SQuBA: Social Quorum Based Access Control for Open IoT Environments

Yixuan Wang; Abhishek Chandra; Jon Weissman

doi:10.1109/EDGE60047.2023.00020

SQuBA: Social Quorum Based Access Control for Open IoT Environments

Yixuan Wang, Abhishek Chandra, Jon Weissman

Computer Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Internet of things (IoT) devices have been ubiquitous in recent years. An emerging model for IoT deployment is an open edge-based infrastructure. Edge resources are commonly used to coordinate capabilities and manage access due to IoT device resource limitations and IoT vendor heterogeneity. The open IoT environment often exists in a multi-user setting, where multiple users interact with a single IoT device. In this setting, we assume that none of the users or the edges are fully trusted, thus IoT data privacy may be compromised. Limited attention has been paid to authorization and auditing in this environment. However, exploiting inter-user relationships gives us leverage. In this work, we propose a social quorum based architecture, SQuBA, as an access control mechanism for IoT which provides relationship-driven authorization and auditing. We present a tiered approach to support access control rules and relationship-based trustworthiness. We implemented a prototype and carried out experiments using a real-world dataset under various scenarios and configurations. The results demonstrate both SQuBA's promising near real-time response latency that is in the order of milliseconds, and good resilience to different edge faulty models. We also compare with various baselines and SQuBA is able to improve end-to-end latency by up to 10X and tolerate the number of faulty edges by up to 2X.

Original language	English (US)
Title of host publication	Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023
Editors	Claudio Ardagna, Feras Awaysheh, Hongyi Bian, Carl K. Chang, Rong N. Chang, Flavia Delicato, Nirmit Desai, Jing Fan, Geoffrey C. Fox, Andrzej Goscinski, Zhi Jin, Anna Kobusinska, Omer Rana
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	51-62
Number of pages	12
ISBN (Electronic)	9798350304831
DOIs	https://doi.org/10.1109/EDGE60047.2023.00020
State	Published - 2023
Event	7th IEEE International Conference on Edge Computing and Communications, EDGE 2023 - Hybrid, Chicago, United States Duration: Jul 2 2023 → Jul 8 2023

Publication series

Name	Proceedings - IEEE International Conference on Edge Computing
Volume	2023-July
ISSN (Print)	2767-9918

Conference

Conference	7th IEEE International Conference on Edge Computing and Communications, EDGE 2023
Country/Territory	United States
City	Hybrid, Chicago
Period	7/2/23 → 7/8/23

Bibliographical note

Publisher Copyright:
© 2023 IEEE.

Keywords

Access Control
Distributed Ledger Technologies
Edge Computing
Internet of Things
Privacy

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access

10.1109/EDGE60047.2023.00020

OpenUrl availability

Full text

Cite this

Wang, Y., Chandra, A., & Weissman, J. (2023). SQuBA: Social Quorum Based Access Control for Open IoT Environments. In C. Ardagna, F. Awaysheh, H. Bian, C. K. Chang, R. N. Chang, F. Delicato, N. Desai, J. Fan, G. C. Fox, A. Goscinski, Z. Jin, A. Kobusinska, & O. Rana (Eds.), Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023 (pp. 51-62). (Proceedings - IEEE International Conference on Edge Computing; Vol. 2023-July). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/EDGE60047.2023.00020

SQuBA: Social Quorum Based Access Control for Open IoT Environments. / Wang, Yixuan; Chandra, Abhishek ; Weissman, Jon.
Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023. ed. / Claudio Ardagna; Feras Awaysheh; Hongyi Bian; Carl K. Chang; Rong N. Chang; Flavia Delicato; Nirmit Desai; Jing Fan; Geoffrey C. Fox; Andrzej Goscinski; Zhi Jin; Anna Kobusinska; Omer Rana. Institute of Electrical and Electronics Engineers Inc., 2023. p. 51-62 (Proceedings - IEEE International Conference on Edge Computing; Vol. 2023-July).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Wang, Y, Chandra, A & Weissman, J 2023, SQuBA: Social Quorum Based Access Control for Open IoT Environments. in C Ardagna, F Awaysheh, H Bian, CK Chang, RN Chang, F Delicato, N Desai, J Fan, GC Fox, A Goscinski, Z Jin, A Kobusinska & O Rana (eds), Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023. Proceedings - IEEE International Conference on Edge Computing, vol. 2023-July, Institute of Electrical and Electronics Engineers Inc., pp. 51-62, 7th IEEE International Conference on Edge Computing and Communications, EDGE 2023, Hybrid, Chicago, United States, 7/2/23. https://doi.org/10.1109/EDGE60047.2023.00020

Wang Y, Chandra A , Weissman J. SQuBA: Social Quorum Based Access Control for Open IoT Environments. In Ardagna C, Awaysheh F, Bian H, Chang CK, Chang RN, Delicato F, Desai N, Fan J, Fox GC, Goscinski A, Jin Z, Kobusinska A, Rana O, editors, Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023. Institute of Electrical and Electronics Engineers Inc. 2023. p. 51-62. (Proceedings - IEEE International Conference on Edge Computing). doi: 10.1109/EDGE60047.2023.00020

Wang, Yixuan ; Chandra, Abhishek ; Weissman, Jon. / SQuBA : Social Quorum Based Access Control for Open IoT Environments. Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023. editor / Claudio Ardagna ; Feras Awaysheh ; Hongyi Bian ; Carl K. Chang ; Rong N. Chang ; Flavia Delicato ; Nirmit Desai ; Jing Fan ; Geoffrey C. Fox ; Andrzej Goscinski ; Zhi Jin ; Anna Kobusinska ; Omer Rana. Institute of Electrical and Electronics Engineers Inc., 2023. pp. 51-62 (Proceedings - IEEE International Conference on Edge Computing).

@inproceedings{3e91675be2af4a1ebb1d65ef466381ef,

title = "SQuBA: Social Quorum Based Access Control for Open IoT Environments",

abstract = "Internet of things (IoT) devices have been ubiquitous in recent years. An emerging model for IoT deployment is an open edge-based infrastructure. Edge resources are commonly used to coordinate capabilities and manage access due to IoT device resource limitations and IoT vendor heterogeneity. The open IoT environment often exists in a multi-user setting, where multiple users interact with a single IoT device. In this setting, we assume that none of the users or the edges are fully trusted, thus IoT data privacy may be compromised. Limited attention has been paid to authorization and auditing in this environment. However, exploiting inter-user relationships gives us leverage. In this work, we propose a social quorum based architecture, SQuBA, as an access control mechanism for IoT which provides relationship-driven authorization and auditing. We present a tiered approach to support access control rules and relationship-based trustworthiness. We implemented a prototype and carried out experiments using a real-world dataset under various scenarios and configurations. The results demonstrate both SQuBA's promising near real-time response latency that is in the order of milliseconds, and good resilience to different edge faulty models. We also compare with various baselines and SQuBA is able to improve end-to-end latency by up to 10X and tolerate the number of faulty edges by up to 2X.",

keywords = "Access Control, Distributed Ledger Technologies, Edge Computing, Internet of Things, Privacy",

author = "Yixuan Wang and Abhishek Chandra and Jon Weissman",

note = "Publisher Copyright: {\textcopyright} 2023 IEEE.; 7th IEEE International Conference on Edge Computing and Communications, EDGE 2023 ; Conference date: 02-07-2023 Through 08-07-2023",

year = "2023",

doi = "10.1109/EDGE60047.2023.00020",

language = "English (US)",

series = "Proceedings - IEEE International Conference on Edge Computing",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "51--62",

editor = "Claudio Ardagna and Feras Awaysheh and Hongyi Bian and Chang, {Carl K.} and Chang, {Rong N.} and Flavia Delicato and Nirmit Desai and Jing Fan and Fox, {Geoffrey C.} and Andrzej Goscinski and Zhi Jin and Anna Kobusinska and Omer Rana",

booktitle = "Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023",

}

TY - GEN

T1 - SQuBA

T2 - 7th IEEE International Conference on Edge Computing and Communications, EDGE 2023

AU - Wang, Yixuan

AU - Chandra, Abhishek

AU - Weissman, Jon

PY - 2023

Y1 - 2023

N2 - Internet of things (IoT) devices have been ubiquitous in recent years. An emerging model for IoT deployment is an open edge-based infrastructure. Edge resources are commonly used to coordinate capabilities and manage access due to IoT device resource limitations and IoT vendor heterogeneity. The open IoT environment often exists in a multi-user setting, where multiple users interact with a single IoT device. In this setting, we assume that none of the users or the edges are fully trusted, thus IoT data privacy may be compromised. Limited attention has been paid to authorization and auditing in this environment. However, exploiting inter-user relationships gives us leverage. In this work, we propose a social quorum based architecture, SQuBA, as an access control mechanism for IoT which provides relationship-driven authorization and auditing. We present a tiered approach to support access control rules and relationship-based trustworthiness. We implemented a prototype and carried out experiments using a real-world dataset under various scenarios and configurations. The results demonstrate both SQuBA's promising near real-time response latency that is in the order of milliseconds, and good resilience to different edge faulty models. We also compare with various baselines and SQuBA is able to improve end-to-end latency by up to 10X and tolerate the number of faulty edges by up to 2X.

AB - Internet of things (IoT) devices have been ubiquitous in recent years. An emerging model for IoT deployment is an open edge-based infrastructure. Edge resources are commonly used to coordinate capabilities and manage access due to IoT device resource limitations and IoT vendor heterogeneity. The open IoT environment often exists in a multi-user setting, where multiple users interact with a single IoT device. In this setting, we assume that none of the users or the edges are fully trusted, thus IoT data privacy may be compromised. Limited attention has been paid to authorization and auditing in this environment. However, exploiting inter-user relationships gives us leverage. In this work, we propose a social quorum based architecture, SQuBA, as an access control mechanism for IoT which provides relationship-driven authorization and auditing. We present a tiered approach to support access control rules and relationship-based trustworthiness. We implemented a prototype and carried out experiments using a real-world dataset under various scenarios and configurations. The results demonstrate both SQuBA's promising near real-time response latency that is in the order of milliseconds, and good resilience to different edge faulty models. We also compare with various baselines and SQuBA is able to improve end-to-end latency by up to 10X and tolerate the number of faulty edges by up to 2X.

KW - Access Control

KW - Distributed Ledger Technologies

KW - Edge Computing

KW - Internet of Things

KW - Privacy

UR - http://www.scopus.com/inward/record.url?scp=85173459380&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85173459380&partnerID=8YFLogxK

U2 - 10.1109/EDGE60047.2023.00020

DO - 10.1109/EDGE60047.2023.00020

M3 - Conference contribution

AN - SCOPUS:85173459380

T3 - Proceedings - IEEE International Conference on Edge Computing

SP - 51

EP - 62

BT - Proceedings - 2023 IEEE International Conference on Edge Computing and Communications, EDGE 2023

A2 - Ardagna, Claudio

A2 - Awaysheh, Feras

A2 - Bian, Hongyi

A2 - Chang, Carl K.

A2 - Chang, Rong N.

A2 - Delicato, Flavia

A2 - Desai, Nirmit

A2 - Fan, Jing

A2 - Fox, Geoffrey C.

A2 - Goscinski, Andrzej

A2 - Jin, Zhi

A2 - Kobusinska, Anna

A2 - Rana, Omer

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 2 July 2023 through 8 July 2023

ER -

SQuBA: Social Quorum Based Access Control for Open IoT Environments

Abstract

Publication series

Conference

Bibliographical note

Keywords

UN SDGs

Access

OpenUrl availability

Other files and links

Fingerprint

Cite this