Automatic Device Selection and Access PolicyGeneration based on User Preference for IoTActivity Workflow
This addresses usability and security challenges for end users in IoT environments, though it is incremental as it applies existing algorithms to a new domain.
The paper tackles the problem of users manually searching for suitable IoT devices and defining security policies for workflows by introducing an approach that automatically selects devices based on user preferences and generates access policies, with experiments showing the Genetic Algorithm as the best among tested heuristics for balancing efficiency and effectiveness.
The emerging Internet of Things (IoT) has lead to a dramatic increase in type, quantity, and the number of functions that can be offered in a smart environment. Future smart environments will be even richer in terms of the number of devices and functionality provided by them. This poses two major challenges a) an end user has to search through a vast number of IoT devices to identify the suitable devices that satisfy their preferences, and b) it is extremely difficult for users to manually define fine-grained security policies to support workflows involving multiple functions. This paper introduces an intelligent new approach to overcome these challenges by a) enabling users to describe their required functionalities in the form of activity workflow, b) automatically selecting a group of devices to satisfy users functional requirements and maximise their preferences over device usage, c) systematically generating local network access control policies to ensure enforce the principle of least privilege. We study different heuristic search algorithms to find the preferred devices for a given workflow. Experiments results show that the Genetic Algorithm is the best, among the algorithms that we test, as it offers a balance between efficiency and effectiveness.