Authentication and Access Control for Open Messaging Interface Standard

Narges Yousefnezhad; Roman Filippov; Asad Javed; Andrea Buda; Manik Madhikermi; Kary Främling

doi:10.1145/3144457.3144461

Authentication and Access Control for Open Messaging Interface Standard

Narges Yousefnezhad, Roman Filippov, Asad Javed, Andrea Buda, Manik Madhikermi, Kary Främling

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

5 Citations (Scopus)

387 Downloads (Pure)

Abstract

The number of Internet of Things (IoT) vendors is rapidly growing, providing solutions for all levels of the IoT stack. Despite the universal agreement on the need for a standardized technology stack, following the model of the world-wide-web, a large number of industry-driven domain specific standards hinder the development of a single IoT ecosystem. An attempt to solve this challenge is the introduction of O-MI (Open Messaging Interface) and O-DF (Open Data Format), two domain independent standards published by Open Group. Despite their good compatibility, they define no specific security model. This paper takes the first step of defining a security model for these standards by proposing suitable access control and authentication mechanisms that can regulate the rights of different principles and operations defined in these standards. First, a brief introduction is provided of the O-MI and O-DF standards, including a comparison with existing standards. Second, the envisioned security model is presented, together with the implementation details of the plug-in module developed for the O-MI and O-DF reference implementation.

Original language	English
Title of host publication	14th EAI International Conference on Mobile and Ubiquitous Systems
Subtitle of host publication	Computing, Networking and Services, MobiQuitous 2017
Place of Publication	Melbourne
Publisher	ACM
Pages	20-27
Number of pages	8
ISBN (Print)	9781450353687
DOIs	https://doi.org/10.1145/3144457.3144461
Publication status	Published - 7 Nov 2017
MoE publication type	A4 Conference publication
Event	International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services - RMIT University, Melbourne, Australia Duration: 7 Nov 2017 → 10 Nov 2017 Conference number: 14 http://mobiquitous.org/

Conference

Conference	International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services
Abbreviated title	MobiQuitous
Country/Territory	Australia
City	Melbourne
Period	07/11/2017 → 10/11/2017
Internet address	http://mobiquitous.org/

Keywords

Internet of Things
Open Messaging Interface (O-MI)
Open Data Format (O-DF)
Messaging Standards
User Authentication
Access Control
Security
Certificate

Access to Document

10.1145/3144457.3144461

OMIsecModule17Accepted author manuscript, 1.12 MB

OpenUrl availability

Full text

Cite this

@inproceedings{46c71abd9a314083a6e94bffc0c9368e,

title = "Authentication and Access Control for Open Messaging Interface Standard",

abstract = "The number of Internet of Things (IoT) vendors is rapidly growing, providing solutions for all levels of the IoT stack. Despite the universal agreement on the need for a standardized technology stack, following the model of the world-wide-web, a large number of industry-driven domain specific standards hinder the development of a single IoT ecosystem. An attempt to solve this challenge is the introduction of O-MI (Open Messaging Interface) and O-DF (Open Data Format), two domain independent standards published by Open Group. Despite their good compatibility, they define no specific security model. This paper takes the first step of defining a security model for these standards by proposing suitable access control and authentication mechanisms that can regulate the rights of different principles and operations defined in these standards. First, a brief introduction is provided of the O-MI and O-DF standards, including a comparison with existing standards. Second, the envisioned security model is presented, together with the implementation details of the plug-in module developed for the O-MI and O-DF reference implementation.",

keywords = "Internet of Things, Open Messaging Interface (O-MI), Open Data Format (O-DF), Messaging Standards, User Authentication, Access Control, Security, Certificate",

author = "Narges Yousefnezhad and Roman Filippov and Asad Javed and Andrea Buda and Manik Madhikermi and Kary Fr{\"a}mling",

note = "| openaire: EC/H2020/688203/EU//BIoTope ; International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, MobiQuitous ; Conference date: 07-11-2017 Through 10-11-2017",

year = "2017",

month = nov,

day = "7",

doi = "10.1145/3144457.3144461",

language = "English",

isbn = "9781450353687",

pages = "20--27",

booktitle = "14th EAI International Conference on Mobile and Ubiquitous Systems",

publisher = "ACM",

address = "United States",

url = "http://mobiquitous.org/",

}

Yousefnezhad, N, Filippov, R, Javed, A, Buda, A, Madhikermi, M & Främling, K 2017, Authentication and Access Control for Open Messaging Interface Standard. in 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, MobiQuitous 2017. ACM, Melbourne, pp. 20-27, International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, Melbourne, Victoria, Australia, 07/11/2017. https://doi.org/10.1145/3144457.3144461

Authentication and Access Control for Open Messaging Interface Standard. / Yousefnezhad, Narges; Filippov, Roman; Javed, Asad et al.
14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services, MobiQuitous 2017. Melbourne: ACM, 2017. p. 20-27.

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - Authentication and Access Control for Open Messaging Interface Standard

AU - Yousefnezhad, Narges

AU - Filippov, Roman

AU - Javed, Asad

AU - Buda, Andrea

AU - Madhikermi, Manik

AU - Främling, Kary

N1 - Conference code: 14

PY - 2017/11/7

Y1 - 2017/11/7

N2 - The number of Internet of Things (IoT) vendors is rapidly growing, providing solutions for all levels of the IoT stack. Despite the universal agreement on the need for a standardized technology stack, following the model of the world-wide-web, a large number of industry-driven domain specific standards hinder the development of a single IoT ecosystem. An attempt to solve this challenge is the introduction of O-MI (Open Messaging Interface) and O-DF (Open Data Format), two domain independent standards published by Open Group. Despite their good compatibility, they define no specific security model. This paper takes the first step of defining a security model for these standards by proposing suitable access control and authentication mechanisms that can regulate the rights of different principles and operations defined in these standards. First, a brief introduction is provided of the O-MI and O-DF standards, including a comparison with existing standards. Second, the envisioned security model is presented, together with the implementation details of the plug-in module developed for the O-MI and O-DF reference implementation.

AB - The number of Internet of Things (IoT) vendors is rapidly growing, providing solutions for all levels of the IoT stack. Despite the universal agreement on the need for a standardized technology stack, following the model of the world-wide-web, a large number of industry-driven domain specific standards hinder the development of a single IoT ecosystem. An attempt to solve this challenge is the introduction of O-MI (Open Messaging Interface) and O-DF (Open Data Format), two domain independent standards published by Open Group. Despite their good compatibility, they define no specific security model. This paper takes the first step of defining a security model for these standards by proposing suitable access control and authentication mechanisms that can regulate the rights of different principles and operations defined in these standards. First, a brief introduction is provided of the O-MI and O-DF standards, including a comparison with existing standards. Second, the envisioned security model is presented, together with the implementation details of the plug-in module developed for the O-MI and O-DF reference implementation.

KW - Internet of Things

KW - Open Messaging Interface (O-MI)

KW - Open Data Format (O-DF)

KW - Messaging Standards

KW - User Authentication

KW - Access Control

KW - Security

KW - Certificate

U2 - 10.1145/3144457.3144461

DO - 10.1145/3144457.3144461

M3 - Conference contribution

SN - 9781450353687

SP - 20

EP - 27

BT - 14th EAI International Conference on Mobile and Ubiquitous Systems

PB - ACM

CY - Melbourne

T2 - International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services

Y2 - 7 November 2017 through 10 November 2017

ER -

Authentication and Access Control for Open Messaging Interface Standard

Abstract

Conference

Keywords

Access to Document

OpenUrl availability

Fingerprint

Cite this