Ravi Sandhu

Mohammad Nur Nobi, Ram Krishnan, Yufei Huang et al.

A common trait of current access control approaches is the challenging need to engineer abstract and intuitive access control models. This entails designing access control information in the form of roles (RBAC), attributes (ABAC), or relationships (ReBAC) as the case may be, and subsequently, designing access control rules. This framework has its benefits but has significant limitations in the context of modern systems that are dynamic, complex, and large-scale, due to which it is difficult to maintain an accurate access control state in the system for a human administrator. This paper proposes Deep Learning Based Access Control (DLBAC) by leveraging significant advances in deep learning technology as a potential solution to this problem. We envision that DLBAC could complement and, in the long-term, has the potential to even replace, classical access control models with a neural network that reduces the burden of access control model engineering and updates. Without loss of generality, we conduct a thorough investigation of a candidate DLBAC model, called DLBAC_alpha, using both real-world and synthetic datasets. We demonstrate the feasibility of the proposed approach by addressing issues related to accuracy, generalization, and explainability. We also discuss challenges and future research directions.

Mohammad Nur Nobi, Maanak Gupta, Lopamudra Praharaj et al.

An increasing body of work has recognized the importance of exploiting machine learning (ML) advancements to address the need for efficient automation in extracting access control attributes, policy mining, policy verification, access decisions, etc. In this work, we survey and summarize various ML approaches to solve different access control problems. We propose a novel taxonomy of the ML model's application in the access control domain. We highlight current limitations and open challenges such as lack of public real-world datasets, administration of ML-based access control systems, understanding a black-box ML model's decision, etc., and enumerate future research directions.

Glen Cathey, James Benson, Maanak Gupta et al.

Internet of Things (IoT) is a rapidly growing industry currently being integrated into both consumer and industrial environments on a wide scale. While the technology is available and deployment has a low barrier of entry in future applications, proper security frameworks are still at infancy stage and are being developed to fit varied implementations and device architectures. Further, the need for edge centric mechanisms are critical to offer security in real time smart connected applications with minimal or negligible overhead. In this paper, we propose a novel approach of data security by using multiple device shadows (aka digital twins) for a single physical object. These twins are paramount to separate data among different virtual objects based on tags assigned on-the-fly, and are used to limit access to different data points by authorized users/applications only. The novelty of the proposed architecture resides in the attachment of dynamic tags to key-value pairs reported by physical devices in the system. We further examine the advantages of tagging data in a digital twin system, and the performance impacts of the proposed data separation scheme. The proposed solution is deployed at the edge, supporting low latency and real time security mechanisms with minimal overhead, and is light-weight as reflected by captured performance metrics.

Maanak Gupta, Ravi Sandhu

The ubiquitous presence of smart devices along with advancements in connectivity coupled with the elastic capabilities of cloud and edge systems have nurtured and revolutionized smart ecosystems. Intelligent, integrated cyber-physical systems offer increased productivity, safety, efficiency, speed and support for data driven applications beyond imagination just a decade ago. Since several connected devices work together as a coordinated unit to ensure efficiency and automation, the individual operations they perform are often reliant on each other. Therefore, it is important to control what functions or activities different devices can perform at a particular moment of time, and how they are related to each other. It is also important to consider additional factors such as conditions, obligation or mutability of activities, which are critical in deciding whether or not a device can perform a requested activity. In this paper, we take an initial step to propose and discuss the concept of Activity-Centric Access Control (ACAC) for smart and connected ecosystem. We discuss the notion of activity with respect to the collaborative and distributed yet integrated systems and identify the different entities involved along with the important factors to make an activity control decision. We outline a preliminary approach for defining activity control expressions which can be applied to different smart objects in the system. The main goal of this paper is to present the vision and need for the activity-centric approach for access control in connected smart systems, and foster discussion on the identified future research agenda.

Maanak Gupta, Ravi Sandhu

Attribute-based access control (ABAC) models are widely used to provide fine-grained and adaptable authorization based on the attributes of users, resources, and other relevant entities. Hierarchial group and attribute based access control (HGABAC) model was recently proposed which introduces the novel notion of attribute inheritance through group membership. GURAG was subsequently proposed to provide an administrative model for user attributes in HGABAC, building upon the ARBAC97 and GURA administrative models. The GURA model uses administrative roles to manage user attributes. The reachability problem for the GURA model is to determine what attributes a particular user can acquire, given a predefined set of administrative rules. This problem has been previously analyzed in the literature. In this paper, we study the user attribute reachability problem based on directly assigned attributes of the user and attributes inherited via group memberships. We first define a restricted form of GURAG, called rGURAG scheme, as a state transition system with multiple instances having different preconditions and provide reachability analysis for each of these schemes. In general, we show PSPACE-complete complexity for all rGURAG schemes. We further present polynomial time algorithms to solve special instances of rGURAG schemes under restricted conditions.

Maanak Gupta, James Benson, Farhan Patwa et al.

Intelligent Transportation System (ITS) is a vision which offers safe, secure and smart travel experience to drivers. This futuristic plan aims to enable vehicles, roadside transportation infrastructures, pedestrian smart-phones and other devices to communicate with one another to provide safety and convenience services. Vehicle to Vehicle (V2V) and Vehicle to Infrastructure (V2I) communication in ITS offers ability to exchange speed, heading angle, position and other environment related conditions amongst vehicles and with surrounding smart infrastructures. In this intelligent setup, vehicles and users communicate and exchange data with random untrusted entities (like vehicles, smart traffic lights or pedestrians) whom they don't know or have met before. The concerns of location privacy and secure communication further deter the adoption of this smarter and safe transportation. In this paper, we present a secure and trusted V2V and V2I communication approach using edge infrastructures where instead of direct peer to peer communication, we introduce trusted cloudlets to authorize, check and verify the authenticity, integrity and ensure anonymity of messages exchanged in the system. Moving vehicles or road side infrastructure are dynamically connected to nearby cloudlets, where security policies can be implemented to sanitize or stop fake messages and prevent rogue vehicles to exchange messages with other vehicles. We also present a formal attribute-based model for V2V and V2I communication, called AB-ITS, along with proof of concept implementation of the proposed solution in AWS IoT platform. This cloudlet supported architecture complements direct V2V or V2I communication, and serves important use cases such as accident or ice-threat warning and other safety applications. Performance metrics of our proposed architecture are also discussed and compared with existing ITS technologies.

Maanak Gupta, James Benson, Farhan Patwa et al.

Future smart cities and intelligent world will have connected vehicles and smart cars as its indispensable and most essential components. The communication and interaction among such connected entities in this vehicular internet of things (IoT) domain, which also involves smart traffic infrastructure, road-side sensors, restaurant with beacons, autonomous emergency vehicles, etc., offer innumerable real-time user applications and provide safer and pleasant driving experience to consumers. Having more than 100 million lines of code and hundreds of sensors, these connected vehicles (CVs) expose a large attack surface, which can be remotely compromised and exploited by malicious attackers. Security and privacy are serious concerns that impede the adoption of smart connected cars, which if not properly addressed will have grave implications with risk to human life and limb. In this research, we present a formalized dynamic groups and attribute-based access control (ABAC) model (referred as \cvac) for smart cars ecosystem, where the proposed model not only considers system wide attributes-based security policies but also takes into account the individual user privacy preferences for allowing or denying service notifications, alerts and operations to on-board resources. Further, we introduce a novel notion of groups in vehicular IoT, which are dynamically assigned to moving entities like connected cars, based on their current GPS coordinates, speed or other attributes, to ensure relevance of location and time sensitive notification services to the consumers, to provide administrative benefits to manage large numbers of smart entities, and to enable attributes and alerts inheritance for fine-grained security authorization policies. We present proof of concept implementation of our model in AWS cloud platform demonstrating real-world uses cases along with performance metrics.