DACIoT: Dynamic Access Control Framework for IoT Deployments

Abstract

This article presents a dynamic access control framework for the Internet of Things (DACIoT). The main objective of DACIoT is to prevent unauthorized access to IoT devices and tightens the authorized access while an IoT device is in use. The rigidness of existing access control (AC) techniques in terms of manual policy specification, discontinuity of access decision making, and immutability to changing access behaviors makes these solutions fall short in highly dynamic IoT environments. DACIoT supports three functionalities that are lacking in existing AC solutions: 1) automatic policy generation; 2) continuous policy enforcement; and 3) adaptive policy adjustment. The DACIoT extends the standard reference model of the extensible AC markup language (XACML) with the added three functionalities to improve the adaptability of attribute-based AC policies to highly dynamic IoT environments. Results show that DACIoT provides improved security, dynamic adaptability, and can scale efficiently to IoT environments.