東華大學圖書館 |

Language: English

Help

回圖書館首頁

手機版館藏查詢

Back

Switch To: Labeled | MARC Mode | ISBD

Attribute-based Access and Communica...

Bhatt, Smriti.

Linked to FindBook

Google Book

Amazon

博客來

Attribute-based Access and Communication Control Models for Cloud and Cloud-enabled Internet of Things.

Record Type:	Electronic resources : Monograph/item
Title/Author:	Attribute-based Access and Communication Control Models for Cloud and Cloud-enabled Internet of Things./
Author:	Bhatt, Smriti.
Published:	Ann Arbor : ProQuest Dissertations & Theses, : 2018,
Description:	166 p.
Notes:	Source: Dissertations Abstracts International, Volume: 80-02, Section: B.
Contained By:	Dissertations Abstracts International80-02B.
Subject:	Information Technology. -
Online resource:	http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10928465
ISBN:	9780438301559

Attribute-based Access and Communication Control Models for Cloud and Cloud-enabled Internet of Things.
Bhatt, Smriti.

Attribute-based Access and Communication Control Models for Cloud and Cloud-enabled Internet of Things. - Ann Arbor : ProQuest Dissertations & Theses, 2018 - 166 p.

Source: Dissertations Abstracts International, Volume: 80-02, Section: B.

Thesis (Ph.D.)--The University of Texas at San Antonio, 2018.

This item is not available from ProQuest Dissertations & Theses.

The essence of Attribute-Based models lies in their nature of employing attributes of various entities for controlling different aspects in a system, as defined by customized policies based on the model's objectives and application domain. In Attribute-Based Access Control (ABAC), a subject's (e.g., a user's) access to different objects (e.g., files, databases) or to subjects (e.g., other users in Online Social Networks) is secured based on the attributes of subjects and objects. ABAC controls access to data and information stored in a system by abstracting them in the form of protected objects or resources. Due to its object focused approach, ABAC is insufficient to control communications occurring in the form of streaming data and information sharing among different system components. There is some literature on controlling communications using ABAC; however, there is lack of focused treatment of Attribute-Based Communication Control (ABCC). In today's world, two pervasive application domains are Cloud Computing and the Cloud-Enabled Internet of Things (CE-IoT). In these rapidly evolving domains, security and privacy of data and information at rest and in motion is at considerable risk at all times from unauthorized actors and malicious attackers. It is crucial to appropriately address security and privacy concerns in these two emerging domains by conducting fundamental research on specialized ABAC and ABCC models for Cloud and CE-IoT, which is currently lacking in the academic literature. This dissertation investigates, develops, and demonstrates ABAC and ABCC models in four different contexts concerning Cloud Computing and CE-IoT. First, it develops formal ABAC models with user attributes, group attributes, and group and attribute hierarchies, viz. User-Attribute Enhanced OSAC (UAE-OSAC) model for OpenStack, and restricted Hierarchical Group and Attribute-Based Access Control (rHGABAC) model. It demonstrates enforcement of these models utilizing unified attribute-based access control tool, the Policy Machine (PM), developed by National Institute of Standards and Technology (NIST), augmented with the Authorization Engine (AE) developed in this research. Second, it investigates a real-world CE-IoT architecture, the AWS IoT, recently introduced by Amazon Web Services (AWS). It then develops an abstract access control model for AWS IoT known as AWS-IoTAC, based on the earlier published AWS Access Control (AWSAC) model. In contrast to AWS's policy-based approach, this dissertation identifies the need for an attribute-based approach for fine-grained authorizations in IoT and proposes ABAC enhancements to the AWS-IoTAC model. A Smart Home use case is implemented in AWS IoT to demonstrate the model and proposed ABAC enhancements. Third, it enhances the Access Control Oriented (ACO) architecture for IoT motivated by a Wearable IoT (WIoT) use case, called the EACO architecture. It then develops an Access Control (AC) framework to comprehensively capture different types of accesses and communications within the EACO architecture for CE-IoT. Fourth, this dissertation introduces a novel concept of Attribute-Based Communication Control (ABCC) and develops a general conceptual ABCC model. It then proposes a formal ABCC model to control data flow and enforce privacy policies between the edge IoT network and the Cloud in the context of CE-IoT. It demonstrates a real-world realization of this model using a WIoT use case and a proof-of-concept implementation employing the AWS IoT and its edge computing service.

ISBN: 9780438301559Subjects--Topical Terms:

1030799
Information Technology.

Attribute-based Access and Communication Control Models for Cloud and Cloud-enabled Internet of Things.
LDR:04763nmm a2200337 4500 001 2207821
005 20190923114237.5
008 201008s2018 ||||||||||||||||| ||eng d
020 $a 9780438301559
035 $a (MiAaPQ)AAI10928465
035 $a (MiAaPQ)utsa:12639
035 $a AAI10928465
040 $a MiAaPQ $c MiAaPQ
100 1 $a Bhatt, Smriti. $3 3434823
245 1 0 $a Attribute-based Access and Communication Control Models for Cloud and Cloud-enabled Internet of Things.
260 1 $a Ann Arbor : $b ProQuest Dissertations & Theses, $c 2018
300 $a 166 p.
500 $a Source: Dissertations Abstracts International, Volume: 80-02, Section: B.
500 $a Publisher info.: Dissertation/Thesis.
500 $a Advisor: Sandhu, Ravi.
502 $a Thesis (Ph.D.)--The University of Texas at San Antonio, 2018.
506 $a This item is not available from ProQuest Dissertations & Theses.
506 $a This item must not be sold to any third party vendors.
520 $a The essence of Attribute-Based models lies in their nature of employing attributes of various entities for controlling different aspects in a system, as defined by customized policies based on the model's objectives and application domain. In Attribute-Based Access Control (ABAC), a subject's (e.g., a user's) access to different objects (e.g., files, databases) or to subjects (e.g., other users in Online Social Networks) is secured based on the attributes of subjects and objects. ABAC controls access to data and information stored in a system by abstracting them in the form of protected objects or resources. Due to its object focused approach, ABAC is insufficient to control communications occurring in the form of streaming data and information sharing among different system components. There is some literature on controlling communications using ABAC; however, there is lack of focused treatment of Attribute-Based Communication Control (ABCC). In today's world, two pervasive application domains are Cloud Computing and the Cloud-Enabled Internet of Things (CE-IoT). In these rapidly evolving domains, security and privacy of data and information at rest and in motion is at considerable risk at all times from unauthorized actors and malicious attackers. It is crucial to appropriately address security and privacy concerns in these two emerging domains by conducting fundamental research on specialized ABAC and ABCC models for Cloud and CE-IoT, which is currently lacking in the academic literature. This dissertation investigates, develops, and demonstrates ABAC and ABCC models in four different contexts concerning Cloud Computing and CE-IoT. First, it develops formal ABAC models with user attributes, group attributes, and group and attribute hierarchies, viz. User-Attribute Enhanced OSAC (UAE-OSAC) model for OpenStack, and restricted Hierarchical Group and Attribute-Based Access Control (rHGABAC) model. It demonstrates enforcement of these models utilizing unified attribute-based access control tool, the Policy Machine (PM), developed by National Institute of Standards and Technology (NIST), augmented with the Authorization Engine (AE) developed in this research. Second, it investigates a real-world CE-IoT architecture, the AWS IoT, recently introduced by Amazon Web Services (AWS). It then develops an abstract access control model for AWS IoT known as AWS-IoTAC, based on the earlier published AWS Access Control (AWSAC) model. In contrast to AWS's policy-based approach, this dissertation identifies the need for an attribute-based approach for fine-grained authorizations in IoT and proposes ABAC enhancements to the AWS-IoTAC model. A Smart Home use case is implemented in AWS IoT to demonstrate the model and proposed ABAC enhancements. Third, it enhances the Access Control Oriented (ACO) architecture for IoT motivated by a Wearable IoT (WIoT) use case, called the EACO architecture. It then develops an Access Control (AC) framework to comprehensively capture different types of accesses and communications within the EACO architecture for CE-IoT. Fourth, this dissertation introduces a novel concept of Attribute-Based Communication Control (ABCC) and develops a general conceptual ABCC model. It then proposes a formal ABCC model to control data flow and enforce privacy policies between the edge IoT network and the Cloud in the context of CE-IoT. It demonstrates a real-world realization of this model using a WIoT use case and a proof-of-concept implementation employing the AWS IoT and its edge computing service.
590 $a School code: 1283.
650 4 $a Information Technology. $3 1030799
650 4 $a Computer science. $3 523869
690 $a 0489
690 $a 0984
710 2 $a The University of Texas at San Antonio. $b Computer Science. $3 1065531
773 0 $t Dissertations Abstracts International $g 80-02B.
790 $a 1283
791 $a Ph.D.
792 $a 2018
793 $a English
856 4 0 $u http://pqdd.sinica.edu.tw/twdaoapp/servlet/advanced?query=10928465