Research On Fine-Grained Access Control Model In Social Internet Of Things

In recent years,the application technology of the Internet of Things has developed vigorously,and human society is striding forward in the direction of "Internet of Things".People’s life has also become more intelligent,convenient and diversified.The rapid integration and development of social network and Internet of Things technology has created a new field-Social Internet of Things.Meanwhile,new security issues have arisen,such as the vulnerability of intelligent devices to malicious attacks and hijacking,resulting in major property losses.As an important security technology in the field of information security,access control technology can identify malicious users and malicious behaviors by analyzing the attribute characteristics of both sides of the interaction,and grant users the type and quantity of permissions in a fine-grained manner,so as to ensure the secure interaction of data or resources in a multi-level and multi-angle manner.Therefore,applying access control techniques to extract inter-user attribute features of the Social Internet of Things,quantify inter-user attribute values such as trust and risk,and ensure the internal security of the Social Internet of Things systems has become an effective means of securing the Internet of Things.Nowadays,many emerging access control technologies are focused on cloud environments or the Internet of Things,while relatively little research has been conducted on access control models in the Social Internet of Things.Compared with the characteristics of traditional information networks,users in the Social Internet of Things are no only people.in the traditional sense,but include things or devices with social attributes,which makes most of the current access control models unable to be directly used in the Social Internet of Things.How to implement effective access control and grant reasonable access to users who integrate social attributes The collection of permissions has become an urgent problem to be solved.Therefore,this paper studies the access control in Social Internet of Things from the following two perspectives.(1)To address the lack of an effective and secure access control model for interactive access between objects in the Social Internet of Things.Firstly,this paper proposes a trust assessment model based on social trust and user behavior trust by combining access control technology and social network technology,extracting social attribute information,and sensing spatio-temporal attributes and other scene characteristics.The trust value between users as an important basis for access authorization policy.Secondly,extracts risk feature attributes for Social Internet of Things scene characteristics,and implements effective risk assessment.Finally,the model improves the security of Social Internet of Things by integrating trust and risk attributes into security attributes,and setting reasonable security thresholds according to scene demand characteristics.(2)To address the problems of poor dynamic adaptiveness and authorization accuracy in the Social Internet of Things access control model.Firstly,we start from the trust attribute in the Social Internet of Things,combine the idea of zero trust,introduce adaptive weighting factors,and implement dynamic trust evaluation and reward and punishment measures.Secondly,the model solves the problem of insufficient accuracy of authorization in access control by applying bayesian decision theory to authorization decisions.Finally,the model enables fine-grained authorization based on activity level and number of permissions by establishing access constraints between trust and activity.This paper proposes an access control model for SIo T,which helps to implement access control at a fine-grained level.The model improves the security of the SIo T and has important implications for the maintenance of Io T security.