Chinese Journal of Network and Information Security ›› 2019, Vol. 5 ›› Issue (2): 40-49.doi: 10.11959/j.issn.2096-109x.2019015

• Papers • Previous Articles     Next Articles

Delegation authorization mechanism with controllable permissions propagation for IoT devices sharing

Yubo SONG(),Shanshan QI,Aiqun HU   

  1. School of Cyber Science and Engineering,Southeast University,Nanjing 211111,China
  • Revised:2018-12-20 Online:2019-04-15 Published:2019-04-16
  • Supported by:
    The National Natural Science Foundation of China(61601113);CERNET Innovation Project(NGII20150409);Fundamental Research Funds for the Central Universities(2242017K40013)


In order to solve the problems of privilege sensitivity protection and the abuse of authorization by the agent when the device owner delegates authorization in IoT devices sharing environment,a trust-based delegation mechanism for controllable partial permissions was proposed with the trust access control model and the proxy signature.This mechanism generates trust values and authorization policies based on the relationship between the users,and implements controllable partial authority delegation through the proxy signature.According to the security analysis,the mechanism can meet the security attributes such as verifiability,non-repudiation,distinguishability,identifiability and non-abuse required by the permission transfer,and ensure the controllable security transfer of the device owner's permission.The problem of over authorization of an intermediary agent is effectively prevented.

Key words: devices sharing, delegation authorization, trust value, proxy signature

CLC Number: