research-article

Towards Activity-Centric Access Control for Smart Collaborative Ecosystems

Authors:
Maanak Gupta

Tennessee Technological University, COOKEVILLE, TN, USA

Tennessee Technological University, COOKEVILLE, TN, USA
View Profile

,
Ravi Sandhu

University of Texas at San Antonio, San Antonio, TX, USA

University of Texas at San Antonio, San Antonio, TX, USA
View Profile

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and TechnologiesJune 2021Pages 155–164https://doi.org/10.1145/3450569.3463559

Published:11 June 2021Publication History

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

Pages 155–164

ABSTRACT

The ubiquitous presence of smart devices along with advancements in connectivity coupled with the elastic capabilities of cloud and edge systems have nurtured and revolutionized smart ecosystems. Intelligent, integrated cyber-physical systems offer increased productivity, safety, efficiency, speed and support for data driven applications beyond imagination just a decade ago. Since several connected devices work together as a coordinated unit to ensure efficiency and automation, the individual operations they perform are often reliant on each other. Therefore, it is important to control what functions or activities different devices can perform at a particular moment of time, and how they are related to each other. It is also important to consider additional factors such as conditions, obligation or mutability of activities, which are critical in deciding whether or not a device can perform a requested activity. In this paper, we take an initial step to propose and discuss the concept of Activity-Centric Access Control (ACAC) for smart and connected ecosystem. We discuss the notion of activity with respect to the collaborative and distributed yet integrated systems and identify the different entities involved along with the important factors to make an activity control decision. We outline a preliminary approach for defining activity control expressions which can be applied to different smart objects in the system. The main goal of this paper is to present the vision and need for the activity-centric approach for access control in connected smart systems, and foster discussion on the identified future research agenda.

References

Ravi S Sandhu and Pierangela Samarati. Access control: principle and practice. IEEE communications magazine, 32(9):40--48, 1994.Google Scholar
Ravi S Sandhu. Role-based access control. In Advances in computers, volume 46, pages 237--286. Elsevier, 1998.Google Scholar
Xin Jin, Ram Krishnan, and Ravi Sandhu. A unified attribute-based access control model covering DAC, MAC and RBAC. In IFIP Annual Conference on Data and Applications Security and Privacy, pages 41--55. Springer, 2012.Google ScholarDigital Library
Maanak Gupta and Ravi Sandhu. The $mathrmGURA_G$ Administrative Model for User and Group Attribute Assignment. In International Conference on Network and System Security, pages 318--332. Springer, 2016.Google Scholar
Roshan K Thomas and Ravi S Sandhu. Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented authorization management. In Database security XI, pages 166--181. Springer, 1998.Google ScholarCross Ref
Jaehong Park and Ravi Sandhu. Towards usage control models: beyond traditional access control. In Proc. ACM SACMAT, pages 57--64, 2002.Google ScholarDigital Library
Ravi Sandhu and Jaehong Park. Usage control: A vision for next generation access control. In International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security, pages 17--31. Springer, 2003.Google Scholar
Jaehong Park and Ravi Sandhu. The UCON-ABC usage control model. ACM Trans. Inf. Syst. Secur., 7(1):128--174, February 2004.Google ScholarDigital Library
Alexander Pretschner, Manuel Hilty, and David Basin. Distributed usage control. Commun. ACM, 49(9):39--44, 2006.Google ScholarDigital Library
Jaehong Park, Ravi Sandhu, and Yuan Cheng. ACON: Activity-centric access control for social computing. In 2011 Sixth International Conference on Availability, Reliability and Security, pages 242--247. IEEE, 2011.Google ScholarDigital Library
J. Park, R. Sandhu, and Y. Cheng. A user-activity-centric framework for access control in online social networks. IEEE Internet Computing, 15(5):62--65, 2011.Google ScholarDigital Library
Maanak Gupta and Ravi Sandhu. Authorization framework for secure cloud assisted connected cars and vehicular internet of things. In Proc. of the 23nd ACM on Symposium on Access Control Models and Technologies, pages 193--204, 2018.Google ScholarDigital Library
Maanak Gupta et al. Dynamic groups and attribute-based access control for next-generation smart cars. In Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, pages 61--72, 2019.Google Scholar
Sina Sontowski et al. Cyber attacks on smart farming infrastructure. In Proc. of the IEEE Conference on Collaboration and Internet Computing (CIC), 2020.Google Scholar
Maanak Gupta et al. Security and privacy in smart farming: Challenges and opportunities. IEEE Access, 8:34564--34584, 2020.Google ScholarCross Ref
Maanak Gupta, Farhan Patwa, and Ravi Sandhu. An attribute-based access control model for secure big data processing in hadoop ecosystem. In Proceedings of the Third ACM Workshop on Attribute-Based Access Control, pages 13--24, 2018.Google ScholarDigital Library
Maanak Gupta, Farhan Patwa, and Ravi Sandhu. Object-tagged RBAC model for the Hadoop ecosystem. In IFIP Annual Conference on Data and Applications Security and Privacy, pages 63--81. Springer, 2017.Google ScholarCross Ref
Vincent C Hu, D Richard Kuhn, and David F Ferraiolo. Access control for emerging distributed systems. Computer, 51(10):100--103, 2018.Google ScholarCross Ref
Yuan Tian et al. Smartauth: User-centered authorization for the internet of things. In 26th USENIX Security Symposium, pages 361--378, 2017.Google Scholar
Z Berkay Celik, Gang Tan, and Patrick D McDaniel. Iotguard: Dynamic enforcement of security and safety policy in commodity iot. In NDSS, 2019.Google ScholarCross Ref
Maribel Fernández et al. A Data Access Model for Privacy-Preserving Cloud-IoT Architectures. In Proceedings of the 25th ACM SACMAT, pages 191--202, 2020.Google Scholar
Weijia He et al. Rethinking access control and authentication for the home internet of things (IoT). In 27th $$USENIX$$ Security Symposium, 2018.Google Scholar
Weijia He et al. SoK: Context Sensing for Access Control in the Adversarial Home IoT.Google Scholar
Moosa Yahyazadeh et al. PatrIoT: Policy Assisted Resilient Programmable IoT System. In Int. Conf. on Runtime Verification. Springer, 2020.Google Scholar
Moosa Yahyazadeh et al. Expat: Expectation-based policy analysis and enforcement for appified smart-home platforms. In Proceedings of the 24th ACM Symposium on Access Control Models and Technologies, pages 61--72, 2019.Google Scholar
Elisa Bertino. IoT Security A Comprehensive Life Cycle Framework. In 2019 IEEE 5th International Conference on Collaboration and Internet Computing (CIC), pages 196--203. IEEE, 2019.Google Scholar
Maanak Gupta and Ravi Sandhu. Reachability Analysis for Attributes in ABAC with Group Hierarchy. arXiv preprint arXiv:2101.03736.Google Scholar
Smriti Bhatt et al. Access control model for AWS internet of things. In Int. Conf. on Network and System Security, pages 721--736. Springer, 2017.Google Scholar
Deepti Gupta et al. Access control model for Google cloud IoT. In IEEE 6th Intl Conference on Big Data Security on Cloud (BigDataSecurity), pages 198--208, 2020.Google Scholar
Asma Alshehri and Ravi Sandhu. Access control models for cloud-enabled internet of things: A proposed architecture and research agenda. In IEEE Int. Conference on Collaboration and Internet Computing (CIC), 2016.Google ScholarCross Ref
Imane Bouij-Pasquier et al. SmartOrBAC security and privacy in the Internet of Things. In 2015 IEEE/ACS 12th International Conference of Computer Systems and Applications (AICCSA), pages 1--8. IEEE, 2015.Google Scholar
Ning YE et al. An efficient authentication and access control scheme for perception layer of internet of things. Appl. Math, 8(4):1--8, 2014.Google Scholar
Maanak Gupta et al. Secure V2V and V2I communication in intelligent transportation using cloudlets. IEEE Transactions on Services Computing, 2020.Google Scholar
Roei Schuster, Vitaly Shmatikov, and Eran Tromer. Situational access control in the internet of things. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pages 1056--1073, 2018.Google ScholarDigital Library
Yunhan Jack Jia et al. ContexloT: Towards Providing Contextual Integrity to Appified IoT Platforms. In NDSS, volume 2, pages 2--2, 2017.Google Scholar
Aafaf Ouaddah et al. Access control in the Internet of Things: Big challenges and new opportunities. Computer Networks, 112:237--262, 2017.Google ScholarDigital Library
Smriti Bhatt and Ravi Sandhu. Convergent access control to enable secure smart communities. In IEEE Int. Conf. on Trust, Privacy and Security in Intelligent Systems and Applications, 2020.Google ScholarCross Ref
Ravi Sandhu. The PEI framework for application-centric security. In Proceedings of the 5th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, pages 1--5, 2009.Google ScholarCross Ref
Valentina Salapura et al. Generative policy framework for ai training data curation. In IEEE Int. Conference on Smart Computing, pages 475--477, 2019.Google Scholar
Amani Abu Jabal et al. Polisma-a framework for learning attribute-based access control policies. In European Symposium on Research in Computer Security, pages 523--544. Springer, 2020.Google Scholar
Maanak Gupta, Feras M Awaysheh, James Benson, Mamoun Al Azab, Farhan Patwa, and Ravi Sandhu. An attribute-based access control for cloud-enabled industrial smart vehicles. IEEE Transactions on Industrial Informatics, 2020.Google Scholar

Index Terms

Towards Activity-Centric Access Control for Smart Collaborative Ecosystems
1. Security and privacy
  1. Formal methods and theory of security
    1. Security requirements
  2. Security services
    1. Access control
    2. Authorization

Recommendations

BlueSky: Activity Control: A Vision for "Active" Security Models for Smart Collaborative Systems
SACMAT '22: Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies

Cyber physical ecosystem connects different intelligent devices over heterogeneous networks. Various operations are performed on smart objects to ensure efficiency and to support automation in smart environments. An Activity (defined by Gupta and Sandhu)...
Read More
Blockchain-Based Access Control for IoT in Smart Home Systems
Database and Expert Systems Applications
Abstract
Smart home systems are featured by a variety of connected smart household devices, where Internet of Things (IoT) is one of the critical enablers in the smart home environment. Since these smart home IoT devices are working collaboratively, the ...
Read More
SoTRAACE for smart security in ambient assisted living

Ambient Assisted Living (AAL) solutions have been conquering an important place among strategies to promote ageing in place and address the societal challenges of population ageing. Related available smart solutions and their pervasiveness raise security ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies
June 2021
194 pages
ISBN:9781450383653
DOI:10.1145/3450569
General Chair:
Jorge Lobo
ICREA & Universitat Pompeu Fabra, Spain
,
Program Chairs:
Roberto Di Pietro
Hamad Bin Khalifa University
,
Omar Chowdhury
The University of Iowa
Copyright © 2021 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 11 June 2021
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
IoT
activity-centric access control
collaborative systems
security and privacy
smart connected ecosystems
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate177of597submissions,30%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 17
  Total Citations
  View Citations
- 301
  Total Downloads
- Downloads (Last 12 months)50
- Downloads (Last 6 weeks)7
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Towards Activity-Centric Access Control for Smart Collaborative Ecosystems

SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

ABSTRACT

References

Cited By

Index Terms

Recommendations

BlueSky: Activity Control: A Vision for "Active" Security Models for Smart Collaborative Systems

Blockchain-Based Access Control for IoT in Smart Home Systems

SoTRAACE for smart security in ambient assisted living