Access to resources, both physical and cyber, must be controlled to maintain security. The increasingly connected nature of our world makes access control a paramount issue. The expansion of the Internet of Things into everyday life has created numerous opportunities to share information and resources with other people and other devices. The Internet of Things will contain numerous wireless devices. The level of access each user (human or device) is given must be controlled. Most conventional access control schemes are rigid in that they do not account for environmental context. This solution is not sufficient for the Internet of Things. What is needed is a more granular control of access rights and a gradual degradation or expansion of access based on observed facts. This chapter presents an access control system termed the Access of Things, which employs a gradual degradation of privilege philosophy. The Access of Things concept is applicable to the dynamic security environment present in the Internet of Things.
TopInternet Of Things Concept
The Internet of Things (IOT) concept envisions an environment where devices automatically connect together to solve problems or better monitor the environment. The problems that can be addressed in the IOT framework are larger than a single device could solve on its own. This may be due to lack of computing power or lack of access to input data. The concept of the IOT is not necessarily one of human-centric applications, but one that will include more machine-to-machine (M2M) applications facilitated by massive M2M networks supported by the IOT’s infrastructure. The differentiator between the IOT and a generic Internet capable device is the increased degree of autonomy of the device and reliance on M2M communication. In fact, most IOT applications are based around the M2M communication with the human user being a consumer of information or service rather than the initiator of operations.
The initial idea was to provide every device with an IP address for routing data (traffic) between devices to facilitate M2M communication. While IP is a widely used protocol, it may not be the best protocol for all applications and other protocols are available to supplement IP. This is true for IOT applications because many IOT devices have limited computational and communication resources, especially remote sensor nodes.
IOT applications include smart health, remote healthcare (You, Liu, & Tong, 2011; Revere, Black, & Zalila, 2010; Chen, Gonzalez, Leung, Zhang, & Li, 2010; Wicks, Visich, & Li, 2006), home management, traffic management (Foschini, Taleb, Corradi, & Bottazzi, 2011), smart grid, and industrial control systems. The notion of networks forming, changing, and dissolving on their own raises questions about what resources should be shared. Each actor in the IOT must make this decision on their own and based on their perception of the environment and the application. Spatial access control, including building access control systems, is one example of such a system.