On design of a fine-grained access control architecture for securing iot-enabled smart healthcare systems

Pal, Shantanu; Hitchens, Michael; Varadharajan, Vijay; Rabehaja, Tahiry

Title: On design of a fine-grained access control architecture for securing iot-enabled smart healthcare systems
Creator: Pal, Shantanu; Hitchens, Michael; Varadharajan, Vijay; Rabehaja, Tahiry
Relation: 14th EAI International Conference on Mobile and Ubiquitous Systems - Computing, Networking and Services (MobiQuitous). Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services (Melbourne, Vic. 07-11 November, 2017) p. 432-441
Publisher Link: http://dx.doi.org/10.1145/3144457.3144485
Publisher: Association for Computing Machinery
Resource Type: conference paper
Date: 2017
Description: The Internet of Things (IoT) is facilitating the development of novel and cost-effective applications that promise to deliver efficient and improved medical facilities to patients and health organisations. This includes the use of smart 'things' as medical sensors attached to patients to deliver real-time data. However, the security of patient data is an ever-present concern in the healthcare arena. In the wider deployment of IoT-enabled smart healthcare systems one particular issue is the need to protect smart 'things' from unauthorised access. Commonly used access control approaches e.g. Attribute Based Access Control (ABAC), Role Based Access Control (RBAC) and capability based access control do not, in isolation, provide a complete solution for securing access to IoT-enabled smart healthcare devices. They may, for example, require an overly-centralised solution or an unmanageably large policy base. To address these issues we propose a novel access control architecture which improves policy management by reducing the required number of authentication policies in a large-scale healthcare system while providing fine-grained access control. We devise a hybrid access control model employing attributes, roles and capabilities. We apply attributes for role-membership assignment and in permission evaluation. Membership of roles grants capabilities. The capabilities which are issued may be parameterised based on further attributes of the user and are then used to access specific services provided by IoT 'things'. We also provide a formal specification of the model and a description of its implementation and demonstrate its application through different use-case scenarios. Evaluation results of core functionality of our architecture are provided.
Subject: internet of things; healthcare systems; access control; policy management; security; SDG 7; Sustainable Development Goals
Identifier: http://hdl.handle.net/1959.13/1451848
Identifier: uon:44291
Identifier: ISBN:9781450353687
Language: eng
Reviewed

Hits: 636
Visitors: 630
Downloads: 0

Collections

Goal 7: Ensure access to affordable, reliable, sustainable and modern energy

		Thumbnail	File	Description	Size	Format