Browse > Article
http://dx.doi.org/10.3837/tiis.2021.12.016

A Distributed Fog-based Access Control Architecture for IoT  

Alnefaie, Seham (Department of Information Technology, Faculty of Computing and Information Technology, King Abdulaziz University)
Cherif, Asma (Department of Information Technology, Faculty of Computing and Information Technology, King Abdulaziz University)
Alshehri, Suhair (Department of Information Technology, Faculty of Computing and Information Technology, King Abdulaziz University)
Publication Information
KSII Transactions on Internet and Information Systems (TIIS) / v.15, no.12, 2021 , pp. 4545-4566 More about this Journal
Abstract
The evolution of IoT technology is having a significant impact on people's lives. Almost all areas of people's lives are benefiting from increased productivity and simplification made possible by this trending technology. On the downside, however, the application of IoT technology is posing some security challenges, among them, unauthorized access to IoT devices. This paper presents an Attribute-based Access Control Fog architecture that aims to achieve effective distribution, increase availability and decrease latency. In the proposed architecture, the main functional points of the Attribute-based Access Control are distributed to provide policy decision and policy information mechanisms in fog nodes, locating these functions near end nodes. To evaluate the proposed architecture, an access control engine based on the Attribute-based Access Control was built using the Balana library and simulated using EdgeCloudSim to compare it to the traditional cloud-based architecture. The experiments show that the fog-based architecture provides robust results in terms of reducing latency in making access decisions.
Keywords
ABAC; Access Control; Fog Computing; IoT; Synchronization;
Citations & Related Records
연도 인용수 순위
  • Reference
1 eXtensible Access Control Markup Language (XACML) Version 3.0, XACML-V3.0. 2013.
2 C. Sonmez, A. Ozgovde, and C. Ersoy, "EdgeCloudSim: An environment for performance evaluation of edge computing systems," in Proc. of 2017 Second International Conference on Fog and Mobile Edge Computing (FMEC), Valencia, Spain, pp. 39-44, 2017.
3 S. Alnefaie, A. Cherif, and S. Alshehri, "Towards a Distributed Access Control Model for IoT in Healthcare," in Proc. of 2019 2nd International Conference on Computer Applications Information Security (ICCAIS), pp. 1-6, 2019.
4 A. Ouaddah, H. Mousannif, A. Abou Elkalam, and A. Ait Ouahman, "Access control in the Internet of Things: Big challenges and new opportunities," Comput. Netw., vol. 112, pp. 237-262, Jan. 2017.   DOI
5 V. C. Hu et al., "Guide to Attribute Based Access Control (ABAC) Definition and Considerations," National Institute of Standards and Technology, NIST SP 800-162, Jan. 2014.
6 F. A. Kraemer, A. E. Braten, N. Tamkittikhun, and D. Palma, "Fog Computing in Healthcare-A Review and Discussion," IEEE Access, vol. 5, pp. 9206-9222, 2017.   DOI
7 S. Alnefaie, S. Alshehri, and A. Cherif, "A survey on access control in IoT: models, architectures and research opportunities," Int. J. Secur. Netw., vol. 16, 2021.
8 S. Salonikias, A. Gouglidis, I. Mavridis, and D. Gritzalis, "Access Control in Industrial Internet of Things," in Proc. of Security and Privacy Trends in the Industrial Internet of Things, Springer, pp. 95-114, 2018.
9 H. Atlam, M. Alassafi, A. Alenezi, R. Walters, and G. Wills, "XACML for Building Access Control Policies in Internet of Things," in Proc. of the 3rd International Conference on Internet of Things, Big Data and Security, pp. 253-260, 2018.
10 M. Mukherjee et al., "Security and Privacy in Fog Computing: Challenges," IEEE Access, vol. 5, pp. 19293-19304, 2017.   DOI
11 S. Salonikias, I. Mavridis, and D. Gritzalis, "Access Control Issues in Utilizing Fog Computing for Transport Infrastructure," in Proc. of Critical Information Infrastructures Security, vol. 9578, E. Rome, M. Theocharidou, and S. Wolthusen, Eds. Cham: Springer International Publishing, pp. 15-26, 2016.
12 C. S. & V. F. Emmanuel Bertin Dina Hussein, "Access control in the Internet of Things: a survey of existing approaches and open research questions," Ann. Telecommun., vol. 74, pp. 375-388, 2019.   DOI
13 S. Ravidas, A. Lekidis, F. Paci, and N. Zannone, "Access control in Internet-of-Things: A survey," J. Netw. Comput. Appl., vol. 144, pp. 79-101, 2019..   DOI
14 S. Pal, M. Hitchens, V. Varadharajan, and T. Rabehaja, "Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things," EAI Endorsed Trans. Ind. Netw. Intell. Syst., vol. 4, no. 13, p. 154370, Mar. 2018.   DOI
15 D. Hussein, E. Bertin, and V. Frey, "A Community-Driven Access Control Approach in Distributed IoT Environments," IEEE Commun. Mag., vol. 55, no. 3, pp. 146-153, Mar. 2017.   DOI
16 I. Martinez, A. S. Hafid, and A. Jarray, "Design, Resource Management and Evaluation of Fog Computing Systems: A Survey," IEEE Internet Things J., vol. 8, no. 4, pp. 2494-2516, 2021.   DOI
17 L. A. Charaf, I. Alihamidi, A. Deroussi, M. Saber, A. Ait Madi and A. Addaim, "Proposed Access Control Architecture Based on Fog Computing for IoT Environments," in Proc. of the 7th International Conference on Optimization and Applications (ICOA), IEEE, 2021.
18 M. Maksimovic, "Implementation of Fog computing in IoT-based healthcare system," JITA - J. Inf. Technol. Appl. Banja Luka - APEIRON, vol. 14, no. 2, Jan. 2018.
19 WSO2, "WSO2 Balana Implementation," 2021.
20 I. Ray, B. Alangot, S. Nair, and K. Achuthan, "Using Attribute-Based Access Control for Remote Healthcare Monitoring," in Proc. of 2017 Fourth International Conference on Software Defined Systems (SDS), Valencia, Spain, pp. 137-142, May 2017.
21 S. Sakr and A. Y. Zomaya, Eds., "Attribute-Based Access Control (ABAC)," Encyclopedia of Big Data Technologies, Cham: Springer International Publishing, pp. 117-117, 2019,.
22 T. Landes, "Dynamic Vector Clocks for Consistent Ordering of Events in Dynamic Distributed Applications," in Proc. of the International Conference on Parallel and Distributed Processing Techniques and Applications, vol. 1, Las Vegas, Nevada, pp. 31-37, 2006.
23 M. A. Aleisa, A. Abuhussein, and F. T. Sheldon, "Access Control in Fog Computing: Challenges and Research Agenda," IEEE Access, vol. 8, pp. 83986-83999, 2020.   DOI