Per-user Access Control Framework for Link Connectivity and Network Bandwidth

Recently, a wide variety of Internet of Things (IoT) devices and their corresponding IoT applications have emerged. Such IoT applications have adopted some access control mechanisms on the IoT devices, but they do not consider access control of network connectivity to the IoT devices. In addition, since network resources such as links and bandwidth are used by a variety of users, access control must consider the security requirements and the attributes of users. In this chapter, we propose a per-user access control framework to network bandwidth and links as network resources. The proposed framework aims to control network connectivity to resources including IoT devices using network programmability achieved by software defined networking (SDN). To realize fine-grained access control, we have built an access control framework based on a role based access control (RBAC) concept. In the evaluation, we investigated the feasibility and practicality of the proposed framework under different experimental scenarios. The simulation results show the proposed framework provides fine-grained dynamic access control based on user roles. Moreover, we found that the impact of authentication and authorization is small under our scenarios.