CoAP option for capability-based access control for IoT-applications

Borting Chen, Mesut Güneş, Yu-Lun Huang

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

3 Scopus citations

Abstract

Access control is critical for many applications of the Internet of Things (IoT) since the owner of an IoT device (and application) may only permit one user to access a subset of the resources of the device. To provide access control for an IoT network, recent work adopted the capability-based access control (CBAC) model, which allows an IoT device to decide on the authorization by itself based on a capability token. However, the existing approaches based on CBAC directly attach the capability token at the end of CoAP when sending a request message. For the receiver, it is not easy to retrieve the capability token from the request message if the CoAP payload is present, because CoAP does not have a length field to indicate the size of its payload. To counter this problem, we propose a CoAP option, Cap-Token, to encapsulate a capability token when sending request messages. Because a CoAP option is independent from other CoAP fields, a receiver can get the capability token from the Cap-Token option of the request message without ambiguity. We also provide a compression mechanism to reduce the size of the Cap-Token option. Our evaluation shows that the compression mechanism can save the size of the option by 60%. Adding a compressed Cap-Token option to a request message increases the IP datagram size by 45 bytes, which is only 41% of the increase when directly attaching the capability token at the end of CoAP.

Original languageEnglish
Title of host publicationIoTBD 2016 - Proceedings of the International Conference on Internet of Things and Big Data
EditorsVictor Chang, Muthu Ramachandran, Victor Mendez Munoz, Gary Wills, Robert Walters
PublisherSciTePress
Pages266-274
Number of pages9
ISBN (Electronic)9789897581830
DOIs
StatePublished - 1 Jan 2016
EventInternational Conference on Internet of Things and Big Data, IoTBD 2016 - Rome, Italy
Duration: 23 Apr 201625 Apr 2016

Publication series

NameIoTBD 2016 - Proceedings of the International Conference on Internet of Things and Big Data

Conference

ConferenceInternational Conference on Internet of Things and Big Data, IoTBD 2016
CountryItaly
CityRome
Period23/04/1625/04/16

Keywords

  • Capability-based access control
  • Internet of Things
  • Network security

Fingerprint Dive into the research topics of 'CoAP option for capability-based access control for IoT-applications'. Together they form a unique fingerprint.

Cite this