DynPolAC: Dynamic Policy-based Access Control for IoT Systems

Mehdi Karimi, Ekta Aggarwal, Karthik Pattabiraman, and Andre Ivanov, IEEE International Symposium on Dependable Computing (PRDC), 2018. (Acceptance Rate: 49%). [ PDF | Talk Slides ] (Code)

Abstract: In the near future, Internet-of-Things (IoT) systems will be comprised of autonomous, highly interactive and moving objects that require frequent handshakes to exchange information in time intervals of seconds. Examples of such systems are drones and self-driving cars. In these scenarios, data integrity, confidentiality, and privacy protection are of critical importance. Further, updates need to be processed quickly and with low overheads due to the systems’ resource-constrained nature.

This paper proposes Dynamic Policy-based Access Control (DynPolAC) as a model for protecting information in such systems. We construct a new access control policy language that satisfies the properties of highly dynamic IoT environments. Our access control engine is comprised of a rule parser and a checker to process policies and update them at run-time with minimum service disruption. DynPolAC achieves more than 7x performance improvements when compared to previously proposed methods for authorization on resource-constrained IoT platforms, and achieves more than 3x faster response times overall.