SecShield: An IoT access control framework with edge caching using software defined network

In the era of the Internet of Things (IoT), where technology has revolutionized our interaction with the world around us and bridged the gap between the physical and digital realms, providing an effective fine-grained access control system is paramount to safeguarding security of the IoT ecosystem....

Full description

Saved in:
Bibliographic Details
Published in:Peer-to-peer networking and applications 2025-02, Vol.18 (1), p.1-17
Main Authors: Zangaraki, Shahrbanoo, Mirabi, Meghdad, Erfani, Seyed Hossein, Sahafi, Amir
Format: Article
Language:English
Subjects:
4 - Track on IoT
Access control
Algorithms
Communications Engineering
Computer Communication Networks
Cybersecurity
Engineering
Information Systems and Communication Service
Internet of Things
Networks
Policies
Signal,Image and Speech Processing
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the era of the Internet of Things (IoT), where technology has revolutionized our interaction with the world around us and bridged the gap between the physical and digital realms, providing an effective fine-grained access control system is paramount to safeguarding security of the IoT ecosystem. This paper introduces SecShield, a novel Software Defined Network (SDN)-based framework, particularly designed for IoT environments. SecShield operates by evaluating access requests and granting access to IoT services only when the set of defined access policies are satisfied. Utilizing the Attribute-Based Access Control (ABAC) model, SecShield specifies fine-grained access policies for IoT services and employs an algorithm for evaluating access requests. Additionally, the framework incorporates a local cache at the edge of the IoT network, enhanced with a Least Recently Used (LRU) algorithm, to optimize the process of access request evaluation. Experimental results validate the efficiency and feasibility of SecShield, positioning it as a viable solution for improving security of real-world IoT networks.
ISSN:1936-6442
1936-6450
DOI:10.1007/s12083-024-01825-5