Abstract-The rise of the Internet of Things (IoT) paradigm has allowed the design and development of new services interconnecting heterogeneous devices. However, the complexity of these new systems hasn't been followed by the increase of intelligence and reasoning of the devices connected. On the other hand, intelligent agent systems have developed precisely these characteristics so the combination of both paradigms by modelling intelligent agents in IoT devices is a very promising approach that will enable a more powerful and smart IoT. The interconnection of agents through a Internet-based network implies addressing critical issues that affect all network communications, such as security, privacy and access control, specially given the sensitivity of the information exchanged by agents. In this paper, we propose the application of User-Managed Access (UMA) to provide an unified access control schema for an heterogeneous hybrid architecture of IoT devices and intelligent agents.
The growth of the Internet has generated new types of services based on novel data sources. Among these services, the use of sensors and actuators to create hybrid services that allow humans to interact with the physical environment in a natural way is especially remarkable. These services compose what is called the Internet of Things (IoT). One of the biggest challenges is the protection and access control to the sensors and actuators exposed to the Internet, becoming a critical factor in IoT scenarios. We propose the abstraction of the IoT communication elements as Resources that can be protected using conventional access control schemes. To achieve this, we propose using UserManaged Access (UMA), an existent OAuth2 profile originally developed for the protection of Internet services. To validate our proposal, we have selected MQTT, one of the simplest messagebased communication protocols used in IoT environments. We have developed a prototype implementation and a use case using a developer board based on the MCU ESP8266 as an IoT device. The performed tests have been focused on validating the proposed solution in terms of the correctness of the access control system, energy consumption and communication delays.
The disruption of communications in critical infrastructures could have a serious impact on the health, safety, security or economic well-being of citizens or even prevent the effective functioning of governments or other agencies. For this reason, in this paper we present a distributed architecture, named CYBERSENS, aimed at preventing, early detecting, and mitigating cyber attacks to critical infrastructure networks. CYBERSENS is an advanced IDS/IPS system specially tailored for securing communications in critical infrastructures. It's federated architecture, the combination of misuse detection techniques and novel anomaly detection approaches, and the inclusion of mechanisms for self-obfuscation and self-protection, makes our proposal specially suitable for these scenarios.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.