SoftAuthZ: A Context-Aware, Behavior-Based Authorization Framework for Home IoT

Ghosh, Nirnay; Chandra, Saket; Sachidananda, Vinay; Elovici, Yuval

doi:10.1109/jiot.2019.2941767

Cited by 32 publications

(32 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…However, the framework does not use any behavioral features that may efficiently describe SHS user behavior. Ghosh et al [ 15 ] proposed SoftAuthZ, a framework for estimating the confidence associated with a device access request. SoftAuthZ computes the belief of a requester based on his/her historical request patterns using a linear regression model.…”

Section: Background Threat Model and Positioning To The State Of The Artmentioning

confidence: 99%

Anomalous behavior detection-based approach for authenticating smart home system users

Amraoui

Zouari

2021

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Section: Background Threat Model and Positioning To The State Of The Artmentioning

confidence: 99%

Anomalous behavior detection-based approach for authenticating smart home system users

Amraoui

Zouari

2021

Int. J. Inf. Secur.

View full text Add to dashboard Cite

“…Thus, an impersonation attack would gain unrestricted access regardless the exploited user. In [Ghosh et al 2019] it is presented a context-aware behavior-based authorization framework for Smart Homes. Among the work contributions is a modelling of expected belief on device access request based on user's past request patterns and on context of the request.…”

Section: Related Workmentioning

confidence: 99%

“…Prior works on SHS security focus on Access Control (AC), Continuous Authentication (CA) and Intrusion Detection System (IDS). Many of them uses context-based decisions , Ghosh et al 2019, Sikder et al 2019 and behavior-based decisions , Ghosh et al 2019, Amraoui et al 2020. Although few of them are suitable to endure impersonation attacks , Ghosh et al 2019, Sikder et al 2019, they present some issues as dependence of cloud computing and big amount of data to infer information about environment or user activities, leading to privacy breaches.…”

Section: Introductionmentioning

confidence: 99%

“…Many of them uses context-based decisions , Ghosh et al 2019, Sikder et al 2019 and behavior-based decisions , Ghosh et al 2019, Amraoui et al 2020. Although few of them are suitable to endure impersonation attacks , Ghosh et al 2019, Sikder et al 2019, they present some issues as dependence of cloud computing and big amount of data to infer information about environment or user activities, leading to privacy breaches. Another issue is the dependence of end-user's devices as they have general purpose, being more exposed to exploitation.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Zero Trust Access Control with Context-Aware and Behavior-Based Continuous Authentication for Smart Homes

Silva¹,

Macedo²,

Santos³

2021

Anais Do XXI Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2021)

View full text Add to dashboard Cite

Generally, approaches to build the security of Smart Home Systems (SHS) require big amount of data to implement Access Control and Intrusion Detection Systems, with storage in cloud, for instance, being a vulnerability to inhabitants privacy. Besides, most works rely on cloud computing or resources in the cloud to perform security tasks, what can be exploited by attackers. This work presents the ZASH (Zero-Aware Smart Home System), an Access Control for SHS. ZASH uses Continuous Authentication with Zero Trust, supported by real-time context and activity information, enabled by Edge Computing and Markov Chain, to prevent and mitigate impersonation attacks that aim to invade inhabitants privacy. An experimental evaluation demonstrated the system capability to dynamically adapt to new inhabitants behaviors withal blocking impersonation attacks.

show abstract

“…User position is also considered when various APs change states. Meanwhile, a framework named SoftAuthZ is presented in [35], which proposed a context-sensitive and behavior-based security framework. It incorporates soft security mechanisms, such as belief and confidence, to support authorization decisions.…”

Section: Security Technologymentioning

confidence: 99%

Designing Efficient Smart Home Management with IoT Smart Lighting: A Case Study

Khoa

Nhu

Son

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Smart homes are an element of developing smart cities. In recent years, countries around the world have spared no effort in promoting smart cities. Smart homes are an interesting technological advancement that can make people’s lives much more convenient. The development of smart homes involves multiple technological aspects, which include big data, mobile networks, cloud computing, Internet of Things, and even artificial intelligence. Digital information is the main component of signal control and flow in a smart home, while information security is another important aspect. In the event of equipment failure, the task of safeguarding the system’s information is of the utmost importance. Since smart homes are automatically controlled, the problem of mobile network security must be taken seriously. To address these issues, this paper focuses on information security, big data, mobile networks, cloud computing, and the Internet of Things. Security efficiency can be enhanced by using a Secure Hash Algorithm 256 (SHA-256), which is an authentication mechanism that, with the help of the user, can authenticate each interaction of a given device with a WebServer by using an encrypted username, password, and token. This framework could be used for an automated burglar alarm system, guest attendance monitoring, and light switches, all of which are easily integrated with any smart city base. In this way, IoT solutions can allow real-time monitoring and connection with central systems for automated burglar alarms. The monitoring framework is developed on the strength of the web application to obtain real-time display, storage, and warning functions for local or remote monitoring control. The monitoring system is stable and reliable when applying SHA-256.

show abstract

SoftAuthZ: A Context-Aware, Behavior-Based Authorization Framework for Home IoT

Cited by 32 publications

References 14 publications

Anomalous behavior detection-based approach for authenticating smart home system users

Anomalous behavior detection-based approach for authenticating smart home system users

Zero Trust Access Control with Context-Aware and Behavior-Based Continuous Authentication for Smart Homes

Designing Efficient Smart Home Management with IoT Smart Lighting: A Case Study

Contact Info

Product

Resources

About