CHARIOT: Cloud-assisted access control for the internet of things

Gritti, Clémentine; Önen, Melek; Molva, Refik
PST 2018, 16th Annual Conference on Privacy, Security and Trust, August 28-30, 2018, Belfast, Northern Ireland, United Kingdom

The Internet of Things (IoT) technology has expanded widely across the world, promising new data management opportunities for industries, companies and individuals in
different sectors, such as health services or transport logistics. The exponentially increasing number of IoT devices, their origin diversity, their limited capabilities in terms of resources, as well as the ever-increasing amount of data, raise new challenges for
security and privacy protection, precluding traditional access control solutions to be integrated to this new environment. In this paper, we propose a reliable, server-aided, policy-based access control mechanism, named CHARIOT, that enables an IoT platform to verify credentials of different devices requesting access to the data stored within it. CHARIOT enables IoT devices to authenticate themselves to the platform without compromising their privacy by using attribute-based signatures. Our solution also allows secure delegation of costly computational operations to a cloud server, hence relieving the workload at IoT devices'side.

Digital Security
Eurecom Ref:
© 2018 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.