitle>Symbiosis of smart objects across IoT environments</awardTitle>
    </fundingReference>
  </fundingReferences>
</resource>
83
108
views
downloads
Views 83
Downloads 108
Data volume 515.5 MB
Unique views 75
Unique downloads 105

Share

Cite as