The Data Security for Internet applications research group deals with security methods for the regulation of access to resources and their use in distributed environments with heterogeneous characteristics.
Data Security for Internet applications is divided into two projects: ABAC4REST and DAC4IoT.
ABAC4REST deals with the efficient design of attribute-based access control for RESTful Services.
The DAC4IoT project deals with the problems of access control in the context of the Internet of Things and drafts appropriate solutions.
The DAC4IoT project deals with the problems presented by access control in the context of the Internet of Things and drafts appropriate solutions.
The progressive miniaturization of computer-based devices and the opportunity to monitor environments and have tasks carried out autonomously, is revolutionizing the way we live, learn and work today and will continue to do so in the future. Cyber-physical systems with the ability to communicate in various ways form the Internet of Things (IoT). IoT is a paradigm which is already being used as backbone technology for various application domains, for example, for Industry 4.0 or smart homes. To avoid unauthorized access to devices, the rights of the person seeking access must be checked. Although centralized access control is one such strategy, it avoids direct communication between devices and thus differs from the intended IoT paradigm.
In the DAC4IoT project, the focus is on the efficient distribution of access control systems and their components in the Internet of Things. The often unused calculation resources of the IoT devices are used to enable direct communication as intended in the IoT paradigm.
The ABAC4REST project deals with the efficient planning of attribute-based access control for RESTful Services. Attribute-based access control allows the planning of flexible and variable access guidelines, which makes it an excellent candidate to become the dominant access contol model of the future. The current state of technology is mainly based on generic mechanisms which replace the attribute-based model using compositional evaluation mechanisms.
The ABAC4REST project will examine in particular the suitability of the index-based evaluation mechanism compared to compositional mechanisms. Index-based evaluation mechanisms can be used in environments which use unique keys within an interaction. The interaction with RESTful Services for example is based among other things on the use of unique addresses (URIs). The use of this key makes it possible to copy the index-based process, enabling a more efficient evaluation. This is especially interesting when dealing with large amounts of data. A further aim of the project, besides the investigation of index-based evaluation mechanisms, is the development of a suitable language and an appropriate interpreter.
Schreier Access Control
|Marc Hüffmeyer, Florian Haupt, Frank Leymann, Ulf Schreier||Authorization-aware HATEOAS||CLOSER 2018: proceedings of the 8th International Conference on Cloud Computing and Services Science: Funchal, Madeira, Portugal, March 19-21, 2018, pp. 78-89, 2018||BibTeX | RIS |
|Tobias Straub, Ulf Schreier||Distributed Access Control for the Internet of Things||IBM Research Report: Papers From the 12th Advanced Summer School on Service-Oriented Computing (SummerSOC’18), pp. 22-30, 2018||BibTeX | RIS |
|Marc Hüffmeyer, Pascal Hirmer, Bernhard Mitschang, Ulf Schreier, Matthias Wieland||Situation-Aware Access Control for Industrie 4.0||Information Systems Security and Privacy: Third International Conference, ICISSP 2017, Porto, Portugal, February 19-21, 2017, Revised Selected Papers, pp. 59-83, 2018||BibTeX | RIS |
|Philipp Montesano, Marc Hüffmeyer, Ulf Schreier||Outsourcing Access Control for a Dynamic Access Configuration of IoT Services||Proceedings of the 2nd International Conference on Internet of Things, Big Data and Security: Volume 1 IoTBDS, April 24-26, 2017, in Porto, Portugal, pp. 59-69, 2017||BibTeX | RIS |
|Marc Hüffmeyer, Pascal Hirmer, Bernhard Mitschang, Ulf Schreier, Matthias Wieland||SitAC – A System for Situation-aware Access Control - Controlling Access to Sensor Data||Proceedings of the 3rd International Conference on Information Systems Security and Privacy: Volume 1: ICISSP, February 19-21, 2017, in Porto, Portugal, pp. 113-125, 2017||BibTeX | RIS |
|Marc Hüffmeyer, Ulf Schreier||Analysis of an Access Control System for RESTful Services||Web Engineering: 16th International Conference, ICWE 2016, Lugano, Switzerland, June 6-9, 2016. Proceedings, pp. 373-380, 2016||BibTeX | RIS |
|Marc Hüffmeyer, Ulf Schreier||Designing Efficient XACML Policies for RESTful Services||Web Services, Formal Methods, and Behavioral Types: 11th International Workshop, WS-FM 2014, Eindhoven, The Netherlands, September 11-12, 2014, and 12th International Workshop, WS-FM/BEAT 2015, Madrid, Spain, September 4-5, 2015, pp. 86-100, 2016||BibTeX | RIS |
|Marc Hüffmeyer, Ulf Schreier||Formal Comparison of an Attribute Based Access Control Language for RESTful Services with XACML||SACMAT '16: Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, Shanghai, China — June 06 - 08, 2016, pp. 171-178, 2016||BibTeX | RIS |
|Marc Hüffmeyer, Ulf Schreier||RestACL - An Attribute Based Access Control Language for RESTful Services||ABAC '16 Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control, New Orleans, Louisiana, USA — March 11 - 11, 2016, pp. 58-67, 2016||BibTeX | RIS |
|Marc Hüffmeyer, Ulf Schreier||An Attribute Based Access Control Model for RESTful Services||SummerSOC ’15 - Proceedings of the 9th Symposium and SummerSchool on Service-Oriented Computing,2015, pp. 98-112, 2015||BibTeX | RIS |
|Marc Hüffmeyer, Ulf Schreier||Efficient Attribute Based Access Control for RESTful Services||Proceedings of the 7th Central European Workshop on Services and their Composition, ZEUS 2015, Jena, pp. 55-62, 2015||BibTeX | RIS |