A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study

IRIS

The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security mechanisms available in the cloud have been extended to IoT with some shortcomings with respect to the management and enforcement of access control policies. Access Control as a Service (ACaaS) is emerging as a solution to overcome these difficulties. The paper proposes a lazy approach to ACaaS that allows the specification and management of policies independently of the CSP while leveraging its enforcement mechanisms.We demonstrate the approach by investigating (also experimentally) alternative deployments in the IoT platform offered by Amazon Web Services on a realistic smart lock solution.

A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study / Ahmad, T.; Morelli, U.; Ranise, S.; Zannone, N.. - (2018), pp. 235-246. (Intervento presentato al convegno 23rd ACM Symposium on Access Control Models and Technologies, SACMAT 2018 tenutosi a usa nel 2018) [10.1145/3205977.3205989].

A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study

Ahmad T.;Morelli U.;Ranise S.;Zannone N.

2018-01-01

Abstract

The Internet of Things (IoT) is receiving considerable attention from both industry and academia because of the new business models that it enables and the new security and privacy challenges that it generates. Major Cloud Service Providers (CSPs) have proposed platforms to support IoT by combining cloud and edge computing. However, the security mechanisms available in the cloud have been extended to IoT with some shortcomings with respect to the management and enforcement of access control policies. Access Control as a Service (ACaaS) is emerging as a solution to overcome these difficulties. The paper proposes a lazy approach to ACaaS that allows the specification and management of policies independently of the CSP while leveraging its enforcement mechanisms.We demonstrate the approach by investigating (also experimentally) alternative deployments in the IoT platform offered by Amazon Web Services on a realistic smart lock solution.

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2018
		
	Titolo del volume (Proceedings title)
	
			Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
		
	Luogo di edizione (Place of publication)
	
			1515 BROADWAY, NEW YORK, NY 10036-9998 USA
		
	Casa editrice (Publisher)
	
			Association for Computing Machinery
		
	ISBN
	
			9781450356664
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-85049316180
		
	Codice WOS (WOS identifier)
	
			WOS:000476688100026
		
	Tutti gli autori
	
			Ahmad, T.; Morelli, U.; Ranise, S.; Zannone, N.
		
	Citazione
	
			A lazy approach to access control as a service (ACaaS) for IoT: An AWS case study / Ahmad, T.; Morelli, U.; Ranise, S.; Zannone, N.. - (2018), pp. 235-246. (Intervento presentato al  convegno 23rd ACM Symposium on Access Control Models and Technologies, SACMAT 2018 tenutosi a usa nel 2018) [10.1145/3205977.3205989].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333117

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

16

12

social impact