An efficient security risk estimation technique for Risk-based access control model for IoT
Journal article
Authors | Atlam, Hany F. and Wills, Gary |
---|---|
Abstract | The need to increase information sharing in the Internet of Things (IoT) applications made the risk-based access control model to be the best candidate for both academic and com- mercial organizations. Risk-based access control model carries out a security risk analysis on the access request by using IoT contextual information to provide access decisions dy- namically. Unlike current static access control approaches that are based on predefined policies and give the same result in different situations, this model provides the required flexibility to access system resources and works well in unexpected conditions and situa- tions of the IoT system. One of the main issues to implement this model is to determine the appropriate risk estimation technique that is able to generate accurate and realistic risk values for each access request to determine the access decision. Therefore, this paper pro- poses a risk estimation technique which integrates the fuzzy inference system with expert judgment to assess security risks of access control operations in the IoT system. Twenty IoT security experts from inside and outside the UK were interviewed to validate the proposed risk estimation technique and build the fuzzy inference rules accurately. The proposed risk estimation approach was implemented and simulated using access control scenarios of the network router. In comparison with the existing fuzzy techniques, the proposed technique has demonstrated it produces precise and realistic values in evaluating security risks of access control operations in the IoT context. |
Keywords | Security risk; Risk estimation; Internet of Things; Risk-based access control model; Fuzzy logic system |
Year | 2019 |
Journal | Internet of Things |
Publisher | Elsevier |
ISSN | 25426605 |
Digital Object Identifier (DOI) | https://doi.org/10.1016/j.iot.2019.100052 |
Web address (URL) | http://hdl.handle.net/10545/624238 |
http://creativecommons.org/licenses/by/4.0/ | |
hdl:10545/624238 | |
Publication dates | 15 Apr 2019 |
Publication process dates | |
Deposited | 24 Oct 2019, 13:27 |
Accepted | 09 Apr 2019 |
Rights | Attribution 4.0 International |
Contributors | University of Southampton |
File | File Access Level Open |
File | File Access Level Open |
https://repository.derby.ac.uk/item/93610/an-efficient-security-risk-estimation-technique-for-risk-based-access-control-model-for-iot
Download files
53
total views0
total downloads5
views this month0
downloads this month