In this paper we present a flexible and adaptable context-based authorization model for protecting IoT’s resources. We develop two lightweight Web Ontology Language (OWL) ontologies. CTX-Lite ontology serves as a core ontology for context handling. CBAC ontology is used for modeling access control policy requirements. In our approach, access authorization decision is made based on the context of the request. We have separated context operations from access authorization operations to reduce processing time for IoT devices. We show in this paper how ontologies and logic programming rules can be combined to support flexible and adaptive access control decisions. We have developed a proof of concept implementation to demonstrate our work.

Published in: Internet Technology and Secured Transactions (ICITST-2018)

• Date of Conference: 10-13 December 2018
• DOI: 10.2053/ICITST.WorldCIS.WCST.WCICSS.2018.0008
• ISBN: 978-1-908320-94-0
• Conference Location: University of Cambridge, Churchill College