Hierarchical and Shared Access Control

Castiglione, Arcangelo; Santis, Alfredo De; Masucci, Barbara; Palmieri, Francesco; Castiglione, Aniello; Li, Jin; Huang, Xinyi

doi:10.1109/tifs.2015.2512533

Cited by 56 publications

(29 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(1) We investigate Kang's protocol [19] and provide improvements in key distribution [20], communication overhead, and resistance to impersonation attack and DoP (Denial of Proof) attack. (2) We establish a scheme to seal the identity of the tag into the grouping-proof message by the group key and session key.…”

Section: Our Contributionsmentioning

confidence: 99%

An Anonymous Offline RFID Grouping-Proof Protocol

Zhou

Liu

et al. 2018

Future Internet

View full text Add to dashboard Cite

Abstract:As more and more items are tagged with RFID (Radio Frequency Identification) tags, grouping-proof technology is widely utilized to provide a coexistence evidence for a group of related items. Due to the wireless channel used in RFID systems, a security risk exists in the communication between the reader and tags. How to ensure the tag's information security and to generate reliable grouping-proof becomes a hot research topic. To protect the privacy of tags, the verification of grouping-proof is traditionally executed by the verifier, and the reader is only used to collect the proof data. This approach can cause the reader to submit invalid proof data to the verifier in the event of DoP (Deny of Proof) attack. In this paper, an ECC-based, off-line anonymous grouping-proof protocol (EAGP) is proposed. The protocol authorizes the reader to examine the validity of grouping-proof without knowing the identities of tags. From the security and performance analysis, the EAGP can protect the security and privacy of RFID tags, and defence impersonation and replay attacks. Furthermore, it has the ability to reduce the system overhead caused by the invalid submission of grouping-proofs. As a result, the proposed EAGP equips practical application values.

show abstract

Section: Our Contributionsmentioning

confidence: 99%

An Anonymous Offline RFID Grouping-Proof Protocol

Zhou

Liu

et al. 2018

Future Internet

View full text Add to dashboard Cite

show abstract

“…In [12], Castiglione, et. al. show that hierarchical access may represent a limitation in many real-world cases.…”

Section: Related Workmentioning

confidence: 99%

Stronger authentication for password credential Internet Services

Booth

Andersson

2017

2017 Third International Conference on Mobile and Secure Services (MobiSecServ)

View full text Add to dashboard Cite

Abstract-Most Web and other on-line service providers ("Internet Services") only support legacy ID (or email) and password (ID/PW) credential authentication. However, there are numerous vulnerabilities concerning ID/PW credentials. Scholars and the industry have proposed several improved security solutions, such as MFA, however most of the Internet Services have refused to adopt these solutions. Mobile phones are much more sensitive to these vulnerabilities (so this paper focuses on mobile phones). Many users take advantage of password managers, to keep track of all their Internet Service profiles. However, the Internet Service profiles found in password managers, are normally kept on the PC or mobile phone's disk, in an encrypted form. Our first contribution is a design guideline, whereby the Internet Service profiles never need to touch the client's disk. Most users would benefit, if they had the ability to use MFA, to login to a legacy Internet Service, which only supports ID/PW credential authentication. Our second contribution is a design guideline, whereby users can choose, for each legacy ID/PW Internet Service, which specific MFA they wish to use. We have also presenting conceptual design guidelines, showing that both of our contributions are minor changes to existing password managers, which can be implemented easily with low overhead.

show abstract

“…However, current access control models are built using predefined rules that give the same result in different situations. This binary decision (grant/deny) cannot create a good and efficient level of security in a dynamic, heterogeneous and distrusted environment like IoT systems [10,11].…”

Section: Introductionmentioning

confidence: 99%

Fuzzy Logic with Expert Judgment to Implement an Adaptive Risk-Based Access Control Model for IoT

et al. 2019

View full text Add to dashboard Cite

The Internet of Things (IoT) is becoming the future of the Internet with a large number of connected devices that are predicted to reach about 50 billion by 2020. With proliferation of IoT devices and need to increase information sharing in IoT applications, risk-based access control model has become the best candidate for both academic and commercial organizations to address access control issues. This model carries out a security risk analysis on the access request by using IoT contextual information to provide access decisions dynamically. This model solves challenges related to flexibility and scalability of the IoT system. Therefore, we propose an adaptive risk-based access control model for the IoT. This model uses real-time contextual information associated with the requesting user to calculate the security risk regarding each access request. It uses user attributes while making the access request, action severity, resource sensitivity and user risk history as inputs to analyze and calculate the risk value to determine the access decision. To detect abnormal and malicious actions, smart contracts are used to track and monitor user activities during the access session to detect and prevent potential security violations. In addition, as the risk estimation process is the essential stage to build a risk-based model, this paper provides a discussion of common risk estimation methods and then proposes the fuzzy inference system with expert judgment as to be the optimal approach to handle risk estimation process of the proposed risk-based model in the IoT system.

show abstract

Hierarchical and Shared Access Control

Cited by 56 publications

References 37 publications

An Anonymous Offline RFID Grouping-Proof Protocol

An Anonymous Offline RFID Grouping-Proof Protocol

Stronger authentication for password credential Internet Services

Fuzzy Logic with Expert Judgment to Implement an Adaptive Risk-Based Access Control Model for IoT

Contact Info

Product

Resources

About