Attribute-based encryption and sticky policies for data access control in a smart home scenario: a comparison on network
- PDF / 1,889,851 Bytes
- 19 Pages / 595.276 x 790.866 pts Page_size
- 52 Downloads / 205 Views
REGULAR CONTRIBUTION
Attribute-based encryption and sticky policies for data access control in a smart home scenario: a comparison on networked smart object middleware Sabrina Sicari1 · Alessandra Rizzardi1 · Gianluca Dini2 · Pericle Perazzo2 · Michele La Manna3 · Alberto Coen-Porisini1
© The Author(s) 2020
Abstract Regulating the access to the Internet of Things (IoT) network’s resources is a complex-prone task, which requires to pay a great attention on how policies are defined, shared, and enforced. The present paper considers the specific context of a smart home, which represents one of the main IoT application domains, and it focuses on two solutions proposed in the literature to cope with the aforementioned issues. On the one side, approaches based on attribute-based encryption (ABE) allow one to encrypt data for multiple recipients, in such a way that only those recipients whose attributes satisfy a given access policy can decrypt afterward. ABE guarantees a high level of customization due to the variety of attributes which can be defined, and it is also flexible enough to be adapted to different kinds of scenarios. On the other side, approaches based on sticky policies allow to attach an access policy directly to the data itself, and to employ a trusted authority to evaluate and enforce the policy itself. Sticky policies also guarantee a highly distributed and customizable enforcement of access control rules. In this paper, we compare the advantages and the drawbacks in terms of performance and robustness of such two techniques by means of their integration within the prototype of an IoT middleware, named networked smart object. Hence, the effectiveness of the presented solutions is validated by means of a real test-bed in the smart home scenario, in terms of storage occupancy, CPU load, and data retrieval delay. The final goal is to reveal the best approach to be used depending on the application’s requirements. Keywords Internet of Things · Security · Attribute-based encryption · Sticky policy · Access control · Middleware
1 Introduction
B
Sabrina Sicari [email protected] Alessandra Rizzardi [email protected] Gianluca Dini [email protected] Pericle Perazzo [email protected] Michele La Manna [email protected]
The spreading and continuous development of Internet of Things (IoT) technologies and services introduces a new way of conceiving and managing the information transmitted over the network [1]. The huge amount of data generated and shared every second is in constant increment, thus raising significant scalability issues. One reason for the success of the IoT paradigm is certainly the introduction of miniaturized devices, which are able to interact and acquire information from the environment where they are placed in. Besides such a perk, those devices are often memory- and energy2
Dipartimento di Ingegneria dell’Informazione, Università degli Studi di Pisa, Largo Lucio Lazzarino 1, 56122 Pisa, Italy
3
Università di Firenze, Via Santa Marta
Data Loading...
