IoT-FBAC: function-based access control scheme using identity-based encryption in IoT
Version 2 2024-06-05, 02:22Version 2 2024-06-05, 02:22
Version 1 2019-02-18, 14:19Version 1 2019-02-18, 14:19
journal contribution
posted on 2024-06-05, 02:22authored byH Yan, Y Wang, C Jia, J Li, Y Xiang, W Pedrycz
The Internet of Things (IoT) has become one of critical parts in our daily life. As a large number of smart things connecting to the Internet, terminals are vulnerable to various attacks. Thus the security of IoT becomes important before they are widely applied. Smart home, as an interesting application of IoT, has attracted more and more attention. However, most of the existing works have focused on the authentication between devices and the home gateway, which are only able to realize coarse-grained access control. In another word, once a device is authenticated, the user can access all the functions of the device. This leads to the over-privilege access behavior. To solve this problem, we propose a Function-based Access Control scheme in IoT (IoT-FBAC), that uses an Identity-based Encryption (IBE) scheme. The proposed scheme provides fine-grained access control, prevents applications from accessing unauthorized functions. Meanwhile, the cost of each access operation is a constant in IoT-FBAC scheme. The security analysis indicates that the IoT-FBAC scheme is secure, which can prevent over-privilege access. The experiment results demonstrate that the proposed scheme is effective.