Fine-Grained Access Control for Smart Healthcare Systems in the Internet of Things
Journal Title: EAI Endorsed Transactions on Industrial Networks and Intelligent Systems - Year 2017, Vol 4, Issue 13
Abstract
There has been tremendous growth in the application of the Internet of Things (IoT) in our daily lives. Yet with this growth has come numerous security concerns and privacy challenges for both the users and the systems. Smart devices have many uses in a healthcare system, e.g. collecting and reporting patient data and controlling the administration of treatment. In this paper, we address the specific security issue of access control for smart healthcare systems and the protection of smart things from unauthorised access in such large scale systems. Commonly used access control approaches e.g. Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC) and Capability-Based Access Control (CapBAC) do not, in isolation, provide a complete solution for securing access to IoT-enabled smart healthcare devices. They may, for example, require an overly-centralised solution or an unmanageably large policy base. We propose a novel access control architecture which improves policy management by reducing the required number of authentication policies in a large-scale healthcare system while providing fine-grained access control. The devised access control model employs attributes, roles and capabilities. We apply attributes for role membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on attributes of the user and are then used to access specific services provided by things. We also provide a formal specification of the model and a description of its implementation and demonstrate its application through di erent use-case scenarios. The evaluation results of core functionality of our architecture are provided with the practical testbed experiments.
Authors and Affiliations
Shantanu Pal, Michael Hitchens, Vijay Varadharajan, Tahiry Rabehaja
Keywords
Related Articles
- EP ID EP46076
- DOI http://dx.doi.org/10.4108/eai.20-3-2018.154370
- Views 289
- Downloads 0
Improving Customer Behaviour Prediction with the Item2Item model in Recommender Systems
Recommender Systems are the most well-known applications in E-commerce sites. However, the trade-off between runtime and the accuracy in making recommendations is a big challenge. This work combines several traditional t...
Resource Allocation for Energy Efficiency in 5G Wireless Networks
Resource allocation is one important mission in wireless communication systems. In 5G wireless networks, it is essential that the new systems be more dynamic and wiser to simultaneously satisfy various network demands, b...
On the Experimental Evaluation of Vehicular Networks: Issues, Requirements and Methodology Applied to a Real Use Case
One of the most challenging fields in vehicular communications has been the experimental assessment of protocols and novel technologies. Researchers usually tend to simulate vehicular scenarios and/or partially validate...
Using Finite Forkable DEVS for Decision-Making Based on Time Measured with Uncertainty
The time-line in Discrete Event Simulation (DES) is a sequence of events defined in a numerable subset of R+. When it comes from an experimental measurement, the timing of these events has a limited precision. This preci...
Centrality-Based Paper Citation Recommender System
Researchers cite papers in order to connect the new research ideas with previous research. For the purpose of finding suitable papers to cite, researchers spend a considerable amount of time and effort. To help researche...