TY - GEN
T1 - Authentication and Capability-based Access Control
T2 - 12th International Conference on Communication Software and Networks, ICCSN 2020
AU - Sivaselvan, N.
AU - Asif, Waqar
AU - Vivekananda, Bhat K.
AU - Rajarajan, Muttukrishnan
PY - 2020/6
Y1 - 2020/6
N2 - User authentication and capability-based access control approaches have been widely studied in the past. These approaches make the perspective of effortlessly carrying out the authentication and authorization processes non-viable thus limiting their usability in the heterogeneous Internet-of-Things (IoTs). In this paper, we propose an integrated authentication and capability-based access control approach for increased usability in IoT environments. The important characteristic of the approach is that the capability metric generated during authentication is used to perform access control. The proposed approach allows lightweight operations to be performed on IoT devices and computation intensive operations on the cloud server. The security evaluation also shows that the proposed approach is secure against various attack vectors predominant in IoT. The experimental results show that the proposed approach incurs a maximum CPU usage of 29.35%, a maximum memory usage of 2.79% and total computational overhead of 809.26ms in a real IoT testbed which is quite acceptable. The bandwidth requirement for the proposed approach is less because of the comparatively reduced size of the longest message.
AB - User authentication and capability-based access control approaches have been widely studied in the past. These approaches make the perspective of effortlessly carrying out the authentication and authorization processes non-viable thus limiting their usability in the heterogeneous Internet-of-Things (IoTs). In this paper, we propose an integrated authentication and capability-based access control approach for increased usability in IoT environments. The important characteristic of the approach is that the capability metric generated during authentication is used to perform access control. The proposed approach allows lightweight operations to be performed on IoT devices and computation intensive operations on the cloud server. The security evaluation also shows that the proposed approach is secure against various attack vectors predominant in IoT. The experimental results show that the proposed approach incurs a maximum CPU usage of 29.35%, a maximum memory usage of 2.79% and total computational overhead of 809.26ms in a real IoT testbed which is quite acceptable. The bandwidth requirement for the proposed approach is less because of the comparatively reduced size of the longest message.
UR - http://www.scopus.com/inward/record.url?scp=85088896784&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85088896784&partnerID=8YFLogxK
U2 - 10.1109/ICCSN49894.2020.9139051
DO - 10.1109/ICCSN49894.2020.9139051
M3 - Conference contribution
AN - SCOPUS:85088896784
T3 - 2020 12th International Conference on Communication Software and Networks, ICCSN 2020
SP - 110
EP - 117
BT - 2020 12th International Conference on Communication Software and Networks, ICCSN 2020
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 12 June 2020 through 15 June 2020
ER -