IEEE Access (Jan 2017)
An Access Control Model for Resource Sharing Based on the Role-Based Access Control Intended for Multi-Domain Manufacturing Internet of Things
Abstract
Manufacturing Internet of Things (MIoT) represents the manufacturing oriented to Internet of Things with two important characteristics, resource sharing and process collaboration. Access control in resource sharing is very important for MIoT operation safety. This paper presents an access control model for resource sharing based on the role-based access control intended for multidomain MIoT. In multidomain systems, in order to response on the assigning request for permission for the certain role from the certain user, an authority action sequence named the authorization route is employed to determine an appropriate authorization state. In this paper, the best authorization route with the least spread of permissions is defined as an optimal authorization route. We employed an intelligent planning theory to model the authorization route problem and to develop a solution algorithm called PGAO*, which can support external evaluation of both single-goal-role authorization routes and multi-goal-role authorization routes. In addition, some simple policies for solving the authorization route problem are presented. The proposed access control model provides a quick and efficient authorization decision support for administrators in collaborative domain and ensures a secure access in resource sharing in MIoT.
Keywords