Abstract
Protection and access control to resources plays a critical role in a distributed computing system like Machine-to-Machine (M2M) and cloud platform. The M2M local cloud platform considered in this paper, consists of multiple distributed M2M gateways that form a local cloud - presenting a unique challenge to the existing access control systems. The most prominent access control systems, such as ACL and RBAC, lack in scalability and flexibility to manage access from users or entity that belong to different authorization domains, and thus unsuitable for the presented platform. The access control approach based on API keys and OAuth that is used by the existing M2M Cloud platform, fails to provide fine grained and flexible access right delegation at the same time when both methods are used together. The proposed approach is built upon capability-based access control that has been specifically designed to provide flexible, yet restricted, access rights delegation. A number of use cases are provided to show the usage of capability creation, delegation, and access provision, particularly in the way application accesses services provided by the platform.
Original language | English |
---|---|
Title of host publication | Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), 2014 4th International Conference on |
Number of pages | 5 |
Publisher | IEEE Signal Processing Society |
Publication date | 1 Jan 2014 |
Article number | 6934469 |
ISBN (Print) | 9781479946266 |
DOIs | |
Publication status | Published - 1 Jan 2014 |
Event | Wireless VITAE2014 - Aalborg, Denmark Duration: 11 May 2014 → 14 May 2014 |
Conference
Conference | Wireless VITAE2014 |
---|---|
Country/Territory | Denmark |
City | Aalborg |
Period | 11/05/2014 → 14/05/2014 |
Keywords
- access control
- capability
- cloud
- delegation
- M2M
- security