XSACd—Cross-domain resource sharing &amp; access control for smart environments

Fysarakis, Konstantinos; Soultatos, Othonas; Manifavas, Charalampos; Papaefstathiou, Ioannis; Askoxylakis, Ioannis G.

doi:10.1016/j.future.2016.05.023

Cited by 17 publications

(8 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The MANO can be used to program the ODL controller, passing the necessary information to the SFC manager, also enabling accurate monitoring of the service functions' resources (eg, triggering the instantiation of additional VMs when a function is overloaded). Moreover, the automated reactiveness of the framework will be enhanced with the integration of SDN security patterns() on the ODL controller via the development of an associated model and the introduction of an adaptive access control mechanism that will enable the policy‐based management of multiple controllers and heterogeneous platforms, even across domains . Finally, the performance of the individual components and the framework as a whole will be evaluated in detail to assess the impact of the proposed mechanisms in the context of the industrial domain and its associated intricacies.…”

Section: Discussionmentioning

confidence: 99%

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Petroulakis

Fysarakis

Askoxylakis

et al. 2017

Trans Emerging Tel Tech

Self Cite

View full text Add to dashboard Cite

The innovative application of fifth‐generation core technologies, ie, software‐defined networking (SDN) and network function virtualization, can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. These major changes could not leave the industrial environment unaffected, with smart industrial deployments gradually becoming a reality, a trend that is often referred to as the Fourth Industrial Revolution or Industry 4.0. A wind park is a good example of an industrial application relying on a network with strict performance, security, and reliability requirements and was chosen as a representative example of industrial systems. This work highlights the benefit of leveraging the flexibility of SDN/network function virtualization–enabled networks to deploy enhanced reactive security mechanisms for the protection of the industrial network via the use of service function chaining. Moreover, the implementation of a proof‐of‐concept reactive security framework for an industrial‐grade wind park network is presented, along with a performance evaluation of the proposed approach. The framework is equipped with SDN and supervisory control and data acquisition honeypots, modeled on and deployable to the wind park, allowing continuous monitoring of the industrial network and detailed analysis of potential attacks, thus isolating attackers and enabling the assessment of their level of sophistication. Moreover, the applicability of the proposed solutions is assessed in the context of the specific industrial application based on the analysis of the network characteristics and requirements of an actual operating wind park.

show abstract

Section: Discussionmentioning

confidence: 99%

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Petroulakis

Fysarakis

Askoxylakis

et al. 2017

Trans Emerging Tel Tech

Self Cite

View full text Add to dashboard Cite

show abstract

“… Fysarakis et al (2018) presented XSACd—a smart environment framework for policy-based sharing and device services access. It adopts the eXtensible Access control Markup Language (XACML) to represent policies and the Device Profile for WS (DPWS) to specify resources as services.…”

Section: Data Analysis: Systematic Mapmentioning

confidence: 99%

Ambient intelligence governance review: from service-oriented to self-service

Ponce¹,

Abdulrazak²

2022

PeerJ Computer Science

View full text Add to dashboard Cite

The current generation of connected devices and the Internet of Things augment people’s capabilities through ambient intelligence. Ambient Intelligence (AmI) support systems contain applications consuming available services in the environment to serve users. A well-known design of these applications follows a service architecture style and implement artificial intelligence mechanisms to maintain an awareness of the context: The service architecture style enables the distribution of capabilities and facilitates interoperability. Intelligence and context-awareness provide an adaptation of the environment to improve the interaction. Smart objects in distributed deployments and the increasing machine awareness of devices and people context also lead us to architectures, including self-governed policies providing self-service. We have systematically reviewed and analyzed ambient system governance considering service-oriented architecture (SOA) as a reference model. We applied a systematic mapping process obtaining 198 papers for screening (out of 712 obtained after conducting searches in research databases). We then reviewed and categorized 68 papers related to 48 research projects selected by fulfilling ambient intelligence and SOA principles and concepts. This paper presents the result of our analysis, including the existing governance designs, the distribution of adopted characteristics, and the trend to incorporate service in the context-aware process. We also discuss the identified challenges and analyze research directions.

show abstract

“…They then discussed feasible means of managing access control in smart homes. Fysarakis et al [20,21] proposed web service access control systems for devices in 2015 and a cross-domain resource sharing and access control framework for smart environments in 2016 based on the application of extensible access control markup language and device profiles for web services. Their schemes facilitate heterogeneous intelligent device interactions and granular access control management.…”

Section: Related Workmentioning

confidence: 99%

Private Blockchain-Based Secure Access Control for Smart Home Systems

2018

KSII TIIS

View full text Add to dashboard Cite

Smart home systems provide a safe, comfortable, and convenient living environment for users, whereby users enjoy featured home services supported by the data collected and generated by smart devices in smart home systems. However, existing smart devices lack sufficient protection in terms of data security and privacy, and challenging security and privacy issues inevitably emerge when using these data. This article aims to address these challenging issues by proposing a private blockchain-based access control (PBAC) scheme. PBAC involves employing a private blockchain to provide an unforgeable and auditable foundation for smart home systems, that can thwart illegal data access, and ensure the accuracy, integrity, and timeliness of access records. A detailed security analysis shows that PBAC could preserve data security against various attacks. In addition, we conduct a comprehensive performance evaluation to demonstrate that PBAC is feasible and efficient.

show abstract

XSACd—Cross-domain resource sharing & access control for smart environments

Cited by 17 publications

References 24 publications

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Reactive security for SDN/NFV‐enabled industrial networks leveraging service function chaining

Ambient intelligence governance review: from service-oriented to self-service

Private Blockchain-Based Secure Access Control for Smart Home Systems

Contact Info

Product

Resources

About