Journal article Open Access

On the Design of a Decentralized and Multiauthority Access Control Scheme in Federated and Cloud-Assisted Cyber-Physical Systems

Sciancalepore, Savio; Piro, Giuseppe; Caldarola, Daniele; Boggia, Gennaro; Bianchi, Giuseppe


MARC21 XML Export

<?xml version='1.0' encoding='UTF-8'?>
<record xmlns="http://www.loc.gov/MARC21/slim">
  <leader>00000nam##2200000uu#4500</leader>
  <datafield tag="540" ind1=" " ind2=" ">
    <subfield code="u">https://creativecommons.org/licenses/by/4.0/legalcode</subfield>
    <subfield code="a">Creative Commons Attribution 4.0 International</subfield>
  </datafield>
  <datafield tag="260" ind1=" " ind2=" ">
    <subfield code="c">2018-08-08</subfield>
  </datafield>
  <controlfield tag="005">20200120171405.0</controlfield>
  <controlfield tag="001">2572596</controlfield>
  <datafield tag="909" ind1="C" ind2="O">
    <subfield code="p">openaire</subfield>
    <subfield code="o">oai:zenodo.org:2572596</subfield>
  </datafield>
  <datafield tag="520" ind1=" " ind2=" ">
    <subfield code="a">&lt;p&gt;While enabling brand new services and opportunities, the federation of vertical Internet of Things platforms presents new challenges in terms of secure and controlled access to heterogeneous resources, especially when authorization permissions must be regulated by multiple decentralized authorities. The work presented herein designs, develops, and experimentally validates a flexible and effective attribute-based access control framework, properly devised to operate in a federated and cloud-assisted cyber-physical system (CPS). Our main novelty stems in the original way we turn a policy-based encryption scheme, customarily used for accessing data, into a cyber-physical resource access control protocol. The proposed design approach is able to address several security issues characterizing the emerging use cases in this context, including the decoupling between authentication and authorization, fine-grained, offline, and time-limited authorization, protection against collusion attacks, access rights revocation, and user privacy. A security analysis and a performance evaluation executed through experimental tests clearly demonstrate the viability of the proposed approach in realistic cloud-assisted CPSs, as well as its ability to overcome the lacks affecting competitive approaches without introducing huge communication and computational requirements.&lt;/p&gt;</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">Consorzio Nazionale Interuniversitario per le Telecomunicazioni</subfield>
    <subfield code="a">Piro, Giuseppe</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">Consorzio Nazionale Interuniversitario per le Telecomunicazioni</subfield>
    <subfield code="a">Caldarola, Daniele</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">Consorzio Nazionale Interuniversitario per le Telecomunicazioni</subfield>
    <subfield code="a">Boggia, Gennaro</subfield>
  </datafield>
  <datafield tag="700" ind1=" " ind2=" ">
    <subfield code="u">Consorzio Nazionale Interuniversitario per le Telecomunicazioni</subfield>
    <subfield code="a">Bianchi, Giuseppe</subfield>
  </datafield>
  <datafield tag="856" ind1="4" ind2=" ">
    <subfield code="s">4773146</subfield>
    <subfield code="z">md5:e9801ffaae3c3d607c0bc6dbcb9cad10</subfield>
    <subfield code="u">https://zenodo.org/record/2572596/files/SciancaleporeIOTJ2018.pdf</subfield>
  </datafield>
  <datafield tag="542" ind1=" " ind2=" ">
    <subfield code="l">open</subfield>
  </datafield>
  <datafield tag="980" ind1=" " ind2=" ">
    <subfield code="a">publication</subfield>
    <subfield code="b">article</subfield>
  </datafield>
  <datafield tag="100" ind1=" " ind2=" ">
    <subfield code="u">Consorzio Nazionale Interuniversitario per le Telecomunicazioni</subfield>
    <subfield code="a">Sciancalepore, Savio</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">Attribute-based access control</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">cloud-assisted cyber-physical systems (CPSs)</subfield>
  </datafield>
  <datafield tag="653" ind1=" " ind2=" ">
    <subfield code="a">federated Internet of Things (IoT)</subfield>
  </datafield>
  <datafield tag="024" ind1=" " ind2=" ">
    <subfield code="a">10.1109/JIOT.2018.2864300</subfield>
    <subfield code="2">doi</subfield>
  </datafield>
  <datafield tag="245" ind1=" " ind2=" ">
    <subfield code="a">On the Design of a Decentralized and Multiauthority Access Control Scheme in Federated and Cloud-Assisted Cyber-Physical Systems</subfield>
  </datafield>
  <datafield tag="536" ind1=" " ind2=" ">
    <subfield code="c">688156</subfield>
    <subfield code="a">Symbiosis of smart objects across IoT environments</subfield>
  </datafield>
  <datafield tag="650" ind1="1" ind2="7">
    <subfield code="a">cc-by</subfield>
    <subfield code="2">opendefinition.org</subfield>
  </datafield>
</record>
83
108
views
downloads
Views 83
Downloads 108
Data volume 515.5 MB
Unique views 75
Unique downloads 105

Share

Cite as