Context-Aware History-Based Access Control for IoT Devices
Date
2023-01-04
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Internet-of-things (IoT) devices has taken over every aspect of our daily lives. They control the
environment around us and collect personal data. Access to these devices need to be protected,
specially in a post-pandemic world where patient data security is of utmost importance. The accessibility of IoT devices is often found to be context dependent, meaning that whether a user may
interact with a device often depends on contextual information such as environmental parameters
(e.g., time, temperature, pressure).
This thesis is a proposal to add context dependency into a previously published distributed
authorization system for IoT devices. In this authorization system, the more proof of context a
requester can produce, the more access they are granted. A security property is also put forward
to make sure that a malicious requester cannot gain more access by willfully withholding context
information. I formally proved that the proposed authorization system satisfies this security property. This thesis also presents an implementation of this authorization system and evaluates its
performance.
Description
Keywords
IoT, Access Control, Security, Cybersecurity, Authorization
Citation
Shadman, S. (2023). Context-Aware History-Based Access Control for IoT Devices (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca.