Research group: Data Security for Internet Applications (DataSec)

The Data Security for Internet applications research group deals with security methods for the regulation of access to resources and their use in distributed environments with heterogeneous characteristics.
Data Security for Internet applications is divided into two projects: ABAC4REST and DAC4IoT.

ABAC4REST deals with the efficient design of attribute-based access control for RESTful Services.

The DAC4IoT project deals with the problems of access control in the context of the Internet of Things and drafts appropriate solutions.

Projects:

DAC4IoT

Distributed Access Control for the Internet of Things (from 2018)

The DAC4IoT project deals with the problems presented by access control in the context of the Internet of Things and drafts appropriate solutions.

The progressive miniaturization of computer-based devices and the opportunity to monitor environments and have tasks carried out autonomously, is revolutionizing the way we live, learn and work today and will continue to do so in the future. Cyber-physical systems with the ability to communicate in various ways form the Internet of Things (IoT). IoT is a paradigm which is already being used as backbone technology for various application domains, for example, for Industry 4.0 or smart homes. To avoid unauthorized access to devices, the rights of the person seeking access must be checked. Although centralized access control is one such strategy, it avoids direct communication between devices and thus differs from the intended IoT paradigm.

In the DAC4IoT project, the focus is on the efficient distribution of access control systems and their components in the Internet of Things. The often unused calculation resources of the IoT devices are used to enable direct communication as intended in the IoT paradigm.

ABAC4REST

Attribute-based Access Control for Representational State Transfer (2015 to 2018)

The ABAC4REST project deals with the efficient planning of attribute-based access control for RESTful Services. Attribute-based access control allows the planning of flexible and variable access guidelines, which makes it an excellent candidate to become the dominant access contol model of the future. The current state of technology is mainly based on generic mechanisms which replace the attribute-based model using compositional evaluation mechanisms.

The ABAC4REST project will examine in particular the suitability of the index-based evaluation mechanism compared to compositional mechanisms. Index-based evaluation mechanisms can be used in environments which use unique keys within an interaction. The interaction with RESTful Services for example is based among other things on the use of unique addresses (URIs). The use of this key makes it possible to copy the index-based process, enabling a more efficient evaluation. This is especially interesting when dealing with large amounts of data. A further aim of the project, besides the investigation of index-based evaluation mechanisms, is the development of a suitable language and an appropriate interpreter.

Contact details

Publications

Schreier Access Control

2018 | 2017 | 2016 | 2015

2018

Marc Hüffmeyer, Florian Haupt, Frank Leymann, Ulf Schreier Authorization-aware HATEOAS
Tobias Straub, Ulf Schreier Distributed Access Control for the Internet of Things
Marc Hüffmeyer, Pascal Hirmer, Bernhard Mitschang, Ulf Schreier, Matthias Wieland Situation-Aware Access Control for Industrie 4.0

2017

Philipp Montesano, Marc Hüffmeyer, Ulf Schreier Outsourcing Access Control for a Dynamic Access Configuration of IoT Services
Marc Hüffmeyer, Pascal Hirmer, Bernhard Mitschang, Ulf Schreier, Matthias Wieland SitAC – A System for Situation-aware Access Control - Controlling Access to Sensor Data

2016

Marc Hüffmeyer, Ulf Schreier Analysis of an Access Control System for RESTful Services
Marc Hüffmeyer, Ulf Schreier Designing Efficient XACML Policies for RESTful Services
Marc Hüffmeyer, Ulf Schreier Formal Comparison of an Attribute Based Access Control Language for RESTful Services with XACML
Marc Hüffmeyer, Ulf Schreier RestACL - An Attribute Based Access Control Language for RESTful Services

2015

Marc Hüffmeyer, Ulf Schreier An Attribute Based Access Control Model for RESTful Services
Marc Hüffmeyer, Ulf Schreier Efficient Attribute Based Access Control for RESTful Services