Context-aware usage control for web of things

Guangdong Bai; Lin Yan; Liang Gu; Yao Guo; Xiangqun Chen

doi:10.1002/sec.424

Context-aware usage control for web of things

Guangdong Bai, Lin Yan, Liang Gu, Yao Guo, Xiangqun Chen

Research output: Journal Publications and Reviews › RGC 21 - Publication in refereed journal › peer-review

15 Citations (Scopus)

Abstract

The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures. To address these challenges, we propose a context-aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context-aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context-aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. © 2012 John Wiley & Sons, Ltd.

Original language	English
Pages (from-to)	2696-2712
Journal	Security and Communication Networks
Volume	7
Issue number	12
DOIs	https://doi.org/10.1002/sec.424
Publication status	Published - 1 Dec 2014
Externally published	Yes

Bibliographical note

Publication details (e.g. title, author(s), publication statuses and dates) are captured on an “AS IS” and “AS AVAILABLE” basis at the time of record harvesting from the data source. Suggestions for further amendments or supplementary information can be sent to [email protected].

Funding

This work is supported partly by the National High Technology Research and Development (863)Program of China under Grant No. 2011AA01A202, the National Basic Research Program (973) of China under Grant No. 2009CB320703 the Science Fund for Creative Research Groups of China under Grant No. 60821003, the National Natural Science Foundation of China under GrantNo.61103026, and a PKU-IBM joint project.

Research Keywords

Context awareness
Internet of things
Security
Usage control
Web of things

Access Output

10.1002/sec.424

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{f25f9e1d42fb47fcbd5454451cd001f9,

title = "Context-aware usage control for web of things",

abstract = "The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures. To address these challenges, we propose a context-aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context-aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context-aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. {\textcopyright} 2012 John Wiley & Sons, Ltd.",

keywords = "Context awareness, Internet of things, Security, Usage control, Web of things",

author = "Guangdong Bai and Lin Yan and Liang Gu and Yao Guo and Xiangqun Chen",

note = "Publication details (e.g. title, author(s), publication statuses and dates) are captured on an “AS IS” and “AS AVAILABLE” basis at the time of record harvesting from the data source. Suggestions for further amendments or supplementary information can be sent to [email protected].",

year = "2014",

month = dec,

day = "1",

doi = "10.1002/sec.424",

language = "English",

volume = "7",

pages = "2696--2712",

journal = "Security and Communication Networks",

issn = "1939-0114",

publisher = "John Wiley & Sons",

number = "12",

}

TY - JOUR

T1 - Context-aware usage control for web of things

AU - Bai, Guangdong

AU - Yan, Lin

AU - Gu, Liang

AU - Guo, Yao

AU - Chen, Xiangqun

N1 - Publication details (e.g. title, author(s), publication statuses and dates) are captured on an “AS IS” and “AS AVAILABLE” basis at the time of record harvesting from the data source. Suggestions for further amendments or supplementary information can be sent to [email protected].

PY - 2014/12/1

Y1 - 2014/12/1

N2 - The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures. To address these challenges, we propose a context-aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context-aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context-aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. © 2012 John Wiley & Sons, Ltd.

AB - The Web of Things (WoT), inherited from the Internet of Things (IoT), encapsulates functionalities into publishable services on the Web to enable the IoT a seamless integration with the Web. The openness of the Web, in turn, directly exposes WoT to existing attacks from the Web. In addition, WoT possesses characteristics of high security and privacy concerns, mobility, and limited capabilities, which require specific and additional security and privacy protection beyond existing mechanisms. More importantly, WoT is inherently connected to its context, so context information must be taken into account in its security and privacy measures. To address these challenges, we propose a context-aware usage control model (ConUCON), which leverages the context information to enhance data, resource, and service protection for WoT. On the basis of ConUCON, we also design and implement a context-aware usage control framework on the middleware layer in our ongoing SmartHome project, to provide security and privacy protection. ConUCON is designed specifically to express the context-aware usage policy specification, such that security and privacy requirements can be easily specified and enforced with the proposed model and framework. Finally, we apply ConUCON to a remote appliance management prototype, as a case study, to demonstrates its feasibility in a real environment. © 2012 John Wiley & Sons, Ltd.

KW - Context awareness

KW - Internet of things

KW - Security

KW - Usage control

KW - Web of things

UR - http://www.scopus.com/inward/record.url?scp=84911905537&partnerID=8YFLogxK

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-84911905537&origin=recordpage

U2 - 10.1002/sec.424

DO - 10.1002/sec.424

M3 - RGC 21 - Publication in refereed journal

SN - 1939-0114

VL - 7

SP - 2696

EP - 2712

JO - Security and Communication Networks

JF - Security and Communication Networks

IS - 12

ER -

Context-aware usage control for web of things

Abstract

Bibliographical note

Funding

Research Keywords

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this