Securing the Web of Things With Role-Based Access Control
2015 (English)In: Codes, Cryptology, and Information Security: First International Conference, C2SI 2015, Rabat, Morocco, May 26-28, 2015, Proceedings - In Honor of Thierry Berger / [ed] Said El Hajji, Abderrahmane Nitaj, Claude Carlet, El Mamoun Souidi, Springer, 2015, 14-26 p.Chapter in book (Refereed)
Real-world things are increasingly becoming fully qualified members of the Web. From, pacemakers and medical records to children’s toys and sneakers, things are connected over the Web and publish information that is available for the whole world to see. It is crucial that there is secure access to this Web of Things (WoT) and to the related information published by things on the Web. In this paper, we introduce an architecture that encompasses Web-enabled things in a secure and scalable manner. Our architecture utilizes the features of the well-known role-based access control (RBAC) to specify the access control policies to the WoT, and we use cryptographic keys to enforce such policies. This approach enables prescribers to WoT services to control who can access what things and how access can continue or should terminate, thereby enabling privacy and security of large amount of data that these things are poised to flood the future Web with.
Place, publisher, year, edition, pages
Springer, 2015. 14-26 p.
, Lecture Notes in Computer Science, ISSN 0302-9743 ; 9084
Web of Things, Privacy, Access Control, RBAC, UCON
Research subject Technology
IdentifiersURN: urn:nbn:se:his:diva-11909DOI: 10.1007/978-3-319-18681-8_2ISBN: 978-3-319-18680-1ISBN: 978-3-319-18681-8OAI: oai:DiVA.org:his-11909DiVA: diva2:902641