TY - GEN
T1 - Heracles
T2 - 2018 IEEE Conference on Computer Communications, INFOCOM 2018
AU - Zhou, Qian
AU - Elbadry, Mohammed
AU - Ye, Fan
AU - Yang, Yuanyuan
N1 - Publication details (e.g. title, author(s), publication statuses and dates) are captured on an “AS IS” and “AS AVAILABLE” basis at the time of record harvesting from the data source. Suggestions for further amendments or supplementary information can be sent to [email protected].
PY - 2018/10/8
Y1 - 2018/10/8
N2 - Scalable, fine-grained access control for Internet-of-Things is needed in enterprise environments, where thousands of subjects need to access possibly one to two orders of magnitude more objects. Existing solutions offer all-or-nothing access, or require all access to go through a cloud backend, greatly impeding access granularity, robustness and scale. In this paper, we propose Heracles, an IoT access control system that achieves robust, fine-grained access control at enterprise scale. Heracles adopts a capability-based approach using secure, unforgeable tokens that describe the authorizations of subjects, to either individual or collections of objects in single or bulk operations. It has a 3-tier architecture to provide centralized policy and distributed execution desired in enterprise environments, and delegated operations for responsiveness of resource-constrained objects. Extensive security analysis and performance evaluation on a testbed prove that Heracles achieves robust, responsive, fine-Qrained access control in large scale enterprise environments. © 2018 IEEE.
AB - Scalable, fine-grained access control for Internet-of-Things is needed in enterprise environments, where thousands of subjects need to access possibly one to two orders of magnitude more objects. Existing solutions offer all-or-nothing access, or require all access to go through a cloud backend, greatly impeding access granularity, robustness and scale. In this paper, we propose Heracles, an IoT access control system that achieves robust, fine-grained access control at enterprise scale. Heracles adopts a capability-based approach using secure, unforgeable tokens that describe the authorizations of subjects, to either individual or collections of objects in single or bulk operations. It has a 3-tier architecture to provide centralized policy and distributed execution desired in enterprise environments, and delegated operations for responsiveness of resource-constrained objects. Extensive security analysis and performance evaluation on a testbed prove that Heracles achieves robust, responsive, fine-Qrained access control in large scale enterprise environments. © 2018 IEEE.
UR - http://www.scopus.com/inward/record.url?scp=85056149387&partnerID=8YFLogxK
UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85056149387&origin=recordpage
U2 - 10.1109/INFOCOM.2018.8485944
DO - 10.1109/INFOCOM.2018.8485944
M3 - RGC 32 - Refereed conference paper (with host publication)
SN - 9781538641286
VL - 2018-April
T3 - Proceedings - IEEE INFOCOM
SP - 1772
EP - 1780
BT - INFOCOM 2018 - IEEE Conference on Computer Communications
PB - IEEE
Y2 - 15 April 2018 through 19 April 2018
ER -