Computer Science > Cryptography and Security
[Submitted on 18 May 2022]
Title:BlueSky: Activity Control: A Vision for "Active" Security Models for Smart Collaborative Systems
View PDFAbstract:Cyber physical ecosystem connects different intelligent devices over heterogeneous networks. Various operations are performed on smart objects to ensure efficiency and to support automation in smart environments. An Activity (defined by Gupta and Sandhu) reflects the current state of an object, which changes in response to requested operations. Due to multiple running activities on different objects, it is critical to secure collaborative systems considering run-time decisions impacted due to related activities (and other parameters) supporting active enforcement of access control decision. Recently, Gupta and Sandhu proposed Activity-Centric Access Control (ACAC) and discussed the notion of activity as a prime abstraction for access control in collaborative systems. The model provides an active security approach that considers activity decision factors such as authorizations, obligations, conditions, and dependencies among related device activities. This paper takes a step forward and presents the core components of an ACAC model and compares with other security models differentiating novel properties of ACAC. We highlight how existing models do not (or in limited scope) support `active' decision and enforcement of authorization in collaborative systems. We propose a hierarchical structure for a family of ACAC models by gradually adding the properties related to notion of activity and discuss states of an activity. We highlight the convergence of ACAC with Zero Trust tenets to reflect how ACAC supports necessary security posture of distributed and connected smart ecosystems. This paper aims to gain a better understanding of ACAC in collaborative systems supporting novel abstractions, properties and requirements.
Current browse context:
eess.SY
References & Citations
Bibliographic and Citation Tools
Bibliographic Explorer (What is the Explorer?)
Litmaps (What is Litmaps?)
scite Smart Citations (What are Smart Citations?)
Code, Data and Media Associated with this Article
CatalyzeX Code Finder for Papers (What is CatalyzeX?)
DagsHub (What is DagsHub?)
Gotit.pub (What is GotitPub?)
Papers with Code (What is Papers with Code?)
ScienceCast (What is ScienceCast?)
Demos
Recommenders and Search Tools
Influence Flower (What are Influence Flowers?)
Connected Papers (What is Connected Papers?)
CORE Recommender (What is CORE?)
arXivLabs: experimental projects with community collaborators
arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.
Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.
Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs.