ScienceGate Book Chapters
JOURNAL ARTICLE

A federated capability-based access control mechanism for Internet of Things (IoTs)

Yu ChenRonghua XuErik BlaschGenshe Chen

Year: 2018 Vol: 10200 Pages: 29-29
DOI: 10.1117/12.2305619
   Get Full-Text PDF    Get Analytical Report

Abstract

The prevalence of Internet of Things (IoTs) allows heterogeneous embedded smart devices to collaboratively provide intelligent services with or without human intervention. While leveraging the large-scale IoT-based applications like Smart Gird and Smart Cities, IoT also incurs more concerns on privacy and security. Among the top security challenges that IoTs face is that access authorization is critical in resource and information protection over IoTs. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanisms to meet requirement of IoT systems. The extraordinary large number of nodes, heterogeneity as well as dynamicity, necessitate more fine-grained, lightweight mechanisms for IoT devices. In this paper, a federated capability-based access control (FedCAC) framework is proposed to enable an effective access control processes to devices, services and information in large scale IoT systems. The federated capability delegation mechanism, based on a propagation tree, is illustrated for access permission propagation. An identity-based capability token management strategy is presented, which involves registering, propagation and revocation of the access authorization. Through delegating centralized authorization decision-making policy to local domain delegator, the access authorization process is locally conducted on the service provider that integrates situational awareness (SAW) and customized contextual conditions. Implemented and tested on both resources-constrained devices, like smart sensors and Raspberry PI, and non-resource-constrained devices, like laptops and smart phones, our experimental results demonstrate the feasibility of the proposed FedCAC approach to offer a scalable, lightweight and fine-grained access control solution to IoT systems connected to a system network.

Keywords:
Access control Computer science Role-based access control Computer security Permission Computer access control Identity management Authentication (law) Security token Computer network

Metrics

51
Cited By
21.99
FWCI (Field Weighted Citation Impact)
50
Refs
0.99
Citation Normalized Percentile
Is in top 1%
Is in top 10%

Citation History

Topics

Access Control and Trust
Social Sciences →  Social Sciences →  Sociology and Political Science
IoT and Edge/Fog Computing
Physical Sciences →  Computer Science →  Computer Networks and Communications
Cryptography and Data Security
Physical Sciences →  Computer Science →  Artificial Intelligence

Related Documents

BOOK-CHAPTER

Lightweight Capability-Based Access Control for Internet of Things (IoT)

S DeepthiShrey Khandwekar

Communications in computer and information science Year: 2023 Pages: 258-266
JOURNAL ARTICLE

A Dynamic Context-Aware and Role-Capability Based Access Control Mechanism for Internet of Things

Rudra KrishnasrijaAmit Kr MandalRaju HalderAgostino Cortesi

Journal:   Journal of Network and Systems Management Year: 2025 Vol: 34 (1)
BOOK-CHAPTER

Internet of Things (IoTs)

Wasswa ShafikAli TufailLiyanage C. De SilvaRosyzie Anna Awg Haji Mohd Apong

Year: 2024 Pages: 44-65
BOOK-CHAPTER

Internet of Things (IoTs)

Alex Alexandrou

Year: 2021 Pages: 275-306
BOOK-CHAPTER

Blockchain-Based Power Internet of Things Data Access Control Mechanism

Xinyan WangJia ZhengQi WangDong LiJing ZhangXin ChenHan Yan

Lecture notes in electrical engineering Year: 2022 Pages: 285-291
© 2026 ScienceGate Book Chapters — All rights reserved.