Access control models for cloud-enabled internet of things: A proposed architecture and research Agenda

Asma Alshehri, Ravi Sandhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The concept and deployment of Internet of Things (IoT) has continued to develop momentum over recent years. Several different layered architectures for IoT have been proposed, although there is no consensus yet on a widely accepted architecture. In general, the proposed IoT architectures comprise three main components: an object layer, one or more middle layers, and an application layer. The main difference in detail is in the middle layers. Some include a cloud services layer for managing IoT things. Some propose virtual objects as digital counterparts for physical IoT objects. Sometimes both cloud services and virtual objects are included.In this paper, we take a first step toward our eventual goal of developing an authoritative family of access control models for a cloud-enabled Internet of Things. Our proposed access-control oriented architecture comprises four layers: an object layer, a virtual object layer, a cloud services layer, and an application layer. This 4-layer architecture serves as a framework to build access control models for a cloud-enabled IoT. Within this architecture, we present illustrative examples that highlight some IoT access control issues leading to a discussion of needed access control research. We identify the need for communication control within each layer and across adjacent layers (particularly in the lower layers), coupled with the need for data access control (particularly in the cloud services and application layers).

Original languageEnglish (US)
Title of host publicationProceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages530-538
Number of pages9
ISBN (Electronic)9781509046072
DOIs
StatePublished - Jan 6 2017
Event2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016 - Pittsburgh, United States

Other

Other2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016
CountryUnited States
CityPittsburgh
Period11/1/1611/3/16

Fingerprint

Internet
Internet of things
control
architecture
Access control
object
service
model
research
data access
deployment
consensus
discussion
family
example
concept
Momentum
Communication

Keywords

  • Access control
  • Cloud-enabled
  • Cyber security
  • Internet of things
  • IoT architecture
  • Virtual objects

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Sociology and Political Science

Cite this

Alshehri, A., & Sandhu, R. (2017). Access control models for cloud-enabled internet of things: A proposed architecture and research Agenda. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016 (pp. 530-538). [7809752] Institute of Electrical and Electronics Engineers Inc.. DOI: 10.1109/CIC.2016.081

Access control models for cloud-enabled internet of things : A proposed architecture and research Agenda. / Alshehri, Asma; Sandhu, Ravi.

Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 530-538 7809752.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Alshehri, A & Sandhu, R 2017, Access control models for cloud-enabled internet of things: A proposed architecture and research Agenda. in Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016., 7809752, Institute of Electrical and Electronics Engineers Inc., pp. 530-538, 2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016, Pittsburgh, United States, 1-3 November. DOI: 10.1109/CIC.2016.081
Alshehri A, Sandhu R. Access control models for cloud-enabled internet of things: A proposed architecture and research Agenda. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc.2017. p. 530-538. 7809752. Available from, DOI: 10.1109/CIC.2016.081

Alshehri, Asma; Sandhu, Ravi / Access control models for cloud-enabled internet of things : A proposed architecture and research Agenda.

Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 530-538 7809752.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

@inbook{23c13bbe684645e08326b0af0b9df915,
title = "Access control models for cloud-enabled internet of things: A proposed architecture and research Agenda",
abstract = "The concept and deployment of Internet of Things (IoT) has continued to develop momentum over recent years. Several different layered architectures for IoT have been proposed, although there is no consensus yet on a widely accepted architecture. In general, the proposed IoT architectures comprise three main components: an object layer, one or more middle layers, and an application layer. The main difference in detail is in the middle layers. Some include a cloud services layer for managing IoT things. Some propose virtual objects as digital counterparts for physical IoT objects. Sometimes both cloud services and virtual objects are included.In this paper, we take a first step toward our eventual goal of developing an authoritative family of access control models for a cloud-enabled Internet of Things. Our proposed access-control oriented architecture comprises four layers: an object layer, a virtual object layer, a cloud services layer, and an application layer. This 4-layer architecture serves as a framework to build access control models for a cloud-enabled IoT. Within this architecture, we present illustrative examples that highlight some IoT access control issues leading to a discussion of needed access control research. We identify the need for communication control within each layer and across adjacent layers (particularly in the lower layers), coupled with the need for data access control (particularly in the cloud services and application layers).",
keywords = "Access control, Cloud-enabled, Cyber security, Internet of things, IoT architecture, Virtual objects",
author = "Asma Alshehri and Ravi Sandhu",
year = "2017",
month = "1",
doi = "10.1109/CIC.2016.081",
pages = "530--538",
booktitle = "Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
address = "United States",

}

TY - CHAP

T1 - Access control models for cloud-enabled internet of things

T2 - A proposed architecture and research Agenda

AU - Alshehri,Asma

AU - Sandhu,Ravi

PY - 2017/1/6

Y1 - 2017/1/6

N2 - The concept and deployment of Internet of Things (IoT) has continued to develop momentum over recent years. Several different layered architectures for IoT have been proposed, although there is no consensus yet on a widely accepted architecture. In general, the proposed IoT architectures comprise three main components: an object layer, one or more middle layers, and an application layer. The main difference in detail is in the middle layers. Some include a cloud services layer for managing IoT things. Some propose virtual objects as digital counterparts for physical IoT objects. Sometimes both cloud services and virtual objects are included.In this paper, we take a first step toward our eventual goal of developing an authoritative family of access control models for a cloud-enabled Internet of Things. Our proposed access-control oriented architecture comprises four layers: an object layer, a virtual object layer, a cloud services layer, and an application layer. This 4-layer architecture serves as a framework to build access control models for a cloud-enabled IoT. Within this architecture, we present illustrative examples that highlight some IoT access control issues leading to a discussion of needed access control research. We identify the need for communication control within each layer and across adjacent layers (particularly in the lower layers), coupled with the need for data access control (particularly in the cloud services and application layers).

AB - The concept and deployment of Internet of Things (IoT) has continued to develop momentum over recent years. Several different layered architectures for IoT have been proposed, although there is no consensus yet on a widely accepted architecture. In general, the proposed IoT architectures comprise three main components: an object layer, one or more middle layers, and an application layer. The main difference in detail is in the middle layers. Some include a cloud services layer for managing IoT things. Some propose virtual objects as digital counterparts for physical IoT objects. Sometimes both cloud services and virtual objects are included.In this paper, we take a first step toward our eventual goal of developing an authoritative family of access control models for a cloud-enabled Internet of Things. Our proposed access-control oriented architecture comprises four layers: an object layer, a virtual object layer, a cloud services layer, and an application layer. This 4-layer architecture serves as a framework to build access control models for a cloud-enabled IoT. Within this architecture, we present illustrative examples that highlight some IoT access control issues leading to a discussion of needed access control research. We identify the need for communication control within each layer and across adjacent layers (particularly in the lower layers), coupled with the need for data access control (particularly in the cloud services and application layers).

KW - Access control

KW - Cloud-enabled

KW - Cyber security

KW - Internet of things

KW - IoT architecture

KW - Virtual objects

UR - http://www.scopus.com/inward/record.url?scp=85013170839&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85013170839&partnerID=8YFLogxK

U2 - 10.1109/CIC.2016.081

DO - 10.1109/CIC.2016.081

M3 - Conference contribution

SP - 530

EP - 538

BT - Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -