Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things
Journal Title: EAI Endorsed Transactions on Industrial Networks and Intelligent Systems - Year 2017, Vol 4, Issue 13
Abstract
There has been tremendous growth in the application of the Internet of Things (IoT) in our daily lives. Yet with this growth has come numerous security concerns and privacy challenges for both the users and the systems. Smart devices have many uses in a healthcare system, e.g. collecting and reporting patient data and controlling the administration of treatment. In this paper, we address the specific security issue of access control for smart healthcare systems and the protection of smart things from unauthorised access in such large scale systems. Commonly used access control approaches e.g. Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC) and Capability-Based Access Control (CapBAC) do not, in isolation, provide a complete solution for securing access to IoT-enabled smart healthcare devices. They may, for example, require an overly-centralised solution or an unmanageably large policy base. We propose a novel access control architecture which improves policy management by reducing the required number of authentication policies in a large-scale healthcare system while providing fine-grained access control. The devised access control model employs attributes, roles and capabilities. We apply attributes for role membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on attributes of the user and are then used to access specific services provided by things. We also provide a formal specification of the model and a description of its implementation and demonstrate its application through di erent use-case scenarios. The evaluation results of core functionality of our architecture are provided with the practical testbed experiments.
Authors and Affiliations
Shantanu Pal, Michael Hitchens, Vijay Varadharajan, Tahiry Rabehaja
Keywords
Related Articles
- EP ID EP46076
- DOI http://dx.doi.org/10.4108/eai.20-3-2018.154370
- Views 322
- Downloads 0
A2Ba: Adaptive Background Modelling for Visual Aerial Surveillance Conditions
Background modelling algorithms are widely used to define a part of an image that most time remains stationary in a video. In surveillance tasks, this model helps to recognize those outlier objects in an area under monit...
Data network related to an object manufacturing inside of exerted Intelligent System
Most of today’s information systems are not fully integrated. Companies, suppliers, and customers are rarely closely linked. Functions within a chain from the enterprise to the shop floor level are not fully integrated....
Outage Performance of a Two-branch Cooperative Energy-constrained Relaying Network with Selection Combining at Destination
In this paper, we investigate two-branch cooperative DF relaying networks with selection combining at the destination. Two intermediate relay-clusters (a conventional relay cluster and an energy-constrained relay cluster...
A Particle Swarm Optimization with Adaptive Multi-Swarm Strategy for Capacitated Vehicle Routing Problem.
Capacitated vehicle routing problem with pickups and deliveries (CVRPPD) is one of the most challenging combinatorial optimization problems which include goods delivery/pickup optimization, vehicle number optimization, r...
Uplink Performance of Cell-Free Massive MIMO with Access Point Selections
Cell-free massive multiple-input multiple-output (MIMO), in which a massive number of access points (APs) distributed over a large area serve a smaller number of users in the same time and frequency resources, inherits a...