Open Access iconOpen Access



A Traceable Capability-based Access Control for IoT

Chao Li1, Fan Li1,2, Cheng Huang3, Lihua Yin1,*, Tianjie Luo1,2, Bin Wang4

1 Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510700, China
2 PCL Research Center of Cyberspace Security, Peng Cheng Laboratory, Shenzhen, 518052, China
3 Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, N2L 3G1, Canada
4 College of Electrical Engineering, Zhejiang University, Hangzhou, 310058, China

* Corresponding Author: Lihua Yin. Email: email

Computers, Materials & Continua 2022, 72(3), 4967-4982.


Delegation mechanism in Internet of Things (IoT) allows users to share some of their permissions with others. Cloud-based delegation solutions require that only the user who has registered in the cloud can be delegated permissions. It is not convenient when a permission is delegated to a large number of temporarily users. Therefore, some works like CapBAC delegate permissions locally in an offline way. However, this is difficult to revoke and modify the offline delegated permissions. In this work, we propose a traceable capability-based access control approach (TCAC) that can revoke and modify permissions by tracking the trajectories of permissions delegation. We define a time capability tree (TCT) that can automatically extract permissions trajectories, and we also design a new capability token to improve the permission verification, revocation and modification efficiency. The experiment results show that TCAC has less token verification and revocation/modification time than those of CapBAC and xDBAuth. TCAC can discover 73.3% unvisited users in the case of delegating and accessing randomly. This provides more information about the permissions delegation relationships, and opens up new possibilities to guarantee the global security in IoT delegation system. To the best of our knowledge, TCAC is the first work to capture the unvisited permissions.


Cite This Article

APA Style
Li, C., Li, F., Huang, C., Yin, L., Luo, T. et al. (2022). A traceable capability-based access control for iot. Computers, Materials & Continua, 72(3), 4967-4982.
Vancouver Style
Li C, Li F, Huang C, Yin L, Luo T, Wang B. A traceable capability-based access control for iot. Comput Mater Contin. 2022;72(3):4967-4982
IEEE Style
C. Li, F. Li, C. Huang, L. Yin, T. Luo, and B. Wang "A Traceable Capability-based Access Control for IoT," Comput. Mater. Contin., vol. 72, no. 3, pp. 4967-4982. 2022.

cc This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 1543


  • 1128


  • 0


Share Link