Projects per year
Abstract
Accuracy (and hence calibration) is a key requirement of safety-critical IoT (SC-IoT) systems. Calibration workflows involve a number of parties such as device users, manufacturers, calibration facilities and NMIs who must collaborate but may also compete (mutually untrusting). For instance, a surgical robot manufacturer may wish to hide the identities of third-parties from the operator (hospital), in order to maintain confidentiality of business relationships around its robot products. Thus, information flows that reveal who-calibrates-for-whom need to be managed to ensure confidentiality. Similarly, meta-information about what-is-being-calibrated and how-often-it-is-calibrated may compromise operational confidentiality of a deployment. We show that the challenge of managing information flows between the parties involved in calibration cannot be met by any of the classical access control models, as any one of them, or a simple conjunction of a subset such as the lattice model, fails to meet the desired access control requirements. We demonstrate that a new unified access control model that combines BIBA, BLP, and Chinese Walls holds rich promise. We study the case for unification, system properties, and develop an XACML-based authorisation framework which enforces the unified model. We show that upon evaluation against a baseline simple-conjunction of the three models individually, our unified model outperforms with authorisation times at least 10ms lower than the baseline. This demonstrates it is capable of solving the novel access control challenges thrown up by digital-calibration workflows.
| Original language | English |
|---|---|
| Title of host publication | Information Systems Security - 16th International Conference, ICISS 2020, Proceedings |
| Editors | Salil Kanhere, Vishwas T Patil, Shamik Sural, Manoj S Gaur |
| Place of Publication | [Switzerland] |
| Publisher | Springer |
| Pages | 3-22 |
| Number of pages | 20 |
| ISBN (Print) | 9783030656096 |
| DOIs | |
| Publication status | Published - 31 Dec 2020 |
| Event | 16th International Conference on Information Systems Security, ICISS 2020 - Jammu, India Duration: 16 Dec 2020 → 20 Dec 2020 |
Publication series
| Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
|---|---|
| Volume | 12553 LNCS |
| ISSN (Print) | 0302-9743 |
| ISSN (Electronic) | 1611-3349 |
Conference
| Conference | 16th International Conference on Information Systems Security, ICISS 2020 |
|---|---|
| Country/Territory | India |
| City | Jammu |
| Period | 16/12/20 → 20/12/20 |
Funding
Acknowledgements. The authors are grateful for the support by Engineering and Physical Sciences Research Council (11288S170484-102), UKIERI-2018-19-005, and the support of the National Measurement System of the UK Department of Business, Energy & Industrial Strategy, which funded this work as part of NPL’s Data Science program.
Keywords
- Internet of Things
- IoT
- SC-IoT
- access control
Fingerprint
Dive into the research topics of 'A unified access control model for calibration traceability in safety-critical IoT'. Together they form a unique fingerprint.Projects
- 2 Finished
-
Secure and Resilient Cyberphysical Systems
Nagaraja, S. (Principal Investigator)
UK India Education and Research Initiative UKIERI
1/04/19 → 31/12/21
Project: Research
-
Industrial CASE Account - University of Strathclyde 2017 | Shah, Ryan
Revie, C. (Principal Investigator), Ahmed, C. M. (Co-investigator) & Shah, R. (Research Co-investigator)
EPSRC (Engineering and Physical Sciences Research Council)
1/10/18 → 15/02/23
Project: Research Studentship Case - Internally allocated