Abstract
Computing devices already permeate working and living environments; a trend which is expected to intensify in the coming years. However, the direct interaction smart devices often have with the physical world, along with the processing, storage and communication of private sensitive data pertaining to users’ lives, bring security concerns into the limelight. This paper presents Web Service Access Control for devices (WSACd), a framework that combines access control provided by the eXtensible Access Control Markup Language (XACML) with the benefits of Service Oriented Architectures through the use of the Devices Profile for Web Services (DPWS). Based on standardized technologies, it enables fine-grained policy-based management of the heterogeneous embedded devices that may be found in a smart residential setting. The proposed framework is implemented in full and its performance is evaluated on a test-bed featuring devices expected to be found in a typical residential environment.
Chapter PDF
References
Fysarakis, K., Hatzivasilis, G., Rantos, K., Papanikolaou, A.: Embedded systems security challenges. In: Measurable security for Embedded Computing and Communication Systems (MeSeCCS 2014), within the International Conference on Pervasive and Embedded Computing and Communication Systems (PECCS 2014), Lisbon, Portugal (2011)
Petroulakis, N.E., Askoxylakis, I.G., Tryfonas, T.: Life-logging in smart environments: challenges and security threats. In: IEEE International Conference on Communications, pp. 5680–5684 (2012)
Petroulakis, N.E., Askoxylakis, I.G., Traganitis, A., Spanoudakis, G.: A privacy-level model of user-centric cyber-physical systems. In: Marinos, L., Askoxylakis, I. (eds.) HAS 2013. LNCS, vol. 8030, pp. 338–347. Springer, Heidelberg (2013)
Parducci, B., Lockhart, H.: eXtensible Access Control Markup Language (XACML) Version 3.0. OASIS Standard, 1–154 (2013)
Devices profile for web services, version 1.1, OASIS Standard (2009). http://docs.oasis-open.org/ws-dd/dpws/1.1/os/wsdd-dpws-1.1-spec-os.pdf
European Union Agency for Network and Information Security (ENISA): Threat Landscape and Good Practice Guide for Smart Home and Converged Media (2014)
Brush, A., Lee, B., Mahajan, R.: Home automation in the wild: challenges and opportunities. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 2115–2124 (2011)
DeCouteau, D., Davis, M., Staggs, D.: OASIS Cross-Enterprise Security and Privacy Authorization (XSPA) Profile of XACML v2.0 for Healthcare. OASIS Standard Specification, pp. 1–21 (2009)
Leong, C., Ramli, A., Perumal, T.: A rule-based framework for heterogeneous subsystems management in smart home environment. IEEE Trans. Consum. Electron. 55, 1208–1213 (2009)
Perumal, T., Ramli, A., Leong, C.: Interoperability framework for smart home systems. IEEE Trans. Consum. Electron. 57, 1607–1611 (2011)
Sleman, A.: Moeller R: SOA distributed operating system for managing embedded devices in home and building automation. IEEE Transactions on Consumer Electronics 57(2), 945–952 (2011)
Crockford, D.: The JavaScript Object Notation (JSON) Data Interchange Format. The Internet Engineering Task Force RFC 7159, pp. 1–15 (2006)
Bourcier, J., Escoffier, C., Lalanda, P.: Implementing home-control applications on service platform. In: IEEE Consumer Communications and Networking Conference, Las Vegas, USA, pp. 925–929 (2007)
Igorevich, R.R., Park, P., Choi, J., Min, D.: iVision based context-aware smart home system. In: The 1st IEEE Global Conference on Consumer Electronics 2012, pp. 542–546. IEEE (2012)
Venkatesh, V., Vaithayana, V., Raj, P., Gopalan, K., Amirtharaj, R.: A Smart Train Using the DPWS-based Sensor Integration. Res. J. Inf. Technol. 5, 352–362 (2013)
Garcia Valls, M., Lopez, I.R., Villar, L.F.: ILAND: An enhanced middleware for real-time reconfiguration of service oriented distributed real-time systems. IEEE Trans. Ind. Informatics 9, 228–236 (2013)
Zhou, L., Rodrigues, J.: Service-oriented middleware for smart grid: Principle, infrastructure, and application. IEEE Commun. Mag. 51, 84–89 (2013)
Rantos, K., Fysarakis, K., Manifavas, C., Askoxylakis, I.G.: Policy-Controlled Authenticated Access to LLN-Connected Healthcare Resources. IEEE Systems Journal PP(99), 1–11 (2015). doi:10.1109/JSYST.2015.2450313. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7160675&isnumber=4357939
Dohndorf, O., Krüger, J., Krumm, H., Fiehe, C., Litvina, A., Luck, I., Stewing, F.J.: Towards the web of things: Using DPWS to bridge isolated OSGi platforms. In: 2010 8th IEEE International Conference on Pervasive Computing and Communications Workshops, PERCOM Workshops 2010, pp. 720–725 (2010)
Kim, J.E., Boulos, G., Yackovich, J., Barth, T., Beckel, C., Mosse, D.: Seamless integration of heterogeneous devices and access control in smart homes. In: 2012 Eighth Int. Conf. Intell. Environ., pp. 206–213 (2012)
Busnel, P., El-Khoury, P., Giroux, S., Li, K.: An XACML-based Security Pattern to achieve Socio-Technical Confidentiality in Smart Homes. J. Smart Home 3, 17–26 (2009)
Faravelon, A., Chollet, S., Verdier, C., Front, A.: Enforcing privacy as access control in a pervasive context. In: IEEE Consumer Communications and Networking Conference, Las Vegas, USA, pp. 380–384 (2012)
Jung, M., Kienesberger, G., Granzer, W., Unger, M., Kastner, W.: Privacy enabled web service access control using SAML and XACML for home automation gateways. In: International Conference for Internet Technology and Secured Transactions, Abu Dhabi, UAE, pp. 584–591 (2011)
Müller, A., Kinkelin, H., Ghai, S.K., Carle, G.: A secure service infrastructure for interconnecting future home networks based on DPWS and XACML. In: Proceedings of the 2010 ACM SIGCOMM Workshop on Home Networks - HomeNets 2010, p. 31. ACM Press, New York (2010)
Lawrence, K., Kaler, C., Nadalin, A., Monzilo, R., Hallam-Baker, P.: Web Services Security: SOAP Message Security 1.1. https://www.oasis-open.org/committees/download.php/16790/wss-v1.1-spec-os-SOAPMessageSecurity.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 IFIP International Federation for Information Processing
About this paper
Cite this paper
Fysarakis, K., Konstantourakis, C., Rantos, K., Manifavas, C., Papaefstathiou, I. (2015). WSACd - A Usable Access Control Framework for Smart Home Devices. In: Akram, R., Jajodia, S. (eds) Information Security Theory and Practice. WISTP 2015. Lecture Notes in Computer Science(), vol 9311. Springer, Cham. https://doi.org/10.1007/978-3-319-24018-3_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-24018-3_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24017-6
Online ISBN: 978-3-319-24018-3
eBook Packages: Computer ScienceComputer Science (R0)