https://diprlab.github.io/author/steve-willoughby/Steve WilloughbyHugo Blox Builder (https://hugoblox.com)en-usWed, 26 Nov 2025 00:00:00 +0000https://diprlab.github.io/author/steve-willoughby/avatar_hu_191806ddf7001ec9.pnghttps://diprlab.github.io/author/steve-willoughby/https://diprlab.github.io/project/pubsubcontrol/Wed, 26 Nov 2025 00:00:00 +0000https://diprlab.github.io/project/pubsubcontrol/<p>High-volume publish/subscribe (pub/sub) systems include collections of hardware and software components such as IoT sensors and the protocols that connect them. Many of these have heretofore lacked robust security and privacy controls by default despite there being significant security, safety, and privacy implications driving the need to control access to the data they generate and manage.</p> <p>Examples of such pub/sub-based systems are those which power critical systems from smart buildings and factories to full city-wide device networks. In this project, we are developing a fine-grained access control model and enforcement mechanism to address this gap. Our proposed FGAC model builds upon Attribute-Based Access Control (ABAC) defining access rules based on the MQTT protocol message &ldquo;topics&rdquo;, attributes of the subscribers and publishers to those topics, as well as ephemeral and per-message context information.</p> <p>Our framework is platform-agnostic and we implement the prototype for our experiments based on an off-the-shelf open source MQTT pub/sub system without altering the base code of that server itself.</p>https://diprlab.github.io/dbrg/events/2025/spring/08/Fri, 23 May 2025 00:00:00 +0000https://diprlab.github.io/dbrg/events/2025/spring/08/<table> <tr> <td> Title </td> <td> Highly Efficient and Scalable Access Control Mechanism for IoT Devices in Pervasive Environments </td> </tr> <tr> <td> Authors </td> <td> Alian Yu, Jian Kang, Wei Jiang and Dan Lin </td> </tr> <tr> <td> Abstract </td> <td> With the continuous advancement of sensing, networking, controlling, and computing technologies, there is a growing number of IoT (Internet of Things) devices emerging that are expected to integrate into public infrastructure in the near future. However, the deployment of these smart devices in public venues presents new challenges for existing access control mechanisms, particularly in terms of efficiency. To address these challenges, we have developed a highly efficient and scalable access control mechanism that enables automatic and fine-grained access control management while incurring low overhead in large-scale settings. Our mechanism includes a dual-hierarchy access control structure and associated information retrieval algorithms, which we have used to develop a large-scale IoT device access control system called FACT+. FACT+ overcomes the efficiency issues of granting and inquiring access control status over millions of devices in pervasive environments. Additionally, our system offers a pay-and-consume scheme and plug-and-play device management for convenient adoption by service providers. We have conducted extensive experiments to demonstrate the practicality, effectiveness, and efficiency of our access control mechanism. </td> </tr> </table>