Secure and Authenticated Access to LLN Resources Through Policy Constraints
Authors: 
Konstantinos Rantos, Konstantinos Fysarakis, Othonas Soultatos, Ioannis AskoxylakisAuthors Info & Claims
Abstract
Ubiquitous devices comprising several resource-constrained sensors and actuators while having the long desired Internet connectivity, are becoming part of many solutions that seek to enhance user’s environment smartness and quality of living. Their intrinsic resource limitations however constitute critical requirements, such as security, a great challenge. When these nodes are associated with applications that might have an impact in user’s privacy or even become life threatening, the security issues are of primary concern. Access to these resources should be appropriately controlled to ensure that such wearable nodes are adequately protected. On the other hand, it is very important to not restrict access to only a very closed group of entities. This work presents a service oriented architecture that utilizes policy-based, unified, cross-platform and flexible access control to allow authenticated entities consume the services provided by wearable nodes while protecting their valuable resources.
References
[1]
Cui, A., Stolfo, S.J.: A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan. In: Proceedings of the 26th Annual Computer Security Applications Conference, ACSAC 2010, pp. 97–106. ACM, New York (2010). http://doi.acm.org/10.1145/1920261.1920276
[2]
Parducci, B., Lockhart, H., Rissanen, E.: eXtensible Access Control Markup Language (XACML) Version 3.0, pp. 1–150 (2003). http://docs.oasis-open.org/xacml/3.0/
[3]
He, D., Bu, J., Zhu, S., Chan, S., Chen, C.: Distributed Access Control with Privacy Support in Wireless Sensor Networks. IEEE Transactions on Wireless Communications 10(10), 3472–3481 (2011)
[4]
Yu, S., Ren, K., Lou, W.: FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks. IEEE Transactions on Parallel and Distributed Systems 22(4), 352–362 (2011)
[5]
Askoxylakis, I.G., Markantonakis, K., Tryfonas, T., May, J., Traganitis, A.: A face centered cubic key agreement mechanism for mobile ad hoc networks. In: Granelli, F., Skianis, C., Chatzimisios, P., Xiao, Y., Redana, S. (eds.) MOBILIGHT 2009. LNICST, vol. 13, pp. 103–113. Springer, Heidelberg (2009)
[6]
Manifavas, C., Fysarakis, K., Rantos, K., Kagiambakis, K., Papaefstathiou, I.: Policy-based access control for body sensor networks. In: Naccache, D., Sauveron, D. (eds.) WISTP 2014. LNCS, vol. 8501, pp. 150–159. Springer, Heidelberg (2014)
[7]
Serbanati, A., Segura, A.S., Oliverau, A., Saied, Y.B., Gruschka, N., Gessner, D., Gomez-Marmol, F.: Internet of Things Architecture, Concept and Solutions for Privacy and Security in the Resolution Infrastructure. EU project IoT-A, Project report D4.2 (2012). http://www.iot-a.eu/
[8]
El-Aziz, A., Kannan, A.: Access control for healthcare data using extended XACML-SRBAC model. In: 2012 International Conference on Computer Communication and Informatics, Dept. of Information Science & Technology, Anna University, pp. 1–4. IEEE, January 2012
[9]
Zhu, Y., Keoh, S., Sloman, M., Lupu, E.: A lightweight policy system for body sensor networks. IEEE Transactions on Network and Service Management 6(3), 137–148 (2009)
[10]
Colitti, W., Steenhaut, K., De Caro, N.: Integrating wireless sensor networks with the web. In: Proc. of Extending the Internet to Low Power and Lossy Networks, Chicago, IL, USA (2011)
[11]
Westerinen, A., Schnizlein, J., Strassner, J., Scherling, M., Quinn, B., Herzog, S., Huynh, A., Carlson, M., Perry, J., Waldbusser, S.: Terminology for Policy-Based Management, pp. 1–22 (2001). http://www.ietf.org/rfc/rfc3198.txt
[12]
Anderson, A., Lockhart, H.: SAML 2.0 Profile of XACML, Version 2.0 (2005). http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-saml-profile-spec-os.pdf
[13]
Hughes, J., Cantor, S., Hodges, J., Hirsch, F., Mishra, P., Philpott, R., Maler, E.: Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0 (2005). http://docs.oasis-open.org/security/saml/v2.0/saml-profiles-2.0-os.pdf
[14]
Sun Microsystems Laboratories, XACML. http://sunxacml.sourceforge.net
[15]
Web Services for Devices (WS4D). http://ws4d.e-technik.uni-rostock.de
[16]
WS4D-JMEDS DPWS Stack. http://sourceforge.net/projects/ws4d-javame/
[17]
Dierks, T., Rescorla, E.: RFC 5246 - The Transport Layer Security (TLS) Protocol Version 1.2, pp. 1–104 (2008). http://tools.ietf.org/rfc/rfc5246.txt
[18]
Rescorla, E., Modadugu, N.: Datagram Transport Layer Security, pp. 1–31 (2012). http://tools.ietf.org/rfc/rfc6347.txt
[19]
Rantos, K., Papanikolaou, A., Manifavas, C.: Ipsec over ieee 802.15.4 for low power and lossy networks. In: Proceedings of the 11th ACM International Symposium on Mobility Management and Wireless Access, MobiWac 2013, pp. 59–64. ACM, New York (2013)
[20]
Rantos, K., Papanikolaou, A., Manifavas, C., Papaefstathiou, I.: Ipv6 security for low power and lossy networks. In: 2013 IFIP Wireless Days (WD), pp. 1–8, November 2013
[21]
Raza, S., Duquennoy, S., Chung, T., Yazar, D., Voigt, T., Roedig, U.: Securing communication in 6LoWPAN with compressed IPsec. In: Proceedings of the 7th IEEE International Conference on Distributed Computing in Sensor Systems (IEEE DCOSS 2011), Barcelona, Spain, June 2011
[22]
Lawrence, K., Kaler, C., Nadalin, A., Monzilo, R., Hallam-Baker, P.: Web Services Security: SOAP Message Security 1.1, pp. 1–76 (2006). http://docs.oasis-open.org/wss/v1.1/
[23]
Lascelles, F., Flint, A.: WS-Security Performance (2006). http://websphere.sys-con.com/node/204424
Index Terms
- Secure and Authenticated Access to LLN Resources Through Policy Constraints
Index terms have been assigned to the content through auto-classification.
Recommendations
Policy-Based Access Control for Body Sensor Networks
Proceedings of the 8th IFIP WG 11.2 International Workshop on Information Security Theory and Practice. Securing the Internet of Things - Volume 8501Sensor nodes and actuators are becoming ubiquitous and research efforts focus on addressing the various issues stemming from resources constraints and other intrinsic characteristics typically associated with such devices and their applications. In the ...
Secure Delegation Model based on SAML in Ubiquitous Environments
ISA '08: Proceedings of the 2008 International Conference on Information Security and Assurance (isa 2008)Ubiquitous environment is a post-desktop model of human-computer interaction in which information processing has been thoroughly integrated into everyday objects and activities. But hacker attack one of fragile point and can misuse legitimate user ...
A network access control approach based on the AAA architecture and authorization attributes
Network access control mechanisms constitute an increasingly needed service, when communications are becoming more and more ubiquitous thanks to some technologies such as wireless networks or Mobile IP. This paper presents a particular scenario where ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
284 pages
Copyright © 2015 IFIP International Federation for Information Processing.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 24 August 2015
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Oct 2024
Other Metrics
Citations
View Options
View options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in