Deakin University
Browse

File(s) under permanent embargo

IoT-FBAC: function-based access control scheme using identity-based encryption in IoT

Version 2 2024-06-05, 02:22
Version 1 2019-02-18, 14:19
journal contribution
posted on 2024-06-05, 02:22 authored by H Yan, Y Wang, C Jia, J Li, Y Xiang, W Pedrycz
The Internet of Things (IoT) has become one of critical parts in our daily life. As a large number of smart things connecting to the Internet, terminals are vulnerable to various attacks. Thus the security of IoT becomes important before they are widely applied. Smart home, as an interesting application of IoT, has attracted more and more attention. However, most of the existing works have focused on the authentication between devices and the home gateway, which are only able to realize coarse-grained access control. In another word, once a device is authenticated, the user can access all the functions of the device. This leads to the over-privilege access behavior. To solve this problem, we propose a Function-based Access Control scheme in IoT (IoT-FBAC), that uses an Identity-based Encryption (IBE) scheme. The proposed scheme provides fine-grained access control, prevents applications from accessing unauthorized functions. Meanwhile, the cost of each access operation is a constant in IoT-FBAC scheme. The security analysis indicates that the IoT-FBAC scheme is secure, which can prevent over-privilege access. The experiment results demonstrate that the proposed scheme is effective.

History

Journal

Future generation computer systems

Volume

95

Pagination

344-353

Location

Amsterdam, The Netherlands

ISSN

0167-739X

Language

eng

Publication classification

C1.1 Refereed article in a scholarly journal

Copyright notice

2019, Elsevier B.V.

Publisher

Elsevier