A trust and attribute-based access control framework in internet of things

Abstract

Internet of things (IoT) is widely used in kinds of environment where cloud computing provides super-strong computing support. However, it becomes a key issue that each node can access data under control within the human intention and data is shared securely in distributed IoT environment. Moreover, nodes may belong to different security domains, and data must be accessed only by selected users which could ensure the security of IoT system. Therefore, an effective access control technique is the key point to solve this issue. To address the problems of security, scalability and cross-domain, this paper proposes a fine-grained and dynamic access control model which combines ABAC with trust mechanism and considers dynamic trust attribute and static multi-attribute as synthetic constraints. The simulation results show the feasibility and effectiveness of the proposed scheme, which provides superior characteristics and improves the security of IoT system.