Abstract
•A PCA-PD is introduced to improve security and privacy of the IoT application users.•It permits access control depending on the application usage and information request.•The delegation of access is ensured based on trust and shared keying model.•It is capable of achieving control level, less time, classification & success rate.
Internet of Things (IoT) provides decentralized, distributed, and pervasive access to resources and services through heterogeneous device interactions. IoT platform is large and capable of handling huge volumes of data, users, resources, etc. This requires more sophisticated security measures. In this manuscript, a pervasive controlled access method with privacy delegation (PCA-PD) is introduced to improve IoT application users’ security and privacy. The proposed method permits differential access control depending on the application usage and information request. The delegation of access is ensured based on trust and a shared keying model valid within the access session. In this method, information and time-based classification are performed to differentiate the access instance and information shared between the applications and IoT services. This helps to prevent security backtracking and request regeneration and also a failure in responses. The classification is performed independently, depending on the previous behavior of the application with the service provider. The proposed method’s experimental analysis shows that it can achieve high access control level, less delegation time, improved application classification, and success rate.