Show simple item record

dc.contributor.authorAtlam, Hany F.
dc.contributor.authorWills, Gary
dc.identifier.citationAtlam, H. F., Wills, G. B (2019). 'An efficient security risk estimation technique for risk-based access control model for IoT'. Internet of Things, 6, pp, 1-20. DOI: 0.1016/j.iot.2019.100052.en_US
dc.description.abstractThe need to increase information sharing in the Internet of Things (IoT) applications made the risk-based access control model to be the best candidate for both academic and com- mercial organizations. Risk-based access control model carries out a security risk analysis on the access request by using IoT contextual information to provide access decisions dy- namically. Unlike current static access control approaches that are based on predefined policies and give the same result in different situations, this model provides the required flexibility to access system resources and works well in unexpected conditions and situa- tions of the IoT system. One of the main issues to implement this model is to determine the appropriate risk estimation technique that is able to generate accurate and realistic risk values for each access request to determine the access decision. Therefore, this paper pro- poses a risk estimation technique which integrates the fuzzy inference system with expert judgment to assess security risks of access control operations in the IoT system. Twenty IoT security experts from inside and outside the UK were interviewed to validate the proposed risk estimation technique and build the fuzzy inference rules accurately. The proposed risk estimation approach was implemented and simulated using access control scenarios of the network router. In comparison with the existing fuzzy techniques, the proposed technique has demonstrated it produces precise and realistic values in evaluating security risks of access control operations in the IoT context.en_US
dc.rightsAttribution 4.0 International*
dc.subjectSecurity risken_US
dc.subjectRisk estimationen_US
dc.subjectInternet of Thingsen_US
dc.subjectRisk-based access control modelen_US
dc.subjectFuzzy logic systemen_US
dc.titleAn efficient security risk estimation technique for Risk-based access control model for IoTen_US
dc.contributor.departmentUniversity of Southamptonen_US
dc.identifier.journalInternet of Thingsen_US

Files in this item

Publisher version

This item appears in the following Collection(s)

Show simple item record

Attribution 4.0 International
Except where otherwise noted, this item's license is described as Attribution 4.0 International