Exploratory Analysis of Access Control Mechanisms for Cloud-Based Iot

Full Text (PDF, 435KB), PP.39-46

Views: 0 Downloads: 0


Keerti Naregal 1,* Vijay Kalmani 1

1. Jain college of engineering, Computer Science, Belagavi 590014, India

* Corresponding author.

DOI: https://doi.org/10.5815/ijeme.2023.03.05

Received: 23 Dec. 2022 / Revised: 21 Jan. 2023 / Accepted: 6 Mar. 2023 / Published: 8 Jun. 2023

Index Terms

Cloud based-IoT, Attribute-based Encryption, lightweight, access control mechanism, privacy


Computing as a utility has been possible with cloud computing technology. Another technology that has evolved with the internet and has become an inseparable part of our lives is the internet of things (IoT). With the growing use of IoT devices, the data generated and used by them is increasing tremendously, and resource-constrained IoT devices can make use of the cloud for data and computing needs. When IoT and cloud converge there are security and privacy issues as the cloud is a shared resource. Access control mechanisms play an important role in maintaining the security of users' data. Attribute-based encryption provides fine-grained access to data, thus ensuring selective access to data. We review the literature on access control mechanisms for cloud-based IoT and provide an analysis of their strengths and weaknesses. We present a comparison of the mechanisms, highlighting the challenges and open research questions in the field of cloud-based IoT access control and provide suggestions for future research and development. Our findings contribute to the understanding of access control mechanisms for cloud-based IoT and provide insights for their selection and deployment in real-world scenarios.

Cite This Paper

Keerti Naregal, Vijay Kalmani, "Exploratory Analysis of Access Control Mechanisms for Cloud-Based Iot", International Journal of Education and Management Engineering (IJEME), Vol.13, No.3, pp. 39-46, 2023. DOI:10.5815/ijeme.2023.03.05


[1]Access Control in Internet-of-Things: A Survey(Sowmya Ravidasa,∗ , AlexiosLekidisa , Federica Pacib , Nicola Zannonea)
[2]Namasudra, S., & Roy, P. (2016). Secure and efficient data access control in cloud computing environment: A survey. Multiagent and Grid Systems, 12(2), 69-90.
[3]M. Armbrust, A. Fox, R. Griffith, A.D. Joseph, R. Katz, A. Konwinski et al., A view of cloud computing, Commun of the ACM 53(4) (2010), 50–58
[4]L. Savu, "Cloud Computing: Deployment Models, Delivery Models, Risks and Research Challenges," 2011 International Conference on Computer and Management (CAMAN), 2011, pp. 1-4, DOI: 10.1109/CAMAN.2011.5778816.
[5]Subashini S, Kavitha V. A survey on security issues in service delivery models of cloud computing. J NetwComput Appl. 2011;34(1):1-11.
[6]Dimitrios Zissis, Dimitrios Lekkas, Addressing cloud computing security issues, Future Generation Computer Systems, Volume 28, Issue 3,2012,Pages 583-592,ISSN 0167-739X,https://doi.org/10.1016/j.future.2010.12.006
[7]National Institute of Standards and Technology, The NIST Definition of Cloud Computing, Information Technology Laboratory, 2009.
[8]Jurcut, A. D., Ranaweera, P., & Xu, L. (2020). Introduction to IoT security. IoT security: advances in authentication, 27-64.
[9]Perera, C., Zaslavsky, A., Christen, P., & Georgakopoulos, D. (2013). Context aware computing for the internet of things: A survey. IEEE communications surveys & tutorials, 16(1), 414-454.
[10]Liyanage, M., Braeken, A., Kumar, P., & Ylianttila, M. (Eds.). (2020). IoT security: Advances in authentication. John Wiley & Sons.
[11]Babu, S. M., Lakshmi, A. J., & Rao, B. T. (2015, April). A study on cloud-based Internet of Things: CloudIoT. In 2015 global conference on communication technologies (GCCT) (pp. 60-65). IEEE.
[12]Naregal, K., &Kalmani, V. H. (2022). Need for Lightweight Attribute-Based Encryption (ABE) for Cloud-Based IoT. In Handbook of Research of Internet of Things and Cyber-Physical Systems (pp. 265-278). Apple Academic Press.
[13]Suhendra, V. (2011, December). A survey on access control deployment. In International conference on security technology (pp. 11-20). Springer, Berlin, Heidelberg.
[14]Ferraiolo, D. F., Sandhu, R., Gavrila, S., Kuhn, D. R., & Chandramouli, R. (2001). Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC), 4(3), 224-274.
[15]Sahai, A., & Waters, B. (2005). Advances in Cryptology-EUROCRYPT 2005. Lect Notes in Comput Sci, 3494, 457-473.
[16]Kumar, P., & Alphonse, P. J. A. (2018). Attribute based encryption in cloud computing: A survey, gap analysis, and future directions. Journal of Network and Computer Applications, 108, 37-52.
[17]Belguith, S., Kaaniche, N., & Russello, G. (2018, July). PU-ABE: Lightweight attribute-based encryption supporting access policy update for cloud assisted IoT. In 2018 IEEE 11th International Conference on Cloud Computing (CLOUD) (pp. 924-927). IEEE.
[18]Banerjee, S., Roy, S., Odelu, V., Das, A. K., Chattopadhyay, S., Rodrigues, J. J., & Park, Y. (2020). Multi-Authority CP-ABE-Based user access control scheme with constant-size key and ciphertext for IoT deployment. Journal of Information Security and Applications, 53, 102503.
[19]Zhang, Y., He, D., & Choo, K. K. R. (2018). BaDS: Blockchain-based architecture for data sharing with ABS and CP-ABE in IoT. Wireless Communications and Mobile Computing, 2018.
[20]Touati, L., &Challal, Y. (2016, May). Collaborative kp-abe for cloud-based internet of things applications. In 2016 IEEE International Conference on Communications (ICC) (pp. 1-7). IEEE.
[21]Nasiraee, H., &Ashouri-Talouki, M. (2020). Anonymous decentralized attribute-based access control for cloud-assisted IoT. Future Generation Computer Systems, 110, 45-56.
[22]Xiong, S., Ni, Q., Wang, L., & Wang, Q. (2020). SEM-ACSIT: secure and efficient multiauthority access control for IoT cloud storage. IEEE Internet of Things Journal, 7(4), 2914-2927.
[23]Kalmani, V. H., Goyal, D., & Singla, S. An Efficient and Secure Solution for Attribute Revocation Problem Utilizing CP-ABE Scheme in Mobile Cloud Computing. International Journal of Computer Applications, 975, 8887.