Enhanced dynamic team access control for collaborative Internet of Things using context

Abstract

SummaryThe development of the Internet of Things (IoT) aims to overcome security issues especially in critical areas that require integrity, confidentiality and a high level of privacy of the data. Among security challenges, the access control model should be well defined and adapted to the characteristics and security requirements of IoT applications. The work presented here proposes big enforcement of security for dynamic team access control using context information in order to provide granular and secure authorizations with different access control levels related to collaborative IoT. The enhanced dynamic team access control (EDTMAC) model introduces a formal theoretical model which relies on the top of the role‐based access control model. The use of different context information with a global context information security policy and security rules raised the model strength against unauthorized access and avoided security breaches such as the leak of information by providing the least privileges for the users. The result of EDTMAC analysis shows that the model is well adapted to IoT dynamic nature and collaborative IoT activities for teams. Moreover, the model is flexible and scalable, user‐driven, reliable, and secure against unauthorized access requests. The developed model supports the well‐known least‐privilege principle and separation of duties for the team members. In addition, it allows easy management of the teams, provides fine‐grained access control authorizations and supports delegation.