Visible to the public TARAS: Trust-Aware Role-Based Access Control System in Public Internet-of-Things

TitleTARAS: Trust-Aware Role-Based Access Control System in Public Internet-of-Things
Publication TypeConference Paper
Year of Publication2018
AuthorsGwak, B., Cho, J., Lee, D., Son, H.
Conference Name2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
KeywordsAccess Control, access rights, adaptive authorization, Adaptive systems, authorisation, Authorization, Dynamic scheduling, dynamic trust estimation, Estimation, Human Behavior, human trust, I-sharing, Internet of Things, Internet-of-Things, IoT system, Permission, pubcrawl, public Internet-of-Things, public IoT environments, security goals, system integrity, TARAS mechanism, trust relationships, trust threshold, trust-aware, trust-aware role-based access control system, Trusted Computing
AbstractDue to the proliferation of Internet-of-Things (IoT) environments, humans working with heterogeneous, smart objects in public IoT environments become more popular than ever before. This situation often requires to establish trust relationships between a user and a smart object for their secure interactions, but without the presence of prior interactions. In this work, we are interested in how a smart object can grant an access right to a human user in the absence of any prior knowledge in which some users may be malicious aiming to breach security goals of the IoT system. To solve this problem, we propose a trust-aware, role-based access control system, namely TARAS, which provides adaptive authorization to users based on dynamic trust estimation. In TARAS, for the initial trust establishment, we take a multidisciplinary approach by adopting the concept of I-sharing from psychology. The I-sharing follows the rationale that people with similar roles and traits are more likely to respond in a similar way. This theory provides a powerful tool to quickly establish trust between a smart object and a new user with no prior interactions. In addition, TARAS can adaptively filter malicious users out by revoking their access rights based on adaptive, dynamic trust estimation. Our experimental results show that the proposed TARAS mechanism can maximize system integrity in terms of correctly detecting malicious or benign users while maximizing service availability to users particularly when the system is fine-tuned based on the identified optimal setting in terms of an optimal trust threshold.
Citation Keygwak_taras_2018