標題: CoAP Option for Capability-Based Access Control for IoT-Applications
作者: Chen, Borting
Guenes, Mesut
Huang, Yu-Lun
電控工程研究所
Institute of Electrical and Control Engineering
關鍵字: Capability-Based Access Control;Internet of Things;Network Security
公開日期: 2016
摘要: Access control is critical for many applications of the Internet of Things (IoT) since the owner of an IoT device (and application) may only permit one user to access a subset of the resources of the device. To provide access control for an IoT network, recent work adopted the capability-based access control (CBAC) model, which allows an IoT device to decide on the authorization by itself based on a capability token. However, the existing approaches based on CBAC directly attach the capability token at the end of CoAP when sending a request message. For the receiver, it is not easy to retrieve the capability token from the request message if the CoAP payload is present, because CoAP does not have a length field to indicate the size of its payload. To counter this problem, we propose a CoAP option, Cap-Token, to encapsulate a capability token when sending request messages. Because a CoAP option is independent from other CoAP fields, a receiver can get the capability token from the Cap-Token option of the request message without ambiguity. We also provide a compression mechanism to reduce the size of the Cap- Token option. Our evaluation shows that the compression mechanism can save the size of the option by 60%. Adding a compressed Cap-Token option to a request message increases the IP datagram size by 45 bytes, which is only 41% of the increase when directly attaching the capability token at the end of CoAP.
URI: http://dx.doi.org/10.5220/0005950902660274
http://hdl.handle.net/11536/134316
ISBN: 978-989-758-183-0
DOI: 10.5220/0005950902660274
期刊: IOTBD: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON INTERNET OF THINGS AND BIG DATA
起始頁: 266
結束頁: 274
Appears in Collections:Conferences Paper