Abstract
This chapter presents a detailed description of the implementation of the proposed access control architecture that is presented in Chap. 3. This chapter aims to show how the proposed architecture can achieve significant improvement by reducing the number of policies required for specifying access control settings while providing efficient access control in an IoT environment. Standard XACML [1] based policy scheme is used. The proof of concept prototype is implemented using a physical testbed experiment to demonstrate the feasibility of the proposed approach. Note, the system’s operations are tested with both symmetric and asymmetric key cryptography based approaches.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note, this is the performance on a consumer grade computer and we can get much better performance running the exact same setup on more powerful hardware. Also, we have implemented a synchronous TCP server that handles requests submitted to the CMS. An asynchronous implementation would also boost the performance considerably. These improvements are however out of the scope of our contribution in this chapter.
References
extensible access control markup language (xacml) version 3.0, http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html (2013) Accessed 02 Nov 2017
Mqtt version 3.1.1, https://mqtt.org/. Accessed 02 June 2018
J. Dizdarević, F. Carpio, A. Jukan, X. Masip-Bruin, A survey of communication protocols for internet of things and related challenges of fog and cloud computing integration. ACM Comput. Surv. 51(6), 116:1–116:29 (2019), http://doi.acm.org/10.1145/3292674
Z. Shelby, K. Hartke, C. Bormann, The constrained application protocol (coap). Technical Report (2014). http://www.rfc-editor.org/info/rfc7252
Mqtt vs. http: which one is the best for iot?, https://medium.com/mqtt-buddy/mqtt-vs-http-which-one-is-the-best-for-iot-c868169b3105. Accessed 21 Feb 2018
V. Sarafov, Comparison of iot data protocol overhead. Netw. Arch. Serv. (2018). https://doi.org/10.2313/NET-2018-03-1_02
GitHub, “abc.xacml,” https://github.com/abc-software/abc.xacml (2016). Accessed 25 May 2017
S. Gusmeroli, S. Piccione, D. Rotondi, A capability-based security approach to manage access control in the Internet of Things. Math. Comput. Modell. 58(5–6), 1189–1205 (2013), http://dx.doi.org/10.1016/j.mcm.2013.02.006
nodeMCU, http://www.nodemcu.com/index_en.html. Accessed 20 Apr 2017
S. Chandra, S. Paira, S.S. Alam, G. Sanyal, A comparative survey of symmetric and asymmetric key cryptography, in 2014 International Conference on Electronics, Communication and Computational Engineering (ICECCE) (2014), pp. 83–93
J.L. Hernández-Ramos, A.J. Jara, L. Marín, A.F. Skarmeta Gómez, DCapBAC: embedding authorization logic into smart things through ECC optimizations. Int. J. Comput. Math. 93(2), 345–366 (2016), http://dx.doi.org/10.1080/00207160.2014.915316
Cybersecurity pro: Networked medical devices pose huge risks to patient safety, https://www.healthcareitnews.com/news/cybersecurity-pro-networked-medical-devices-pose-huge-risks-patient-safety. Accessed 01 March 2019
Sensors facilitate health monitoring, https://www.sensorsmag.com/components/sensors-facilitate-health-monitoring. Accessed 02 March 2019
H.L. Tubbs-Cooley, J.P. Cimiotti, J.H. Silber, D.M. Sloane, L.H. Aiken, An observational study of nurse staffing ratios and hospital readmission among children admitted for common conditions, BMJ Qual. Safety 22(9), 735–742 (2013), https://qualitysafety.bmj.com/content/22/9/735
Dhb clinical staffing numbers, https://www.health.govt.nz/our-work/health-workforce/dhb-clinical-staffing-numbers. Accessed 02 March 2019
Wireless sensors collect temperature and pressure of bedbound patients, https://www.medicaldevice-network.com/news/wireless-sensors-collect-temperature-pressure-bedbound-patients/. Accessed 02 March 2019
K. Chen, S. Zhang, Z. Li, Y. Zhang, Q. Deng, S. Ray, Y. Jin, Internet-of-things security and vulnerabilities: Taxonomy, challenges, and practice. J. Hardware Syst. Sec. 2(2), 97–110 (2018). https://doi.org/10.1007/s41635-017-0029-7
I. Yaqoob, I.A.T. Hashem, A. Ahmed, S.A. Kazmi, C.S. Hong, Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges. Future Gen. Comput. Syst. 92, 265–275 (2019), http://www.sciencedirect.com/science/article/pii/S0167739X18315644
S. Mukherjee, I. Ray, I. Ray, H. Shirazi, T. Ong, M.G. Kahn, Attribute based access control for healthcare resources, in Proceedings of the 2Nd ACM Workshop on Attribute-Based Access Control, ser. ABAC ’17. New York, NY, USA: ACM (2017), pp. 29–40, http://dx.doi.org/10.1145/3041048.3041055
J. Hernandez-Ramos, A. Jara, L. Marın, A. Skarmeta, Distributed capability-based access control for the internet of things. J. Internet Ser. Inf. Sec. 3(3/4), 1–16 (2013), http://isyou.info/jisis/vol3/no34/jisis-2013-vol3-no34-01.pdf
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Pal, S. (2021). System Implementation and Evaluation. In: Internet of Things and Access Control. Smart Sensors, Measurement and Instrumentation, vol 37. Springer, Cham. https://doi.org/10.1007/978-3-030-64998-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-030-64998-2_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-64997-5
Online ISBN: 978-3-030-64998-2
eBook Packages: EngineeringEngineering (R0)