The Study of Access Control for Service-Oriented Computing in Internet of Things

Full Text (PDF, 167KB), PP.62-68

Views: 0 Downloads: 0

Author(s)

Guoping Zhang 1,* Jing Liu 1

1. China University of Petroleum, Dong Ying, China

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2012.03.10

Received: 1 Mar. 2012 / Revised: 12 Apr. 2012 / Accepted: 14 May 2012 / Published: 15 Jun. 2012

Index Terms

Internet of Things, Service-Oriented, Access Control, Workflow, Task, Attribute

Abstract

In Internet of Things, computing and processing of information is the core supporting. In this paper, we introduce “Service-Oriented Computing” to solve the computing and processing of information in IoT. However, a key challenge in service-oriented environment is the design of effective access control schemas.We put forward a model of Workflow -oriented Attributed Based Access Control (WABAC), and an access control framework based on WABAC model. WABAC model grants and adapts permissions to subjects according to subject atttribute, resource attribute, environment attribute and current task, meeting access control request of SOC. Using the approach presented can effectively enhance the access control security for SOC applications, and prevent the abuse of subject permissions.

Cite This Paper

Guoping Zhang,Jing Liu,"The Study of Access Control for Service-Oriented Computing in Internet of Things", IJWMT, vol.2, no.3, pp.62-68, 2012. DOI: 10.5815//ijwmt.2012.03.10

Reference

[1]International Telecommunication Union UIT, “ITU Internet Reports 2005:The Internet of Things”, 2005.

[2]Papazoglou M.P, “Service-oriented computing: Concepts, Characteristics and directions”, In: Proceedings of the 4th International Conference on Web Information Systems Engineering, 2003.

[3]W3C Working Group Note, “Web Services Architecture”, l1 February 2004.

[4]Patrik Spiess and Stamatis Karnouskos, “SOA-based Integration of the Internet of Things in Enterprise Services”, 2009 IEEE International Conference on Web Services.

[5]SHEN Haibo and HONG Fan, “A Context-Aware Role-Based Access Control Model for Web Services”, Proceedings of the 2005 IEEE International Conference on e-Business Engineering (ICEBE 05).

[6]Junqiang Zhu, Yu Zhou and Weiqin Tong, “Access Control on the Composition of Web Services”,Proceedings of the International Conference on Next Generation Web Services Practices(NWeSP 06), 2006.

[7]Xu Feng, Lin Guoyuan, Huang Hao, and Xie Li, “Role-based Access Control System for Web Services”, Proceedings of the Fourth International Conference on Computer and Information Technology (CIT 04).

[8]http://www.isso.sparta.com/documents/

[9]Eric Yuan and Jin Tong, “Attributed Based Access Control (ABAC) for Web Services”, Proceedings of the IEEE International Conferenceon Web Services (ICWS 05), 2005.7:560-569.

[10]R.K.Thomas and R.S.Sandhu, “Task-based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-oriented Authorization Management”, Proceedings of the IFIP WG11.3 Workshop on Database Security, Auguest 1997.

[11]Xiangning Zhou and Zhaolong Wan, “An Access Control Model of Workflow System Integrating RBAC and TBAC”, In IFIP International Federation for Information Processing, vol. 252, 2007, pp.246-251.

[12]http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security

[13]http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml

Torsten Priebe, Wolfgang Dobmeier, Christian Schläger, and Nora Kamprath, “Supporting Attribute-based Access Control in Authorization and Authentication Infrastructures with Ontologies”, Proceedings of the First International Conference on Availability,Reliability and Security (ARES 06), April 2006.