Login
Register
Submit a Paper
Propose a Special lssue
Open Access
ARTICLE
A Traceable Capability-based Access Control for IoT
1 Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, 510700, China
2 PCL Research Center of Cyberspace Security, Peng Cheng Laboratory, Shenzhen, 518052, China
3 Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, N2L 3G1, Canada
4 College of Electrical Engineering, Zhejiang University, Hangzhou, 310058, China
* Corresponding Author: Lihua Yin. Email:
Computers, Materials & Continua 2022, 72(3), 4967-4982. https://doi.org/10.32604/cmc.2022.023496
Received 10 September 2021; Accepted 02 December 2021; Issue published 21 April 2022
View Full Text
Download PDFAbstract
Delegation mechanism in Internet of Things (IoT) allows users to share some of their permissions with others. Cloud-based delegation solutions require that only the user who has registered in the cloud can be delegated permissions. It is not convenient when a permission is delegated to a large number of temporarily users. Therefore, some works like CapBAC delegate permissions locally in an offline way. However, this is difficult to revoke and modify the offline delegated permissions. In this work, we propose a traceable capability-based access control approach (TCAC) that can revoke and modify permissions by tracking the trajectories of permissions delegation. We define a time capability tree (TCT) that can automatically extract permissions trajectories, and we also design a new capability token to improve the permission verification, revocation and modification efficiency. The experiment results show that TCAC has less token verification and revocation/modification time than those of CapBAC and xDBAuth. TCAC can discover 73.3% unvisited users in the case of delegating and accessing randomly. This provides more information about the permissions delegation relationships, and opens up new possibilities to guarantee the global security in IoT delegation system. To the best of our knowledge, TCAC is the first work to capture the unvisited permissions.Keywords
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
Downloads
Citation Tools
