A Security Model for IoT Networks

“…In [12,13], we describe a first proof-of-concept prototype. This first prototype is based on (i) OWL2 ontologies for representing nodes, topics and events, (ii) SWRL [20] rules for representing the security policy, and (iii) an OWL2 [21] inference engine for computing a security decision (allow/ deny).…”

“…Therefore, we can translate any security rule defined with our model into an SHACL shape/ rule. Instead of processing security rules with a generic rule reasoner as we did in our first prototype [12,13], we now translate our security rules into SHACL shapes/rules. We apply that these SHACL shapes/rules to RDF publication/ subscription requests to produce security decisions.…”

“…Our model supports positive and negative authorizations and allows us to express various types of context-based policies, including policies based on the frequency of events. This paper is an extension of two papers we previously published [12,13]. In this paper, we give a more complete definition of our security model, including the security policy administration model.…”

“…We also present a new version of our prototype of access control enforcement system. The prototype we sketched in [12,13] was based on SWRL and OWL2. Although it showed the feasibility of our approach, it proved to be inefficient in term of performance.…”

Access Controls for IoT Networks

“…In [12,13], we describe a first proof-of-concept prototype. This first prototype is based on (i) OWL2 ontologies for representing nodes, topics and events, (ii) SWRL [20] rules for representing the security policy, and (iii) an OWL2 [21] inference engine for computing a security decision (allow/ deny).…”

“…Therefore, we can translate any security rule defined with our model into an SHACL shape/ rule. Instead of processing security rules with a generic rule reasoner as we did in our first prototype [12,13], we now translate our security rules into SHACL shapes/rules. We apply that these SHACL shapes/rules to RDF publication/ subscription requests to produce security decisions.…”

“…Our model supports positive and negative authorizations and allows us to express various types of context-based policies, including policies based on the frequency of events. This paper is an extension of two papers we previously published [12,13]. In this paper, we give a more complete definition of our security model, including the security policy administration model.…”

“…We also present a new version of our prototype of access control enforcement system. The prototype we sketched in [12,13] was based on SWRL and OWL2. Although it showed the feasibility of our approach, it proved to be inefficient in term of performance.…”

Access Controls for IoT Networks

Enforcing Access Controls in IoT Networks

Improving Security Architecture of Internet of Medical Things: A Systematic Literature Review