Achieving security scalability and flexibility using Fog-Based Context-Aware Access Control

Kayes, A S M; Rahayu, W; Watters, Paul; Alazab, M; Dillon, Tharam; Chang, E

doi:10.26181/5fa9e15f62a27

Achieving security scalability and flexibility using Fog-Based Context-Aware Access Control.pdf (4.54 MB)

Achieving security scalability and flexibility using Fog-Based Context-Aware Access Control

journal contribution

posted on 2020-11-10, 00:39 authored by A S M KayesA S M Kayes, W Rahayu, Paul WattersPaul Watters, M Alazab, Tharam DillonTharam Dillon, E Chang

© 2020 Elsevier B.V. In the cyberspace environment, access control is one of the foremost fundamental safeguards used to prevent unauthorized access and to minimize the impact from security breaches. Fog computing preserves many benefits for the integration of both internet of things (IoT) and cloud computing platforms. Security in Fog computing environment remains a significant concern among practitioners from academia and industry. The current existing access control models, like the traditional Context-Aware Access Control (CAAC), are limited to access data from centralized sources, and not robust due to lack of semantics and cloud-based service. This major concern has not been addressed in the literature, also literature still lacks a practical solution to control fog data view from multiple sources. This paper critically reviews and investigates the limitations of current fog-based access control. It considers the trade-off between latency and processing overheads which has not been thoroughly studied before. In this paper, a new generation of Fog-Based Context-Aware Access Control (FB-CAAC) framework is proposed to enable flexible access control data from multiple sources. To fill the gap in the literature this paper introduces (i) a general data model and its associated mapping model to collate data from multiple sources. (ii) a data view model to provide an integrated result to the users, dealing with the privacy requirements of the associated stakeholders, (iii) a unified set of CAAC policies with an access controller to reduce both administrative and processing overheads, and (iv) a data ontology to represent the common classes in the relevant data sets. The applicability of FB-CAAC proposal is demonstrated via a walkthrough of the entire mechanism along with several case studies and a prototype testing. The results show the efficiency, flexibility, effectiveness, and practicality of FB-CAAC for data access control in fog computing environment.

Funding

The authors would like to thank their internship students, Yuho Lee and Minsung Han from Gachon University, South Korea, for the development of healthcare application that has been used in this article. The students are partially supported by the Korea Ministry of ICT and Future Planning grant to Gachon University National Program of Excellence in Software. The statements made herein are solely the responsibility of the authors.

Korea Ministry of ICT and Future Planning grant

History

Publication Date

2020-06-01

Journal

Future Generation Computer Systems

Volume

107

Pagination

17p. (p. 307-323)

Publisher

Elsevier

ISSN

0167-739X

Rights Statement

The Author reserves all moral rights over the deposited text and must be credited if any re-use occurs. Documents deposited in OPAL are the Open Access versions of outputs published elsewhere. Changes resulting from the publishing process may therefore not be reflected in this document. The final published version may be obtained via the publisher’s DOI. Please note that additional copyright and access restrictions may apply to the published version.