Securing critical infrastructure in smart cities: Providing scalable access control for constrained devices

摘要

Because of the sheer number of connected devices in IoT environments such as smart cities, access control in this area has to provide a high degree of scalability. Other challenges for access control include the constrained resources of IoT devices - often including a limited power budget. The most promising work in this area is on DCAF and CBAC. However, DCAF is a complex protocol breaking with the design principles of a RESTful architecture and all known CBAC proposals rely on asymmetric cryptography, which prevents its use on the most constrained devices. In this paper we propose an efficient format for capability tokens that is used fully stateless and decentralized. Our evaluation shows, that the impact of using our CBAC implementation on response time is negligible and only increases the required CPU time by less than factor two. This allows deploying access control in scenarios previous CBAC implementations and DCAF are infeasible.