A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study

Tahir Ahmad; Umberto Morelli; Silvio Ranise; Nicola Zannone

doi:10.1145/3205977.3205989

A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study

Tahir Ahmad, Umberto Morelli, Silvio Ranise, Nicola Zannone

Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

15 Citations (Scopus)

1 Downloads (Pure)

Abstract

The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security mechanisms available in the cloud have been extended to IoT with some shortcomings with respect to the management and enforcement of access control policies. Access Control as a Service (ACaaS) is emerging as a solution to overcome these difficulties. The paper proposes a lazy approach to ACaaS that allows the specification and management of policies independently of the CSP while leveraging its enforcement mechanisms.We demonstrate the approach by investigating (also experimentally) alternative deployments in the IoT platform offered by Amazon Web Services on a realistic smart lock solution.

Original language	English
Title of host publication	SACMAT 2018 - Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies
Publisher	Association for Computing Machinery, Inc
Pages	235-246
Number of pages	12
ISBN (Electronic)	9781450356664
DOIs	https://doi.org/10.1145/3205977.3205989
Publication status	Published - 7 Jun 2018
Event	23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018) - Indianapolis, United States Duration: 13 Jun 2018 → 15 Jun 2018 Conference number: 23 http://www.sacmat.org

Conference

Conference	23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018)
Abbreviated title	SACMAT 2018
Country/Territory	United States
City	Indianapolis
Period	13/06/18 → 15/06/18
Internet address	http://www.sacmat.org

Keywords

Attribute-based access control
Edge computing
Internet of things
IoT platforms
Policy specification and management

Access to Document

10.1145/3205977.3205989

Cite this

@inproceedings{e1b82b5ecf1f4c4b9d2d2892ae006b1c,

title = "A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study",

abstract = "The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security mechanisms available in the cloud have been extended to IoT with some shortcomings with respect to the management and enforcement of access control policies. Access Control as a Service (ACaaS) is emerging as a solution to overcome these difficulties. The paper proposes a lazy approach to ACaaS that allows the specification and management of policies independently of the CSP while leveraging its enforcement mechanisms.We demonstrate the approach by investigating (also experimentally) alternative deployments in the IoT platform offered by Amazon Web Services on a realistic smart lock solution.",

keywords = "Attribute-based access control, Edge computing, Internet of things, IoT platforms, Policy specification and management",

author = "Tahir Ahmad and Umberto Morelli and Silvio Ranise and Nicola Zannone",

year = "2018",

month = jun,

day = "7",

doi = "10.1145/3205977.3205989",

language = "English",

pages = "235--246",

booktitle = "SACMAT 2018 - Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies",

publisher = "Association for Computing Machinery, Inc",

address = "United States",

note = "23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018), SACMAT 2018 ; Conference date: 13-06-2018 Through 15-06-2018",

url = "http://www.sacmat.org",

}

Ahmad, T, Morelli, U, Ranise, S & Zannone, N 2018, A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study. in SACMAT 2018 - Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, Inc, pp. 235-246, 23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018), Indianapolis, Indiana, United States, 13/06/18. https://doi.org/10.1145/3205977.3205989

A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study. / Ahmad, Tahir; Morelli, Umberto; Ranise, Silvio et al.
SACMAT 2018 - Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, Inc, 2018. p. 235-246.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - A lazy approach to access control as a service (ACaaS) for IoT

T2 - 23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018)

AU - Ahmad, Tahir

AU - Morelli, Umberto

AU - Ranise, Silvio

AU - Zannone, Nicola

N1 - Conference code: 23

PY - 2018/6/7

Y1 - 2018/6/7

N2 - The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security mechanisms available in the cloud have been extended to IoT with some shortcomings with respect to the management and enforcement of access control policies. Access Control as a Service (ACaaS) is emerging as a solution to overcome these difficulties. The paper proposes a lazy approach to ACaaS that allows the specification and management of policies independently of the CSP while leveraging its enforcement mechanisms.We demonstrate the approach by investigating (also experimentally) alternative deployments in the IoT platform offered by Amazon Web Services on a realistic smart lock solution.

AB - The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security mechanisms available in the cloud have been extended to IoT with some shortcomings with respect to the management and enforcement of access control policies. Access Control as a Service (ACaaS) is emerging as a solution to overcome these difficulties. The paper proposes a lazy approach to ACaaS that allows the specification and management of policies independently of the CSP while leveraging its enforcement mechanisms.We demonstrate the approach by investigating (also experimentally) alternative deployments in the IoT platform offered by Amazon Web Services on a realistic smart lock solution.

KW - Attribute-based access control

KW - Edge computing

KW - Internet of things

KW - IoT platforms

KW - Policy specification and management

UR - http://www.scopus.com/inward/record.url?scp=85049316180&partnerID=8YFLogxK

U2 - 10.1145/3205977.3205989

DO - 10.1145/3205977.3205989

M3 - Conference contribution

AN - SCOPUS:85049316180

SP - 235

EP - 246

BT - SACMAT 2018 - Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies

PB - Association for Computing Machinery, Inc

Y2 - 13 June 2018 through 15 June 2018

ER -

A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study

Abstract

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this