UCON-Based Access Control Model And Application In IoT Environment

The concept and application of IoT were gradually understood by people. As a new technology which has great development potential, the whole IoT industrial chain will produce hundreds of thousands of trillion levels of profits, so the IoT industrial will be the inevitably support and develop object of every country all over the world. Nevertheless, as various of technologies and application areas the IoT industrial related, its security issue is a big problem and must be solved in a properly way, otherwise, the development of IoT industrial can't find its way to expand as well as strengthen. And further more, the weak security environment of IoT could produce kinds of chances for illegal entrant to commit crime behaviors to our system.Access control technology is one of the important technologies in information security area, research on the access control of IoT data security is a crucial question which requires immediately solution. In order to support the access control environment modeling in the more and more flexible and complex reality applications, kinds of enterprise environment oriented access control models and various applications to Usage Control (UCON) access model successively appeared. Combining with UCON model, an IoT data access control model named Internet of Things-Usage Control (IoT-UCON) is put forward based on the UCONABC aim to overcome the shortage that the traditional access control model can't fully satisfy the comprehensive access control demand in IoT applications environment.Through analysis and research on the traditional access control models, this paper gives out the principle and performance of these models, such as DAC, MAC, RBAC and so on. And then, according to the IoT environment's technology background and hierarchical features, this paper provides the IoT-UCON model. At last, this paper present a practical application verification based a campus IoT environment. Through introduction of the three control factors (authorization, obligations and conditions) and the combination control of both pre policy and on policy, the paper achieves more fine-grained dynamic management for users within the IoT network to access and manipulate data. At the same time, the continuity and mutability were introduced to make the access control mechanism more flexible.