Fong, PhilipShadman, Shauvik2023-01-062023-01-062023-01-04Shadman, S. (2023). Context-Aware History-Based Access Control for IoT Devices (Master's thesis, University of Calgary, Calgary, Canada). Retrieved from https://prism.ucalgary.ca.http://hdl.handle.net/1880/115653Internet-of-things (IoT) devices has taken over every aspect of our daily lives. They control the environment around us and collect personal data. Access to these devices need to be protected, specially in a post-pandemic world where patient data security is of utmost importance. The accessibility of IoT devices is often found to be context dependent, meaning that whether a user may interact with a device often depends on contextual information such as environmental parameters (e.g., time, temperature, pressure). This thesis is a proposal to add context dependency into a previously published distributed authorization system for IoT devices. In this authorization system, the more proof of context a requester can produce, the more access they are granted. A security property is also put forward to make sure that a malicious requester cannot gain more access by willfully withholding context information. I formally proved that the proposed authorization system satisfies this security property. This thesis also presents an implementation of this authorization system and evaluates its performance.engUniversity of Calgary graduate students retain copyright ownership and moral rights for their thesis. You may use this material in any way that is permitted by the Copyright Act or through licensing that has been assigned to the document. For uses that are not allowable under copyright legislation or licensing, you are required to seek permission.IoTAccess ControlSecurityCybersecurityAuthorizationInformation ScienceContext-Aware History-Based Access Control for IoT Devicesmaster thesis