aalto1 untyped-item.component.html
Capabilities-based access control for IoT devices using Verifiable Credentials
Loading...
Access rights
openAccess
URL
Journal Title
Journal ISSN
Volume Title
A4 Artikkeli konferenssijulkaisussa
This publication is imported from Aalto University research portal.
View publication in the Research portal (opens in new window)
Other link related to publication (opens in new window)
View publication in the Research portal (opens in new window)
Other link related to publication (opens in new window)
Date
Major/Subject
Mcode
Degree programme
Language
en
Pages
7
Series
Proceedings - 43rd IEEE Symposium on Security and Privacy Workshops, SPW 2022, pp. 222-228, IEEE Security and Privacy Workshops
Abstract
Capabilities-based access control is a promising paradigm that can handle the particularities of IoT systems. Nevertheless, existing systems are not interoperable and they have limitations, such as lack of proof of possession, inefficient revocation mechanisms, and reliance on trusted third parties. In this paper we overcome these limitations by designing and implementing a system that leverages Verifiable Credentials (VCs) to encode the access rights. Our solution specifies protocols for requesting and using VCs that can be mapped to OAuth 2.0, includes an efficient and privacy preserving proof of possession mechanism, and it supports revocation. We implement and evaluate our solution and we show that it can be directly used even by constrained devices.
Description
| openaire: EC/H2020/957246/EU//IoT-NGIN
Other note
Citation
Fotiou, N, Siris, V A, Polyzos, G C, Kortesniemi, Y & Lagutin, D 2022, Capabilities-based access control for IoT devices using Verifiable Credentials. in Proceedings - 43rd IEEE Symposium on Security and Privacy Workshops, SPW 2022. IEEE Security and Privacy Workshops, IEEE, pp. 222-228, IEEE Workshop on the Internet of Safe Things, San Francisco, California, United States, 26/05/2022. https://doi.org/10.1109/SPW54247.2022.9833873