Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things
Journal Title: EAI Endorsed Transactions on Industrial Networks and Intelligent Systems - Year 2017, Vol 4, Issue 13
Abstract
There has been tremendous growth in the application of the Internet of Things (IoT) in our daily lives. Yet with this growth has come numerous security concerns and privacy challenges for both the users and the systems. Smart devices have many uses in a healthcare system, e.g. collecting and reporting patient data and controlling the administration of treatment. In this paper, we address the specific security issue of access control for smart healthcare systems and the protection of smart things from unauthorised access in such large scale systems. Commonly used access control approaches e.g. Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC) and Capability-Based Access Control (CapBAC) do not, in isolation, provide a complete solution for securing access to IoT-enabled smart healthcare devices. They may, for example, require an overly-centralised solution or an unmanageably large policy base. We propose a novel access control architecture which improves policy management by reducing the required number of authentication policies in a large-scale healthcare system while providing fine-grained access control. The devised access control model employs attributes, roles and capabilities. We apply attributes for role membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on attributes of the user and are then used to access specific services provided by things. We also provide a formal specification of the model and a description of its implementation and demonstrate its application through di erent use-case scenarios. The evaluation results of core functionality of our architecture are provided with the practical testbed experiments.
Authors and Affiliations
Shantanu Pal, Michael Hitchens, Vijay Varadharajan, Tahiry Rabehaja
Keywords
Related Articles
- EP ID EP46076
- DOI http://dx.doi.org/10.4108/eai.20-3-2018.154370
- Views 335
- Downloads 0
Eigenvalue-based Detection Techniques Using Finite Dimensional Complex Random Matrix Theory: A Review
Detection of primary users without requiring information of signal is of great importance in spectrum sensing (SS) in Cognitive Radio. Therefore, in recent years, eigenvalue based spectrum sensing algorithms are under th...
Data network related to an object manufacturing inside of exerted Intelligent System
Most of today’s information systems are not fully integrated. Companies, suppliers, and customers are rarely closely linked. Functions within a chain from the enterprise to the shop floor level are not fully integrated....
Performance evaluation of composite Web services
Composite Web service architectures are demanding much guarantee on the Quality of Service (QoS) in order to meet user requirements. Performance evaluation of these architectures has become therefore a very challenging i...
A networkless data exchange and control mechanism for virtual testbed devices
Virtualization has become a key component of network testbeds. However, transmitting data or commands to the test nodes is still either a complicated task or makes use of the nodes' network interfaces, which may interfer...
Energy Efficient Dual Issue Embedded Processor
While energy efficiency is essential to extend the battery life of embedded devices, performance cannot be ignored. High performance superscalar embedded processors are more energy efficient than low performance scalar p...