权限可控传递的物联网共享设备委托授权访问机制

doi:10.11959/j.issn.2096-109x.2019015

Chinese Journal of Network and Information Security ›› 2019, Vol. 5 ›› Issue (2): 40-49.doi: 10.11959/j.issn.2096-109x.2019015

• Papers • Previous Articles Next Articles

Delegation authorization mechanism with controllable permissions propagation for IoT devices sharing

Yubo SONG(),Shanshan QI,Aiqun HU

School of Cyber Science and Engineering,Southeast University,Nanjing 211111,China

Revised:2018-12-20 Online:2019-04-15 Published:2019-04-16
Supported by:
The National Natural Science Foundation of China(61601113);CERNET Innovation Project(NGII20150409);Fundamental Research Funds for the Central Universities(2242017K40013)

Abstract

Abstract:

In order to solve the problems of privilege sensitivity protection and the abuse of authorization by the agent when the device owner delegates authorization in IoT devices sharing environment,a trust-based delegation mechanism for controllable partial permissions was proposed with the trust access control model and the proxy signature.This mechanism generates trust values and authorization policies based on the relationship between the users,and implements controllable partial authority delegation through the proxy signature.According to the security analysis,the mechanism can meet the security attributes such as verifiability,non-repudiation,distinguishability,identifiability and non-abuse required by the permission transfer,and ensure the controllable security transfer of the device owner's permission.The problem of over authorization of an intermediary agent is effectively prevented.

Key words: devices sharing, delegation authorization, trust value, proxy signature

CLC Number:

TP309

Yubo SONG, Shanshan QI, Aiqun HU. Delegation authorization mechanism with controllable permissions propagation for IoT devices sharing[J]. Chinese Journal of Network and Information Security, 2019, 5(2): 40-49.

Figures/Tables 4

References 11

[1]	JIN J , GUBBI J , MARUSIC S ,et al. An information framework for creating a smart city through Internet of things[J]. IEEE Internet of Things Journal, 2016,1(2): 112-121.
[2]	MC-KINLAY P . Make way for smart cities:opportunities,challenges and capacities of New Zealand local governments[J]. Asia Pacific Journal of Public Administration, 2017,39(4): 297-303.
[3]	SANDHU R S , COYNE E J , FEINSTEIN H L ,et al. Role-based access control models[J]. Computer, 1996,29(2): 38-47.
[4]	ZHANG G , TIAN J . An extended role based access control model for the Internet of things[C]// 2010 International Conference on Information Networking and Automation (ICINA). 2010: 319-323.
[5]	FU Y , YE C . Using XACML to define access control policy in information system[C]// IET Conference on Wireless,Mobile and Sensor Networks (CCWMSN 17). 2017: 676-679.
[6]	LI N , WINSBOROUGH W H , MITCHELL J C . Distributed credential chain discovery in trust management:extended abstract[C]// ACM Conference on Computer and Communications Security. 2016: 156-165.
[7]	KOLEV A , ?OBANOV S , . Trustbac—integrating trust relationships into the rbac model for access control in open systems[C]// ACM Symposium on Access Control Models and Technologies. 2016: 49-58.
[8]	翟征德, 冯登国, 徐震 . 细粒度的基于信任度的可控委托授权模型[J]. 软件学报, 2017,18(8).
	ZHAI Z D , FENG D G , XU Z . Fine-grained controllable delegation authorization model based on trustworthiness[J]. Journal of Software, 2017,18(8).
[9]	YU J , WANG G , MU Y ,et al. An efficient generic framework for three-factor authentication with provably secure instantiation[J]. IEEE Transactions on Information Forensics and Security, 2016,9(12): 2302-2313.
[10]	XUE K , MA C , HONG P ,et al. A temporal credential based mutual authentication and key agreement scheme for wireless sensor networks[J]. Journal of Network and Computer Applications, 2017,36(1): 316-323.
[11]	JIANG Q , MA J , LU X ,et al. An efficient two-factor user authentication scheme with unlinkability for wireless sensor networks[J]. Peer-to-Peer Networking and Applications, 2016,8(6): 1070-1081.

Metrics

Recommended 0

No Suggested Reading articles found!

角色	权限	信任度阈值
Guest	p_garage	0.3
General	p_livingroom	0.6
General	p_bathroom	0.7
Close	p_guestroom	0.8
VIP	p_studyroom	0.7
VIP	p_masterroom	0.92

Delegation authorization mechanism with controllable permissions propagation for IoT devices sharing

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 4

References 11

Related Articles 2

Metrics

Recommended 0

[1]	Baoqin ZHAI, Jian WANG, Lei HAN, Jiqiang LIU, Jiahao HE, Tianhao LIU. Hierarchical proxy consensus optimization for IoV based on blockchain and trust value [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 142-153.
[2]	Qing-xiao GUO,Da-wei ZHANG,Liang CHANG,Xiao-dong LIU,Jing-wen SONG. Design and implementation of proxy-protected proxy signature based on SM2 [J]. Chinese Journal of Network and Information Security, 2017, 3(9): 47-54.