Abstract
Continuous authentication was introduced to propose novel mechanisms to validate users’ identity and address the problems and limitations exposed by traditional techniques. However, this methodology poses several challenges that remain unsolved. In this paper, we present a novel framework, PALOT, that leverages IoT to provide context-aware, continuous and non-intrusive authentication and authorization services. To this end, we propose a formal information system model based on ontologies, representing the main source of knowledge of our framework. Furthermore, to recognize users’ behavioral patterns within the IoT ecosystem, we introduced a new module called “confidence manager”. The module is then integrated into an extended version of our early framework architecture, IoTCAF, which is consequently adapted to include the above-mentioned component. Exhaustive experiments demonstrated the efficacy, feasibility and scalability of the proposed solution.
Highlights
The constant evolution of modern computer systems is undoubtedly changing our lives.Nowadays, they are effectively smaller, faster, and easier to use than before, and they are cheaper and more pervasive
Many works make use of Internet of Things (IoT) devices such as smart watches, providing gesture interaction and a permanent monitoring of physical activities [25]; wrist-worn devices for extraction of raw accelerometer data to recognize walking, standing, sitting, and lying activities [26]; smartphones to identify the owner periodically by using machine learning (ML) techniques based on anomaly detection for an adaptive continuous authentication system [27]; and wearable glasses to discriminate the real owner of the smart object from a potential impersonator using biometric features taken from touch gestures and voice commands [28]
Our policies are composed of the following elements: Type is the kind of policy; Target is the person considered by the policy to be authenticated or authorized; Location is the place or environment in which the policy is applied; Confidence is the output of the confidence manager; and Result determines the relationship that the Target will have with the IoT Device or Location regarding authentication and authorization grants
Summary
The constant evolution of modern computer systems is undoubtedly changing our lives. Nowadays, they are effectively smaller, faster, and easier to use than before, and they are cheaper and more pervasive. Continuous authentication, known as permanent authentication, was introduced to propose novel mechanisms to validate users’ identity, addressing the problems shown by traditional techniques [4] This methodology can continuously authenticate the legitimacy of a user over the time by analyzing their behavioral profile, e.g., by identifying the users through their interaction with a specific device [5,6]. Having the relationship between the pattern and the user’s identity, we are able to provide identification and authentication In this context, PALOT generates user behavior patterns considering ubiquitous IoT sensors that do not require an authentication process. To sum-up and conclude, Section 8 briefly discusses about the outcomes and the potential future works
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
